[Git][security-tracker-team/security-tracker][master] Add note on fixes for CVE-2015-464{5,6}/squashfs-tools

Salvatore Bonaccorso carnil at debian.org
Sat Aug 17 20:07:46 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d811016a by Salvatore Bonaccorso at 2019-08-17T19:07:03Z
Add note on fixes for CVE-2015-464{5,6}/squashfs-tools

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -190022,6 +190022,7 @@ CVE-2015-4646 ((1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) uns
 	[squeeze] - squashfs-tools <no-dsa> (Minor issue)
 	NOTE: https://github.com/plougher/squashfs-tools/commit/f95864afe8833fe3ad782d714b41378e860977b1
 	NOTE: https://github.com/plougher/squashfs-tools/commit/ba215d73e153a6f237088b4ecb88c702bb4d4183
+	NOTE: Further more complete fixes went into 1:4.3+git190815-1
 CVE-2015-4645 (Integer overflow in the read_fragment_table_4 function in unsquash-4.c ...)
 	- squashfs-tools 1:4.3-2 (bug #793467)
 	[jessie] - squashfs-tools <no-dsa> (Minor issue)
@@ -190029,6 +190030,7 @@ CVE-2015-4645 (Integer overflow in the read_fragment_table_4 function in unsquas
 	[squeeze] - squashfs-tools <no-dsa> (Minor issue)
 	NOTE: https://github.com/plougher/squashfs-tools/commit/f95864afe8833fe3ad782d714b41378e860977b1
 	NOTE: https://github.com/plougher/squashfs-tools/commit/ba215d73e153a6f237088b4ecb88c702bb4d4183
+	NOTE: Further more complete fixes went into 1:4.3+git190815-1
 CVE-2015-4642 (The escapeshellarg function in ext/standard/exec.c in PHP before 5.4.4 ...)
 	- php5 <not-affected> (Windows specific)
 	NOTE: https://bugs.php.net/bug.php?id=69646



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d811016ad089bea28328b05f1d34ccfe5e570885

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d811016ad089bea28328b05f1d34ccfe5e570885
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190817/05333751/attachment.html>

More information about the debian-security-tracker-commits mailing list