[Git][security-tracker-team/security-tracker][master] Update status for xar which has re-entered the archive

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Feb 12 15:31:40 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f4f27157 by Salvatore Bonaccorso at 2025-02-12T16:31:11+01:00
Update status for xar which has re-entered the archive

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -542865,9 +542865,9 @@ CVE-2017-11126 (The III_i_stereo function in libmpg123/layer3.c in mpg123 throug
 	- mpg123 1.25.3-1 (unimportant)
 	NOTE: no security impact
 CVE-2017-11125 (libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_p ...)
-	- xar <removed>
+	- xar <unfixed>
 CVE-2017-11124 (libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unser ...)
-	- xar <removed>
+	- xar <unfixed>
 CVE-2017-11123
 	RESERVED
 CVE-2017-11122 (On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can t ...)
@@ -710288,7 +710288,7 @@ CVE-2010-3800 (Apple QuickTime before 7.6.9 allows remote attackers to execute a
 CVE-2010-3799
 	REJECTED
 CVE-2010-3798 (Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x before 10.6 ...)
-	- xar <removed>
+	- xar <unfixed>
 	[lenny] - xar <no-dsa> (Minor issue)
 CVE-2010-3797 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac O ...)
 	NOT-FOR-US: Apple Wiki Server
@@ -721811,7 +721811,7 @@ CVE-2010-0057 (AFP Server in Apple Mac OS X before 10.6.3 does not prevent guest
 CVE-2010-0056 (Buffer overflow in Cocoa spell checking in AppKit in Apple Mac OS X 10 ...)
 	NOT-FOR-US: Apple AppKit
 CVE-2010-0055 (xar in Apple Mac OS X 10.5.8 does not properly validate package signat ...)
-	- xar <removed> (bug #572556)
+	- xar <unfixed> (bug #572556)
 	[lenny] - xar <no-dsa> (Minor issue)
 CVE-2010-0054 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 al ...)
 	- chromium-browser 6.0.466.0~r52279-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4f27157b6cba3e35c2986c45e4483ef1fdb6db6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4f27157b6cba3e35c2986c45e4483ef1fdb6db6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250212/7b75225a/attachment.htm>

More information about the debian-security-tracker-commits mailing list