[Secure-testing-commits] r39702 - data/CVE

Salvatore Bonaccorso Mon, 15 Feb 2016 12:59:45 -0800

Author: carnil
Date: 2016-02-15 20:59:29 +0000 (Mon, 15 Feb 2016)
New Revision: 39702


Modified:
   data/CVE/list
Log:
Add notes for CVE-2016-1544/nghttp2

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-02-15 20:52:24 UTC (rev 39701)
+++ data/CVE/list       2016-02-15 20:59:29 UTC (rev 39702)
@@ -2458,9 +2458,12 @@
        RESERVED
 CVE-2016-1545
        RESERVED
-CVE-2016-1544
+CVE-2016-1544 [out of memory error due to unlimited incoming HTTP header 
fields]
        RESERVED
        - nghttp2 1.7.1-1
+       NOTE: Fix spread across multiple commits: 
https://github.com/tatsuhiro-t/nghttp2/compare/v1.7.0...v1.7.1
+       NOTE: Commits between 1.7.0 and 1.7.1 seem almost limited to this 
issue, cf.
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1308461#c3
 CVE-2016-1543
        RESERVED
 CVE-2016-1542


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39702 - data/CVE

Reply via email to