Author: carnil
Date: 2016-05-13 05:20:49 +0000 (Fri, 13 May 2016)
New Revision: 41698
Modified:
data/CVE/list
Log:
Add bugreport for CVE-2016-233{4,5}
Note for reviewers: the code in the p7zip might be affected as well
although TALOS report mentions only 7zip. Better on the safe side I
already opened the bug in BTS.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-13 04:59:34 UTC (rev 41697)
+++ data/CVE/list 2016-05-13 05:20:49 UTC (rev 41698)
@@ -6701,13 +6701,13 @@
RESERVED
CVE-2016-2336
RESERVED
-CVE-2016-2335
+CVE-2016-2335 [Out-of-bounds read vuilerability]
RESERVED
- - p7zip <unfixed>
+ - p7zip <unfixed> (bug #824160)
NOTE: http://www.talosintel.com/reports/TALOS-2016-0094/
-CVE-2016-2334
+CVE-2016-2334 [Heap-buffer-overflow vulnerability]
RESERVED
- - p7zip <unfixed>
+ - p7zip <unfixed> (bug #824160)
NOTE: http://www.talosintel.com/reports/TALOS-2016-0093/
CVE-2016-2333 (SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway
devices with ...)
TODO: check
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
