Author: apo
Date: 2016-09-17 19:38:48 +0000 (Sat, 17 Sep 2016)
New Revision: 44696

Modified:
   data/CVE/list
Log:
CVE-2016-7410, dwarfutils: Add note for Jessie

that dwarfutils in Jessie shows no heap-based overflow with the reproducer
which is why the CVE was assigned in the first place.

The information is still correct and should be noted in the security tracker.


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-09-17 19:31:11 UTC (rev 44695)
+++ data/CVE/list       2016-09-17 19:38:48 UTC (rev 44696)
@@ -2298,6 +2298,7 @@
        - dwarfutils <unfixed> (bug #838019)
        [wheezy] - dwarfutils <not-affected> (reproducer shows no errors with 
valgrind)
        NOTE: http://seclists.org/oss-sec/2016/q3/490
+       NOTE: Reproducer does not show any errors (heap-based overflow) for 
Jessie version too.
 CVE-2016-7409
        RESERVED
        - dropbear 2016.74-1


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to