Author: carnil Date: 2016-10-16 05:41:17 +0000 (Sun, 16 Oct 2016) New Revision: 45348
Modified: data/CVE/list Log: Add CVE-2016-8687/libarchive Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-10-16 05:32:54 UTC (rev 45347) +++ data/CVE/list 2016-10-16 05:41:17 UTC (rev 45348) @@ -52,6 +52,11 @@ CVE-2016-8690 [SEGV on unknown address ... bmp_getdata ... bmp_dec.c] - jasper <unfixed> NOTE: CVE ID for the first and fifth items of http://www.openwall.com/lists/oss-security/2016/08/23/6 post +CVE-2016-8687 + - libarchive <unfixed> + NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-stack-based-buffer-overflow-in-bsdtar_expand_char-util-c/ + NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/e37b620fe8f14535d737e89a4dcabaed4517bf1a + NOTE: https://github.com/libarchive/libarchive/issues/767 CVE-2016-8670 [Stack Buffer Overflow in GD dynamicGetbuf] {DSA-3693-1} - libgd2 <unfixed> (bug #840805) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits