[Secure-testing-commits] r45351 - data/CVE

Salvatore Bonaccorso Sat, 15 Oct 2016 22:47:21 -0700

Author: carnil
Date: 2016-10-16 05:46:12 +0000 (Sun, 16 Oct 2016)
New Revision: 45351


Modified:
   data/CVE/list
Log:
Add CVe-2016-8689/libarchive

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-10-16 05:43:13 UTC (rev 45350)
+++ data/CVE/list       2016-10-16 05:46:12 UTC (rev 45351)
@@ -52,6 +52,11 @@
 CVE-2016-8690 [SEGV on unknown address ... bmp_getdata ... bmp_dec.c]
        - jasper <unfixed>
        NOTE: CVE ID for the first and fifth items of 
http://www.openwall.com/lists/oss-security/2016/08/23/6 post
+CVE-2016-8689
+       - libarchive <unfixed>
+       NOTE: 
https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-read_header-archive_read_support_format_7zip-c/
+       NOTE: https://github.com/libarchive/libarchive/issues/761
+       NOTE: Fixed by: 
https://github.com/libarchive/libarchive/commit/7f17c791dcfd8c0416e2cd2485b19410e47ef126
 CVE-2016-8688
        - libarchive <unfixed>
        NOTE: 
https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-detect_form-archive_read_support_format_mtree-c/


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r45351 - data/CVE

Reply via email to