Author: carnil
Date: 2016-10-16 06:12:23 +0000 (Sun, 16 Oct 2016)
New Revision: 45356

Modified:
   data/CVE/list
Log:
CVE-2016-8679, CVE-2016-8680, CVE-2016-8681 assigned for dwarfutils

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-10-16 06:07:39 UTC (rev 45355)
+++ data/CVE/list       2016-10-16 06:12:23 UTC (rev 45356)
@@ -496,15 +496,21 @@
        NOTE: and no mechanism is currently known by which an attacker who does 
not
        NOTE: already have root privileges could induce systemd to send messages
        NOTE: that would trigger the format string vulnerability.
-CVE-2016-XXXX [dwarf_util.c: heap-based buffer overflow in 
_dwarf_get_size_of_val]
+CVE-2016-8679 [dwarf_util.c: heap-based buffer overflow in 
_dwarf_get_size_of_val]
        - dwarfutils <unfixed>
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/10/08/11
-CVE-2016-XXXX [dwarf_util.c: heap-based buffer overflow in 
_dwarf_get_abbrev_for_code]
+       NOTE: http://www.openwall.com/lists/oss-security/2016/10/08/11
+       NOTE: 
https://sourceforge.net/p/libdwarf/code/ci/2d14a7792889e33bc542c28d0f3792964c46214f/#diff-13
+       NOTE: 
https://sourceforge.net/p/libdwarf/code/ci/efe48cad0693d6994d9a7b561e1c3833b073a624/#diff-2
+       NOTE: Same fix as CVE-2016-8681 but different issue
+CVE-2016-8680 [dwarf_util.c: heap-based buffer overflow in 
_dwarf_get_abbrev_for_code]
        - dwarfutils <unfixed>
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/10/08/12
-CVE-2016-XXXX [dwarf_util.c: heap-based buffer overflow in 
_dwarf_get_abbrev_for_code second one]
+       NOTE: http://www.openwall.com/lists/oss-security/2016/10/08/12
+       NOTE: 
https://sourceforge.net/p/libdwarf/code/ci/268c1f18d1d28612af3b72d7c670076b1b88e51c/tree/libdwarf/dwarf_util.c?diff=0b28b923c3bd9827d1d904feed2abadde4fa5de2
+CVE-2016-8681 [dwarf_util.c: heap-based buffer overflow in 
_dwarf_get_abbrev_for_code second one]
        - dwarfutils <unfixed>
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/10/08/13
+       NOTE: 
https://sourceforge.net/p/libdwarf/code/ci/2d14a7792889e33bc542c28d0f3792964c46214f/#diff-13
+       NOTE: 
https://sourceforge.net/p/libdwarf/code/ci/efe48cad0693d6994d9a7b561e1c3833b073a624/#diff-2
+       NOTE: http://www.openwall.com/lists/oss-security/2016/10/08/13
 CVE-2016-8602 [type confusion]
        RESERVED
        {DSA-3691-1}


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to