Author: carnil Date: 2016-10-16 17:56:17 +0000 (Sun, 16 Oct 2016) New Revision: 45382
Modified: data/CVE/list Log: libarchive issues fixed in unstable Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-10-16 17:19:48 UTC (rev 45381) +++ data/CVE/list 2016-10-16 17:56:17 UTC (rev 45382) @@ -60,12 +60,12 @@ NOTE: CVE ID for the first and fifth items of http://www.openwall.com/lists/oss-security/2016/08/23/6 post NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c/ CVE-2016-8689 - - libarchive <unfixed> (bug #840934) + - libarchive 3.2.1-5 (bug #840934) NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-read_header-archive_read_support_format_7zip-c/ NOTE: https://github.com/libarchive/libarchive/issues/761 NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/7f17c791dcfd8c0416e2cd2485b19410e47ef126 CVE-2016-8688 - - libarchive <unfixed> (bug #840935) + - libarchive 3.2.1-5 (bug #840935) NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-detect_form-archive_read_support_format_mtree-c/ NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-memory-corruptionunknown-crash-in-bid_entry-archive_read_support_format_mtree-c/ NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-bid_entry-archive_read_support_format_mtree-c/ @@ -73,7 +73,7 @@ NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-use-after-free-in-detect_form-archive_read_support_format_mtree-c/ NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/eec077f52bfa2d3f7103b4b74d52572ba8a15aca CVE-2016-8687 - - libarchive <unfixed> (bug #840936) + - libarchive 3.2.1-5 (bug #840936) NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-stack-based-buffer-overflow-in-bsdtar_expand_char-util-c/ NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/e37b620fe8f14535d737e89a4dcabaed4517bf1a NOTE: https://github.com/libarchive/libarchive/issues/767 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits