[Secure-testing-commits] r47967 - data/CVE

Salvatore Bonaccorso Thu, 12 Jan 2017 21:53:04 -0800

Author: carnil
Date: 2017-01-13 05:51:54 +0000 (Fri, 13 Jan 2017)
New Revision: 47967


Modified:
   data/CVE/list
Log:
Update status for ed

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-01-13 05:39:51 UTC (rev 47966)
+++ data/CVE/list       2017-01-13 05:51:54 UTC (rev 47967)
@@ -38,9 +38,11 @@
 CVE-2016-10131 (system/libraries/Email.php in CodeIgniter before 3.1.3 allows 
remote ...)
        TODO: check
 CVE-2017-5357 [ed invalid free]
-       - ed <unfixed> (low; bug #851159)
-       [jessie] - ed <no-dsa> (Minor issue)
+       - ed <not-affected> (Vulnerable code not present, cf #851159)
        NOTE: http://www.openwall.com/lists/oss-security/2017/01/12/5
+       NOTE: The issue is only present from 1.14 onwards, and prior to 1.14.1 
since upstream
+       NOTE: changed a malloc'ed buffer for a static one.
+       NOTE: https://lists.gnu.org/archive/html/bug-ed/2017-01/msg00001.html
 CVE-2017-5329
        RESERVED
 CVE-2017-5328


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r47967 - data/CVE

Reply via email to