Author: mgilbert
Date: 2012-04-18 03:58:18 +0000 (Wed, 18 Apr 2012)
New Revision: 18992
Modified:
data/CVE/list
Log:
libarchive issues
Modified: data/CVE/list
==================================================================---
data/CVE/list 2012-04-18 03:26:02 UTC (rev 18991)
+++ data/CVE/list 2012-04-18 03:58:18 UTC (rev 18992)
@@ -15129,8 +15129,8 @@
- linux-2.6 <unfixed>
TODO: check
CVE-2011-1779 (Multiple use-after-free vulnerabilities in libarchive 2.8.4 and
2.8.5 ...)
- - libarchive <unfixed>
- TODO: check
+ - libarchive <unfixed> (bug #669197)
+ [squeeze] - libarchive <not-affected> (no cab support prior to 3.0)
CVE-2011-1778 (Buffer overflow in libarchive through 2.8.5 allows remote
attackers to ...)
{DSA-2413-1}
- libarchive 2.8.5-5 (bug #651844)
@@ -19612,8 +19612,8 @@
CVE-2010-4667 (Cross-site scripting (XSS) vulnerability in Coppermine Photo
Gallery ...)
NOT-FOR-US: Coppermine Photo Gallery
CVE-2010-4666 (Buffer overflow in libarchive 3.0 pre-release code allows remote
...)
- - libarchive <unfixed>
- TODO: check
+ - libarchive <unfixed> (bug #669197)
+ [squeeze] - libarchive <not-affected> (no cab support prior to 3.0)
CVE-2010-4665 (Integer overflow in the ReadDirectory function in tiffdump.c in
...)
- tiff <unfixed>
TODO: check