~alpine/aports

[alpine-aports] [PATCH] Add missing vulnerabilities in 3.3

Ido Perlmuter <ido@ido50.net>
Details
Message ID
<20180304155335.7384-1-ido@ido50.net>
Sender timestamp
1520178815
DKIM signature
missing
Download raw message
6 years ago
Patch: +8 -0 
The following vulnerabilities were fixed in the main 3.3 repository, but
were missing from the relevant yaml file:

 - CVE-2016-2147 and CVE-2016-2148 were fixed in busybox 1.24.2-r0
   (aports commit 1ac4d54468).

 - CVE-2016-0787 was fixed in libssh2 1.6.0-r1 (aports commit
   c922c86918).
---
 v3.3/main.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/v3.3/main.yaml b/v3.3/main.yaml
index eff8448..ba75383 100644
--- a/v3.3/main.yaml
+++ b/v3.3/main.yaml
@@ -64,6 +64,9 @@ packages:
          - CVE-2017-16544
        1.24.2-r1:
          - CVE-2016-6301
        1.24.2-r0:
          - CVE-2016-2147
          - CVE-2016-2148
  - pkg:
      name: c-ares
      secfixes:
@@ -903,3 +906,8 @@ packages:
          - CVE-2016-9841
          - CVE-2016-9842
          - CVE-2016-9843
  - pkg:
      name: libssh2
      secfixes:
        1.6.0-r1:
          - CVE-2016-0787
-- 
2.16.2



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---
Reply to thread Export thread (mbox)