The following vulnerabilities were fixed in the main 3.3 repository, but
were missing from the relevant yaml file:
- CVE-2016-2147 and CVE-2016-2148 were fixed in busybox 1.24.2-r0
(aports commit 1ac4d54468).
- CVE-2016-0787 was fixed in libssh2 1.6.0-r1 (aports commit
c922c86918).
---
v3.3/main.yaml | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/v3.3/main.yaml b/v3.3/main.yaml
index eff8448..ba75383 100644
--- a/v3.3/main.yaml
+++ b/v3.3/main.yaml
@@ -64,6 +64,9 @@ packages:
- CVE-2017-16544
1.24.2-r1:
- CVE-2016-6301
+ 1.24.2-r0:
+ - CVE-2016-2147
+ - CVE-2016-2148
- pkg:
name: c-ares
secfixes:
@@ -903,3 +906,8 @@ packages:
- CVE-2016-9841
- CVE-2016-9842
- CVE-2016-9843
+ - pkg:
+ name: libssh2
+ secfixes:
+ 1.6.0-r1:
+ - CVE-2016-0787
--
2.16.2
---
Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org
Help: alpine-aports+help@lists.alpinelinux.org
---