[ubuntu/zesty-proposed] radare2 1.1.0+dfsg-3 (Accepted)
Graham Inggs
graham at nerve.org.za
Fri Mar 3 11:54:08 UTC 2017
radare2 (1.1.0+dfsg-3) unstable; urgency=high
* Add upstream patches to fix security bugs
- CVE-2017-6415 (Closes: #856572)
The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2
1.2.1 allows remote attackers to cause a denial of service (NULL
pointer dereference and application crash) via a crafted DEX file.
- CVE-2017-6387 (Closes: #856574)
The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1
allows remote attackers to cause a denial of service (out-of-bounds
read and application crash) via a crafted DEX file.
- CVE-2017-6319 (Closes: #856579)
The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2
1.2.1 allows remote attackers to cause a denial of service (buffer
overflow and application crash) or possibly have unspecified other
impact via a crafted DEX file.
* Add small patch from Graham Inggs to fix FTBFS when
linked with as-needed (Closes: #856329)
Date: 2017-03-03 10:16:03.246816+00:00
Changed-By: Sebastian Reichel <sre at ring0.de>
Signed-By: Graham Inggs <graham at nerve.org.za>
https://launchpad.net/ubuntu/+source/radare2/1.1.0+dfsg-3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Zesty-changes
mailing list