Update status for CVE-2017-9670

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@52611 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Salvatore Bonaccorso <carnil@debian.org> 2017-06-16 08:01:11 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2017-06-16 08:01:11 +0000
commit: 8a00e8e6d65f57b207df34ab4a76e99ed92e61b6 (patch)
tree: b4fab0a7f8a1b0499e72d6e8489bb1768eaa05f9 /data
parent: 790d95fad46a5b0b00a5bb9f5e4912945e388d6d (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index eefd9027de..6be4687058 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -111,7 +111,8 @@ CVE-2017-9671
 CVE-2017-9670 (An uninitialized stack variable vulnerability in load_tic_series() in ...)
 	- gnuplot <undetermined>
 	NOTE: https://sourceforge.net/p/gnuplot/bugs/1933/
-	TODO: check
+	NOTE: The specific CVE is for the uninitialized stack variable fixed via set.c
+	NOTE: Patch: https://sourceforge.net/p/gnuplot/bugs/_discuss/thread/44ec637c/af0f/attachment/uninitialized_variables_%28Bug1933%29.patch
 CVE-2017-9669
 	RESERVED
 CVE-2017-9668
author	Salvatore Bonaccorso <carnil@debian.org>	2017-06-16 08:01:11 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2017-06-16 08:01:11 +0000
commit	8a00e8e6d65f57b207df34ab4a76e99ed92e61b6 (patch)
tree	b4fab0a7f8a1b0499e72d6e8489bb1768eaa05f9 /data
parent	790d95fad46a5b0b00a5bb9f5e4912945e388d6d (diff)