You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: SECURITY.md
+6Lines changed: 6 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -10,6 +10,12 @@ There are several types of issues that do not include a CVE or reporter. If you
10
10
11
11
If you are editing this document please feel encouraged to change this format to provide more details. This is intended to be a helpful resource so please keep content valuable and concise.
12
12
13
+
-#3786 Migrate from `boost::regex` to `re2` - unresolved - Ruslan Habalov and Felix Wilhelm of the Google Security Team
14
+
-#3785`ie_extensions` susceptible to SQL injection - CVE-2017-15026 - 2.9.0 - Ruslan Habalov and Felix Wilhelm of the Google Security Team
15
+
-#3783/#3782`safari_extensions` should not use parent paths for privilege dropping - CVE-2017-15027 - 2.9.0 - Ruslan Habalov and Felix Wilhelm of the Google Security Team
16
+
-#3781`known_hosts` should drop privileges - CVE-2017-15028 - 2.9.0 - Ruslan Habalov and Felix Wilhelm of the Google Security Team
17
+
-#3770/#3775`libxml2` (v2.9.5) and `libarchive` (v3.3.2) updated - 2.9.0
18
+
-#3767`augeas` (v1.8.1) mitigates CVE-2017-7555 - 2.9.0 - Ruslan Habalov and Felix Wilhelm of the Google Security Team
13
19
-#3133 Bad output size for TLS compression - 2.4.0 - Facebook Whitehat
14
20
-#2447 Multiple fixes to macOS `crashes` - 2.0.0 - Facebook Whitehat and zzuf
0 commit comments