- 15215, 15378, 15884, 16009, 16418, 16191, 16469, 16576, 16617, 16619,
- 16657, 16740, 16857, 17192, 17266, 17273, 17344, 17363, 17370, 17371,
- 17411, 17460, 17475, 17485, 17501, 17506, 17508, 17522, 17555, 17570,
- 17571, 17572, 17573, 17574, 17582, 17583, 17584, 17585, 17589, 17594,
- 17601, 17608, 17616, 17625, 17630, 17633, 17634, 17635, 17647, 17653,
- 17657, 17658, 17664, 17665, 17668, 17682, 17702, 17717, 17719, 17722,
- 17723, 17724, 17725, 17732, 17733, 17744, 17745, 17746, 17747, 17748,
- 17775, 17777, 17780, 17781, 17782, 17791, 17793, 17796, 17797, 17801,
- 17803, 17806, 17834, 17844, 17848, 17868, 17869, 17870, 17885, 17892.
+ 15215, 15378, 15884, 16009, 16418, 16191, 16469, 16576, 16617, 16618,
+ 16619, 16657, 16740, 16857, 17192, 17266, 17273, 17344, 17363, 17370,
+ 17371, 17411, 17460, 17475, 17485, 17501, 17506, 17508, 17522, 17555,
+ 17570, 17571, 17572, 17573, 17574, 17582, 17583, 17584, 17585, 17589,
+ 17594, 17601, 17608, 17616, 17625, 17630, 17633, 17634, 17635, 17647,
+ 17653, 17657, 17658, 17664, 17665, 17668, 17682, 17702, 17717, 17719,
+ 17722, 17723, 17724, 17725, 17732, 17733, 17744, 17745, 17746, 17747,
+ 17748, 17775, 17777, 17780, 17781, 17782, 17791, 17793, 17796, 17797,
+ 17801, 17803, 17806, 17834, 17844, 17848, 17868, 17869, 17870, 17885,
+ 17892.
+
+* CVE-2015-1472 Under certain conditions wscanf can allocate too little
+ memory for the to-be-scanned arguments and overflow the allocated
+ buffer. The implementation now correctly computes the required buffer
+ size when using malloc.