Author: sectracker Date: 2017-10-08 21:10:13 +0000 (Sun, 08 Oct 2017) New Revision: 56530
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-10-08 20:27:14 UTC (rev 56529) +++ data/CVE/list 2017-10-08 21:10:13 UTC (rev 56530) @@ -118,6 +118,7 @@ RESERVED CVE-2017-15038 [Qemu: 9p: virtfs: information disclosure when reading extended attributes] RESERVED + {DLA-1129-1 DLA-1128-1} - qemu 1:2.10.0+dfsg-2 (bug #877890) [stretch] - qemu <no-dsa> (Minor issue) [jessie] - qemu <no-dsa> (Minor issue) @@ -1220,9 +1221,11 @@ CVE-2017-14638 (AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp in ...) NOT-FOR-US: Bento4 CVE-2017-14637 (In sam2p 0.49.3, there is an invalid read of size 2 in the parse_rgb ...) + {DLA-1127-1} - sam2p <removed> (bug #876744) NOTE: https://github.com/pts/sam2p/issues/14 (bug 5) CVE-2017-14636 (Because of an integer overflow in sam2p 0.49.3, a loop executes ...) + {DLA-1127-1} - sam2p <removed> (bug #876744) NOTE: https://github.com/pts/sam2p/issues/14 (bug 4) CVE-2017-14635 (In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before ...) @@ -1258,15 +1261,19 @@ NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2328 NOTE: https://github.com/xiph/vorbis/issues/29 CVE-2017-14631 (In sam2p 0.49.3, the pcxLoadRaster function in in_pcx.cpp has an ...) + {DLA-1127-1} - sam2p <removed> (bug #876744) NOTE: https://github.com/pts/sam2p/issues/14 (bug 1) CVE-2017-14630 (In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 ...) + {DLA-1127-1} - sam2p <removed> (bug #876744) NOTE: https://github.com/pts/sam2p/issues/14 (bug 6) CVE-2017-14629 (In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an ...) + {DLA-1127-1} - sam2p <removed> (bug #876744) NOTE: https://github.com/pts/sam2p/issues/14 (bug 3) CVE-2017-14628 (In sam2p 0.49.3, a heap-based buffer overflow exists in the ...) + {DLA-1127-1} - sam2p <removed> (bug #876744) NOTE: https://github.com/pts/sam2p/issues/14 (bug 2) CVE-2017-14627 (Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote ...) @@ -2546,7 +2553,7 @@ CVE-2017-14168 RESERVED CVE-2017-14167 (Integer overflow in the load_multiboot function in hw/i386/multiboot.c ...) - {DSA-3991-1} + {DSA-3991-1 DLA-1129-1 DLA-1128-1} - qemu 1:2.10.0-1 (bug #874606) - qemu-kvm <removed> NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-09/msg01483.html _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits