Author: sectracker Date: 2017-04-23 21:10:12 +0000 (Sun, 23 Apr 2017) New Revision: 50973
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-04-23 20:58:20 UTC (rev 50972) +++ data/CVE/list 2017-04-23 21:10:12 UTC (rev 50973) @@ -1,3 +1,17 @@ +CVE-2017-8079 + RESERVED +CVE-2017-8078 (On the TP-Link TL-SG108E 1.0, the upgrade process can be requested ...) + TODO: check +CVE-2017-8077 (On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a ...) + TODO: check +CVE-2017-8076 (On the TP-Link TL-SG108E 1.0, admin network communications are RC4 ...) + TODO: check +CVE-2017-8075 (On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve ...) + TODO: check +CVE-2017-8074 (On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve ...) + TODO: check +CVE-2017-8073 (WeeChat before 1.7.1 allows a remote crash by sending a filename via ...) + TODO: check CVE-2017-8072 (The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c ...) - linux 4.9.10-1 [jessie] - linux <not-affected> (Vulnerable code not present) @@ -275,10 +289,12 @@ CVE-2017-7962 (The iwgif_read_image function in imagew-gif.c in libimageworsener.a in ...) NOT-FOR-US: ImageWorsener CVE-2017-7961 (The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco 0.6.11 and ...) + {DLA-909-1} - libcroco 0.6.11-3 (bug #860961) NOTE: https://blogs.gentoo.org/ago/2017/04/17/libcroco-heap-overflow-and-undefined-behavior/ NOTE: https://git.gnome.org/browse/libcroco/commit/?id=9ad72875e9f08e4c519ef63d44cdbd94aa9504f7 CVE-2017-7960 (The cr_input_new_from_uri function in cr-input.c in libcroco 0.6.11 and ...) + {DLA-909-1} - libcroco 0.6.11-3 (bug #860961) NOTE: https://blogs.gentoo.org/ago/2017/04/17/libcroco-heap-overflow-and-undefined-behavior/ NOTE: https://git.gnome.org/browse/libcroco/commit/?id=898e3a8c8c0314d2e6b106809a8e3e93cf9d4394 @@ -3268,6 +3284,7 @@ CVE-2017-6950 (SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended ...) NOT-FOR-US: SAP CVE-2017-6949 (An issue was discovered in CHICKEN Scheme through 4.12.0. When using a ...) + {DLA-908-1} - chicken <unfixed> (bug #858057) [jessie] - chicken <no-dsa> (Minor issue) NOTE: http://lists.gnu.org/archive/html/chicken-announce/2017-03/msg00000.html @@ -44084,8 +44101,8 @@ NOT-FOR-US: Samsung CVE-2016-2565 (Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) ...) NOT-FOR-US: Samsung -CVE-2016-2564 - RESERVED +CVE-2016-2564 (Invision Power Services (IPS) Community Suite before 4.1.9 makes ...) + TODO: check CVE-2016-2563 (Stack-based buffer overflow in the SCP command-line utility in PuTTY ...) - putty 0.67-1 (bug #816921) [jessie] - putty <no-dsa> (Minor issue) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits