[Secure-testing-commits] r51569 - data/CVE

Fri, 12 May 2017 02:10:39 -0700 

Author: sectracker
Date: 2017-05-12 09:10:21 +0000 (Fri, 12 May 2017)
New Revision: 51569

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-05-12 08:24:49 UTC (rev 51568)
+++ data/CVE/list       2017-05-12 09:10:21 UTC (rev 51569)
@@ -1,3 +1,21 @@
+CVE-2017-8915
+       RESERVED
+CVE-2017-8914
+       RESERVED
+CVE-2017-8913
+       RESERVED
+CVE-2017-8912 (** DISPUTED ** CMS Made Simple (CMSMS) 2.1.6 allows remote ...)
+       TODO: check
+CVE-2017-8911 (An integer underflow has been identified in the 
unicode_to_utf8() ...)
+       TODO: check
+CVE-2017-8910
+       RESERVED
+CVE-2017-8909
+       RESERVED
+CVE-2017-8908 (The mark_line_tr function in gxscanc.c in Artifex Ghostscript 
9.21 ...)
+       TODO: check
+CVE-2017-8907
+       RESERVED
 CVE-2017-8906 (An integer underflow vulnerability exists in pixel-a.asm, the 
x86 ...)
        - x265 <unfixed>
 CVE-2017-8902
@@ -4,8 +22,8 @@
        RESERVED
 CVE-2017-8901
        RESERVED
-CVE-2017-8900
-       RESERVED
+CVE-2017-8900 (LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 
and 17.x, ...)
+       TODO: check
 CVE-2017-8899 (Invision Power Services (IPS) Community Suite 4.1.19.2 and 
earlier has ...)
        NOT-FOR-US: Invision Power Services
 CVE-2017-8898 (Invision Power Services (IPS) Community Suite 4.1.19.2 and 
earlier has ...)
@@ -1069,6 +1087,7 @@
        RESERVED
 CVE-2017-8422
        RESERVED
+       {DSA-3849-1}
        - kauth 5.28.0-2
        - kde4libs 4:4.14.26-2
        NOTE: http://www.openwall.com/lists/oss-security/2017/05/10/3
@@ -1319,8 +1338,8 @@
        NOTE: 
https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-flac_buffer_copy-flac-c/
        NOTE: https://github.com/erikd/libsndfile/issues/232
        NOTE: 
https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
-CVE-2017-8360
-       RESERVED
+CVE-2017-8360 (Conexant Systems mictray64 task, as used on HP Elite, 
EliteBook, ...)
+       TODO: check
 CVE-2017-8359 (Google gRPC before 2017-03-29 has an out-of-bounds write caused 
by a ...)
        - grpc <unfixed>
        NOTE: https://github.com/grpc/grpc/pull/10353
@@ -7072,6 +7091,7 @@
 CVE-2017-6411 (Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 
IN_1.00 ...)
        NOT-FOR-US: D-Link
 CVE-2017-6410 (kpac/script.cpp in KDE kio before 5.32 and kdelibs before 
4.14.30 calls ...)
+       {DSA-3849-1}
        - kio 5.28.0-2 (bug #856889)
        - kde4libs 4:4.14.26-2 (bug #856890)
        NOTE: https://www.kde.org/info/security/advisory-20170228-1.txt


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to