Author: sectracker Date: 2017-05-12 09:10:21 +0000 (Fri, 12 May 2017) New Revision: 51569
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-05-12 08:24:49 UTC (rev 51568) +++ data/CVE/list 2017-05-12 09:10:21 UTC (rev 51569) @@ -1,3 +1,21 @@ +CVE-2017-8915 + RESERVED +CVE-2017-8914 + RESERVED +CVE-2017-8913 + RESERVED +CVE-2017-8912 (** DISPUTED ** CMS Made Simple (CMSMS) 2.1.6 allows remote ...) + TODO: check +CVE-2017-8911 (An integer underflow has been identified in the unicode_to_utf8() ...) + TODO: check +CVE-2017-8910 + RESERVED +CVE-2017-8909 + RESERVED +CVE-2017-8908 (The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 ...) + TODO: check +CVE-2017-8907 + RESERVED CVE-2017-8906 (An integer underflow vulnerability exists in pixel-a.asm, the x86 ...) - x265 <unfixed> CVE-2017-8902 @@ -4,8 +22,8 @@ RESERVED CVE-2017-8901 RESERVED -CVE-2017-8900 - RESERVED +CVE-2017-8900 (LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, ...) + TODO: check CVE-2017-8899 (Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has ...) NOT-FOR-US: Invision Power Services CVE-2017-8898 (Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has ...) @@ -1069,6 +1087,7 @@ RESERVED CVE-2017-8422 RESERVED + {DSA-3849-1} - kauth 5.28.0-2 - kde4libs 4:4.14.26-2 NOTE: http://www.openwall.com/lists/oss-security/2017/05/10/3 @@ -1319,8 +1338,8 @@ NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-flac_buffer_copy-flac-c/ NOTE: https://github.com/erikd/libsndfile/issues/232 NOTE: https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3 -CVE-2017-8360 - RESERVED +CVE-2017-8360 (Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ...) + TODO: check CVE-2017-8359 (Google gRPC before 2017-03-29 has an out-of-bounds write caused by a ...) - grpc <unfixed> NOTE: https://github.com/grpc/grpc/pull/10353 @@ -7072,6 +7091,7 @@ CVE-2017-6411 (Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 ...) NOT-FOR-US: D-Link CVE-2017-6410 (kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls ...) + {DSA-3849-1} - kio 5.28.0-2 (bug #856889) - kde4libs 4:4.14.26-2 (bug #856890) NOTE: https://www.kde.org/info/security/advisory-20170228-1.txt _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits