Author: sectracker Date: 2017-05-24 09:10:13 +0000 (Wed, 24 May 2017) New Revision: 51920
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-05-24 08:15:18 UTC (rev 51919) +++ data/CVE/list 2017-05-24 09:10:13 UTC (rev 51920) @@ -1,3 +1,7 @@ +CVE-2017-9217 (systemd-resolved through 233 allows remote attackers to cause a denial ...) + TODO: check +CVE-2017-9216 (libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and ...) + TODO: check CVE-2017-XXXX [kodi: directory traversal in ZipManager] - kodi <unfixed> (bug #863230) - xbmc <undetermined> @@ -2251,16 +2255,16 @@ RESERVED CVE-2017-8315 RESERVED -CVE-2017-8314 - RESERVED -CVE-2017-8313 - RESERVED -CVE-2017-8312 - RESERVED -CVE-2017-8311 - RESERVED -CVE-2017-8310 - RESERVED +CVE-2017-8314 (Directory Traversal in Zip Extraction built-in function in Kodi 17.1 ...) + TODO: check +CVE-2017-8313 (Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to ...) + TODO: check +CVE-2017-8312 (Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing ...) + TODO: check +CVE-2017-8311 (Potential heap based buffer overflow in ParseJSS in VideoLAN VLC ...) + TODO: check +CVE-2017-8310 (Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due ...) + TODO: check CVE-2017-8309 (Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows ...) - qemu 1:2.8+dfsg-5 (bug #862280) [jessie] - qemu <no-dsa> (Minor issue) @@ -4511,6 +4515,7 @@ NOTE: Fixed by: https://git.kernel.org/linus/06bd3c36a733ac27962fea7d6f47168841376824 CVE-2017-7494 RESERVED + {DSA-3860-1 DLA-951-1} - samba <unfixed> NOTE: https://www.samba.org/samba/security/CVE-2017-7494.html CVE-2017-7493 (Quick Emulator (Qemu) built with the VirtFS, host directory sharing ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits