Author: sectracker Date: 2017-07-14 09:10:13 +0000 (Fri, 14 Jul 2017) New Revision: 53484
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-07-14 09:06:49 UTC (rev 53483) +++ data/CVE/list 2017-07-14 09:10:13 UTC (rev 53484) @@ -1,3 +1,37 @@ +CVE-2017-11328 (Heap buffer overflow in the yr_object_array_set_item() function in ...) + TODO: check +CVE-2017-11327 + RESERVED +CVE-2017-11326 + RESERVED +CVE-2017-11325 + RESERVED +CVE-2017-11324 + RESERVED +CVE-2017-11323 + RESERVED +CVE-2017-11322 + RESERVED +CVE-2017-11321 + RESERVED +CVE-2017-11320 + RESERVED +CVE-2017-11319 + RESERVED +CVE-2017-11318 (Cobian Backup 11 client allows man-in-the-middle attackers to add and ...) + TODO: check +CVE-2017-11317 + RESERVED +CVE-2017-11316 + RESERVED +CVE-2017-11315 + RESERVED +CVE-2017-11314 + RESERVED +CVE-2017-11313 + RESERVED +CVE-2017-11312 + RESERVED CVE-2017-11311 (soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt ...) - libopenmpt <unfixed> (bug #867579) [stretch] - libopenmpt <no-dsa> (Scheduled for point release) @@ -2344,8 +2378,8 @@ NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2682 NOTE: Fixed by: https://github.com/vadz/libtiff/commit/fb3dc46a2fcf6197ff3b93fc76f0c37fddc0333b NOTE: The issue is addressed with the same commit as for CVE-2017-9403 -CVE-2017-9814 - RESERVED +CVE-2017-9814 (cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote ...) + TODO: check CVE-2017-9813 RESERVED CVE-2017-9812 @@ -23751,17 +23785,15 @@ RESERVED CVE-2017-3104 RESERVED -CVE-2017-3103 - RESERVED -CVE-2017-3102 - RESERVED -CVE-2017-3101 - RESERVED -CVE-2017-3100 - RESERVED +CVE-2017-3103 (Adobe Connect versions 9.6.1 and earlier have a stored cross-site ...) + TODO: check +CVE-2017-3102 (Adobe Connect versions 9.6.1 and earlier have a reflected cross-site ...) + TODO: check +CVE-2017-3101 (Adobe Connect versions 9.6.1 and earlier have a clickjacking ...) + TODO: check +CVE-2017-3100 (Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable ...) NOT-FOR-US: Adobe Flash -CVE-2017-3099 - RESERVED +CVE-2017-3099 (Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable ...) NOT-FOR-US: Adobe Flash CVE-2017-3098 (Adobe Captivate versions 9 and earlier have a remote code execution ...) NOT-FOR-US: Adobe @@ -23799,8 +23831,7 @@ NOT-FOR-US: Adobe Flash CVE-2017-3081 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...) NOT-FOR-US: Adobe Flash -CVE-2017-3080 - RESERVED +CVE-2017-3080 (Adobe Flash Player versions 26.0.0.131 and earlier have a security ...) NOT-FOR-US: Adobe Flash CVE-2017-3079 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...) NOT-FOR-US: Adobe Flash _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits