Author: hle Date: 2017-08-25 21:19:56 +0000 (Fri, 25 Aug 2017) New Revision: 55090
Modified: data/CVE/list Log: Fix typo in CVE-2017-6419 & CVE-2017-11423 (does not does not have). Mark CVE-2017-9996 <not-affected> in wheezy (Vulnerable code not present). Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-08-25 21:16:41 UTC (rev 55089) +++ data/CVE/list 2017-08-25 21:19:56 UTC (rev 55090) @@ -5990,8 +5990,7 @@ NOTE: ClamaV: https://github.com/vrtadmin/clamav-devel/commit/ada5f94e5cfb04e1ac2a6f383f2184753f475b96 NOTE: ClamAV uses the libmspack system library when available. This is the NOTE: case from starting from Debian Jessie. Debian Wheezy does not have - NOTE: does not have libmspack and thus need to have the fix as well in the - NOTE: src:clamav source package. + NOTE: libmspack and thus need to have the fix as well in the src:clamav source package. CVE-2017-11422 (Statamic framework before 2.6.0 does not correctly check a session's ...) NOT-FOR-US: Statamic CVE-2017-11420 (Stack-based buffer overflow in ASUS_Discovery.c in networkmap in ...) @@ -8374,6 +8373,7 @@ CVE-2017-9996 (The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x ...) - ffmpeg 7:3.2.5-1 - libav <undetermined> + [wheezy] - libav <not-affected> (Vulnerable code not present) NOTE: https://github.com/FFmpeg/FFmpeg/commit/1e42736b95065c69a7481d0cf55247024f54b660 NOTE: https://github.com/FFmpeg/FFmpeg/commit/e1b60aad77c27ed5d4dfc11e5e6a05a38c70489d CVE-2017-9995 (libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validate ...) @@ -20968,7 +20968,7 @@ NOTE: https://github.com/vrtadmin/clamav-devel/commit/a83773682e856ad6529ba6db8d1792e6d515d7f1 NOTE: ClamAV uses the libmspack system library when available. This is the NOTE: case from starting from Debian Jessie. Debian Wheezy does not have - NOTE: does not have libmspack and thus need to have the fix as well in the + NOTE: have libmspack and thus need to have the fix as well in the NOTE: src:clamav source package. NOTE: libmspack: https://github.com/kyz/libmspack/commit/6139a0b9e93fcb7fcf423e56aa825bc869e02229 CVE-2017-6418 (libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits