Author: carnil Date: 2017-10-03 19:26:23 +0000 (Tue, 03 Oct 2017) New Revision: 56382
Modified: data/CVE/list Log: Update status for libgig issues Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-10-03 18:55:20 UTC (rev 56381) +++ data/CVE/list 2017-10-03 19:26:23 UTC (rev 56382) @@ -5297,35 +5297,35 @@ [jessie] - libgig <no-dsa> (Minor issue) [wheezy] - libgig <no-dsa> (Minor issue) NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides repoducer files) - TODO: check, seem fixed with 4.0.0-4 + NOTE: http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3349 CVE-2017-12953 (The gig::Instrument::UpdateRegionKeyTable function in gig.cpp in ...) - - libgig <unfixed> (low; bug #873718) + - libgig 4.0.0-4 (low; bug #873718) [stretch] - libgig <no-dsa> (Minor issue) [jessie] - libgig <no-dsa> (Minor issue) [wheezy] - libgig <no-dsa> (Minor issue) NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides repoducer files) - TODO: check, seem fixed with 4.0.0-4 + NOTE: http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3348 CVE-2017-12952 (The LoadString function in helper.h in libgig 4.0.0 allows remote ...) - - libgig <unfixed> (low; bug #873718) + - libgig 4.0.0-4 (low; bug #873718) [stretch] - libgig <no-dsa> (Minor issue) [jessie] - libgig <no-dsa> (Minor issue) [wheezy] - libgig <no-dsa> (Minor issue) NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides repoducer files) - TODO: check, seem fixed with 4.0.0-4 + NOTE: http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3348 CVE-2017-12951 (The gig::DimensionRegion::CreateVelocityTable function in gig.cpp in ...) - libgig <unfixed> (low; bug #873718) [stretch] - libgig <no-dsa> (Minor issue) [jessie] - libgig <no-dsa> (Minor issue) [wheezy] - libgig <no-dsa> (Minor issue) NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides repoducer files) - TODO: check, seem fixed with 4.0.0-4, but fix uncovers one more problem + NOTE: http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3349 CVE-2017-12950 (The gig::Region::Region function in gig.cpp in libgig 4.0.0 allows ...) - - libgig <unfixed> (low; bug #873718) + - libgig 4.0.0-4 (low; bug #873718) [stretch] - libgig <no-dsa> (Minor issue) [jessie] - libgig <no-dsa> (Minor issue) [wheezy] - libgig <no-dsa> (Minor issue) NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides repoducer files) - TODO: check, seem fixed with 4.0.0-4 + NOTE: http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3348 CVE-2017-12949 (lib\modules\contributors\contributor_list_table.php in the Podlove ...) NOT-FOR-US: Podlove Podcast Publisher plugin for Wordpress CVE-2017-12948 (Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits