[Secure-testing-commits] r56382 - data/CVE

Tue, 03 Oct 2017 12:26:46 -0700 

Author: carnil
Date: 2017-10-03 19:26:23 +0000 (Tue, 03 Oct 2017)
New Revision: 56382

Modified:
   data/CVE/list
Log:
Update status for libgig issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-03 18:55:20 UTC (rev 56381)
+++ data/CVE/list       2017-10-03 19:26:23 UTC (rev 56382)
@@ -5297,35 +5297,35 @@
        [jessie] - libgig <no-dsa> (Minor issue)
        [wheezy] - libgig <no-dsa> (Minor issue)
        NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides 
repoducer files)
-       TODO: check, seem fixed with 4.0.0-4
+       NOTE: 
http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3349
 CVE-2017-12953 (The gig::Instrument::UpdateRegionKeyTable function in gig.cpp 
in ...)
-       - libgig <unfixed> (low; bug #873718)
+       - libgig 4.0.0-4 (low; bug #873718)
        [stretch] - libgig <no-dsa> (Minor issue)
        [jessie] - libgig <no-dsa> (Minor issue)
        [wheezy] - libgig <no-dsa> (Minor issue)
        NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides 
repoducer files)
-       TODO: check, seem fixed with 4.0.0-4
+       NOTE: 
http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3348
 CVE-2017-12952 (The LoadString function in helper.h in libgig 4.0.0 allows 
remote ...)
-       - libgig <unfixed> (low; bug #873718)
+       - libgig 4.0.0-4 (low; bug #873718)
        [stretch] - libgig <no-dsa> (Minor issue)
        [jessie] - libgig <no-dsa> (Minor issue)
        [wheezy] - libgig <no-dsa> (Minor issue)
        NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides 
repoducer files)
-       TODO: check, seem fixed with 4.0.0-4
+       NOTE: 
http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3348
 CVE-2017-12951 (The gig::DimensionRegion::CreateVelocityTable function in 
gig.cpp in ...)
        - libgig <unfixed> (low; bug #873718)
        [stretch] - libgig <no-dsa> (Minor issue)
        [jessie] - libgig <no-dsa> (Minor issue)
        [wheezy] - libgig <no-dsa> (Minor issue)
        NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides 
repoducer files)
-       TODO: check, seem fixed with 4.0.0-4, but fix uncovers one more problem
+       NOTE: 
http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3349
 CVE-2017-12950 (The gig::Region::Region function in gig.cpp in libgig 4.0.0 
allows ...)
-       - libgig <unfixed> (low; bug #873718)
+       - libgig 4.0.0-4 (low; bug #873718)
        [stretch] - libgig <no-dsa> (Minor issue)
        [jessie] - libgig <no-dsa> (Minor issue)
        [wheezy] - libgig <no-dsa> (Minor issue)
        NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides 
repoducer files)
-       TODO: check, seem fixed with 4.0.0-4
+       NOTE: 
http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3348
 CVE-2017-12949 (lib\modules\contributors\contributor_list_table.php in the 
Podlove ...)
        NOT-FOR-US: Podlove Podcast Publisher plugin for Wordpress
 CVE-2017-12948 (Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 
and earlier ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to