[Secure-testing-commits] r57155 - data/CVE

Moritz Muehlenhoff Tue, 31 Oct 2017 04:31:38 -0700

Author: jmm
Date: 2017-10-31 11:30:35 +0000 (Tue, 31 Oct 2017)
New Revision: 57155


Modified:
   data/CVE/list
Log:
exiv2 n/a
revised redis fix


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-31 09:29:05 UTC (rev 57154)
+++ data/CVE/list       2017-10-31 11:30:35 UTC (rev 57155)
@@ -3165,7 +3165,7 @@
 CVE-2017-15048
        RESERVED
 CVE-2017-15047 (The clusterLoadConfig function in cluster.c in Redis 4.0.2 
allows ...)
-       - redis 4:4.0.2-4 (bug #878076; unimportant)
+       - redis 4:4.0.2-5 (bug #878076; unimportant)
        [jessie] - redis <not-affected> (Vulnerable code introduced later)
        [wheezy] - redis <not-affected> (Vulnerable code introduced later)
        NOTE: https://github.com/antirez/redis/issues/4278
@@ -13122,8 +13122,9 @@
 CVE-2017-11593 (Cross-site scripting (XSS) vulnerability in the Markdown 
Preview Plus ...)
        NOT-FOR-US: Chrome extension Markdown Preview Plus
 CVE-2017-11592 (There is a Mismatched Memory Management Routines vulnerability 
in the ...)
-       - exiv2 <unfixed> (low)
-       [wheezy] - exiv2 <not-affected> (Vulnerable code not present)
+       [experimental] - exiv2 <unfixed>
+       - exiv2 <not-affected> (printTiffStructure introduced in 0.26)
+       TODO: Report against experimental
        NOTE: https://github.com/Exiv2/exiv2/issues/56
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473889
        NOTE: Not reproducible in wheezy/jessie/stretch/sid(0.25-3.1).


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r57155 - data/CVE

Reply via email to