Author: carnil
Date: 2017-11-21 20:42:12 +0000 (Tue, 21 Nov 2017)
New Revision: 57906
Modified:
data/CVE/list
Log:
Add TODOs for three libxls related issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-21 20:42:00 UTC (rev 57905)
+++ data/CVE/list 2017-11-21 20:42:12 UTC (rev 57906)
@@ -14139,9 +14139,9 @@
CVE-2017-12112
RESERVED
CVE-2017-12111 (An exploitable out-of-bounds vulnerability exists in the
xls_addCell ...)
- TODO: check
+ TODO: check, libxls is not packaged in Debian, but embedded in
r-cran-readxl
CVE-2017-12110 (An exploitable integer overflow vulnerability exists in the
...)
- TODO: check
+ TODO: check, libxls is not packaged in Debian, but embedded in
r-cran-readxl
CVE-2017-12109
RESERVED
CVE-2017-12108
@@ -42413,7 +42413,7 @@
CVE-2017-2897 (An exploitable out-of-bounds write vulnerability exists in the
...)
TODO: check
CVE-2017-2896 (An exploitable out-of-bounds write vulnerability exists in the
...)
- TODO: check
+ TODO: check, libxls is not packaged in Debian, but embedded in
r-cran-readxl
CVE-2017-2895 (An exploitable arbitrary memory read vulnerability exists in
the MQTT ...)
NOT-FOR-US: Cesanta Mongoose
TODO: check smplayer, embeds it
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
