Author: carnil
Date: 2017-11-22 20:57:18 +0000 (Wed, 22 Nov 2017)
New Revision: 57938
Modified:
data/CVE/list
Log:
Expand todo for two CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-22 20:57:06 UTC (rev 57937)
+++ data/CVE/list 2017-11-22 20:57:18 UTC (rev 57938)
@@ -42415,7 +42415,7 @@
CVE-2017-2920 (An memory corruption vulnerability exists in the .SVG parsing
...)
NOT-FOR-US: Computerinsel Photoline
CVE-2017-2919 (An exploitable stack based buffer overflow vulnerability exists
in the ...)
- TODO: check
+ TODO: check, libxls is not packaged in Debian, but embedded in
r-cran-readxl
CVE-2017-2918
RESERVED
CVE-2017-2917 (An exploitable vulnerability exists in the notifications
functionality ...)
@@ -42460,7 +42460,7 @@
CVE-2017-2898 (An exploitable vulnerability exists in the signature
verification of ...)
NOT-FOR-US: Circle with Disney
CVE-2017-2897 (An exploitable out-of-bounds write vulnerability exists in the
...)
- TODO: check
+ TODO: check, libxls is not packaged in Debian, but embedded in
r-cran-readxl
CVE-2017-2896 (An exploitable out-of-bounds write vulnerability exists in the
...)
TODO: check, libxls is not packaged in Debian, but embedded in
r-cran-readxl
CVE-2017-2895 (An exploitable arbitrary memory read vulnerability exists in
the MQTT ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
