[Secure-testing-commits] r57955 - data/CVE

Moritz Muehlenhoff Thu, 23 Nov 2017 04:27:02 -0800

Author: jmm
Date: 2017-11-23 12:26:23 +0000 (Thu, 23 Nov 2017)
New Revision: 57955


Modified:
   data/CVE/list
Log:
shairpoint non-issue
a few no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-23 11:50:22 UTC (rev 57954)
+++ data/CVE/list       2017-11-23 12:26:23 UTC (rev 57955)
@@ -218,6 +218,7 @@
        REJECTED
 CVE-2017-1000203 (ROOT version 6.9.03 and below is vulnerable to an 
authenticated shell ...)
        - root-system <removed>
+       [jessie] - root-system <ignored> (Minor issue)
        [wheezy] - root-system <ignored> (Minor issue as it's restricted to 
authenticated users)
        NOTE: 
https://github.com/root-project/root/commit/88ccff152604e0f1012653a596d802ff7ede3145#diff-6cd6f6c31bac70116b7ca7abdc8e517e
 CVE-2017-1000192 (Cygnux sysPass version 2.1.7 and older is vulnerable to a 
Local File ...)
@@ -356,6 +357,8 @@
        NOT-FOR-US: EllisLab ExpressionEngine
 CVE-2017-1000158 (CPython (aka Python) up to 2.7.13 is vulnerable to an 
integer overflow ...)
        - python2.7 2.7.13-4
+       [stretch] - python2.7 <no-dsa> (Minor issue)
+       [jessie] - python2.7 <no-dsa> (Minor issue)
        - python2.6 <removed>
        NOTE: https://bugs.python.org/issue30657
        NOTE: 
https://github.com/python/cpython/commit/c3c9db89273fabc62ea1b48389d9a3000c1c03ae
@@ -3356,6 +3359,8 @@
 CVE-2016-10517 (networking.c in Redis before 3.2.7 allows &quot;Cross Protocol 
Scripting&quot; ...)
        {DLA-1161-1}
        - redis 3:3.2.7-1
+       [stretch] - redis <no-dsa> (Minor issue)
+       [jessie] - redis <no-dsa> (Minor issue)
        NOTE: 
https://github.com/antirez/redis/commit/874804da0c014a7d704b3d285aa500098a931f50
 CVE-2017-15863 (Cross Site Scripting (XSS) exists in the wp-noexternallinks 
plugin ...)
        NOT-FOR-US: WordPress plugin wp-noexternallinks
@@ -14231,6 +14236,9 @@
        RESERVED
 CVE-2017-12087
        RESERVED
+       - shairport-sync <unfixed> (unimportant)
+       NOTE: Debian build uses Avahi instead
+       NOTE: 
https://bugs.launchpad.net/ubuntu/+source/shairport-sync/+bug/1729668
 CVE-2017-12086
        RESERVED
 CVE-2017-12085 (An exploitable routing vulnerability exists in the Circle with 
Disney ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r57955 - data/CVE

Reply via email to