[Secure-testing-commits] r52166 - data/CVE

Moritz Muehlenhoff Wed, 31 May 2017 13:28:20 -0700

Author: jmm
Date: 2017-05-31 20:28:05 +0000 (Wed, 31 May 2017)
New Revision: 52166


Modified:
   data/CVE/list
Log:
more no-dsa
x265 n/a


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-05-31 20:22:50 UTC (rev 52165)
+++ data/CVE/list       2017-05-31 20:28:05 UTC (rev 52166)
@@ -38,6 +38,8 @@
        - tikiwiki <removed>
 CVE-2017-9304 (libyara/re.c in the regexp module in YARA 3.5.0 allows remote 
attackers ...)
        - yara <unfixed>
+       [stretch] - yara <no-dsa> (Minor issue)
+       [jessie] - yara <no-dsa> (Minor issue)
        NOTE: https://github.com/VirusTotal/yara/issues/674
        NOTE: 
https://github.com/VirusTotal/yara/commit/925bcf3c3b0a28b5b78e25d9efda5c0bf27ae699
 CVE-2016-10395
@@ -591,6 +593,8 @@
        NOTE: 
https://anonscm.debian.org/cgit/pkg-freeradius/freeradius.git/commit/?id=8d681449aa95ee4388b5e3c266bdb070a264f563
 CVE-2017-9147 (LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField 
function in ...)
        - tiff <unfixed> (bug #863185)
+       [stretch] - tiff <no-dsa> (Minor issue)
+       [jessie] - tiff <no-dsa> (Minor issue)
        [wheezy] - tiff <not-affected> (Not reproducible, fixed by former 
update)
        - tiff3 <removed>
        [wheezy] - tiff3 <not-affected> (Not reproducible, fixed by former 
update)
@@ -1182,6 +1186,7 @@
        NOT-FOR-US: Simple Invoices
 CVE-2017-8929 (The sized_string_cmp function in libyara/sizedstr.c in YARA 
3.5.0 ...)
        - yara 3.6.0+dfsg-1
+       [stretch] - yara <no-dsa> (Minor issue)
        [jessie] - yara <no-dsa> (Minor issue)
        NOTE: https://github.com/VirusTotal/yara/issues/658
        NOTE: 
https://github.com/VirusTotal/yara/commit/053e67e3ec81cc9268ce30eaf0d6663d8639ed1e
@@ -1262,7 +1267,7 @@
 CVE-2017-8907
        RESERVED
 CVE-2017-8906 (An integer underflow vulnerability exists in pixel-a.asm, the 
x86 ...)
-       - x265 <unfixed>
+       - x265 <not-affected> (Affected code is not enabled)
        NOTE: 
https://bitbucket.org/multicoreware/x265/issues/345/integer-underflow-in-x265-source-common
 CVE-2017-8902
        RESERVED
@@ -2807,6 +2812,7 @@
        NOTE: https://core.trac.wordpress.org/ticket/25239
 CVE-2017-8294 (libyara/re.c in the regex component in YARA 3.5.0 allows remote 
...)
        - yara <unfixed> (bug #861590)
+       [stretch] - yara <no-dsa> (Minor issue)
        [jessie] - yara <no-dsa> (Minor issue)
        NOTE: https://github.com/VirusTotal/yara/issues/646
        NOTE: 
https://github.com/VirusTotal/yara/commit/83d799804648c2a0895d40a19835d9b757c6fa4e
@@ -9600,8 +9606,10 @@
        NOTE: Fixed by: 
http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commitdiff;h=bfa6b2ecbe48edc69a7d9d22a12419aed25960b8
 CVE-2017-5950 (The SingleDocParser::HandleNode function in yaml-cpp (aka 
LibYaml-C++) ...)
        - yaml-cpp <unfixed> (low; bug #859891)
+       [stretch] - yaml-cpp <no-dsa> (Minor issue)
        [jessie] - yaml-cpp <no-dsa> (Minor issue)
        - yaml-cpp0.3 <unfixed> (low; bug #859892)
+       [stretch] - yaml-cpp0.3 <no-dsa> (Minor issue)
        [jessie] - yaml-cpp0.3 <no-dsa> (Minor issue)
        NOTE: https://github.com/jbeder/yaml-cpp/issues/459
        NOTE: possible fix: https://github.com/jbeder/yaml-cpp/pull/489


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r52166 - data/CVE

Reply via email to