Author: sectracker Date: 2017-07-08 21:10:12 +0000 (Sat, 08 Jul 2017) New Revision: 53295
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-07-08 21:03:18 UTC (rev 53294) +++ data/CVE/list 2017-07-08 21:10:12 UTC (rev 53295) @@ -1,3 +1,21 @@ +CVE-2017-11113 (In ncurses 6.0, there is a NULL Pointer Dereference in the ...) + TODO: check +CVE-2017-11112 (In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the ...) + TODO: check +CVE-2017-11111 (In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers ...) + TODO: check +CVE-2017-11110 (The ole_init function in ole.c in catdoc 0.95 allows remote attackers ...) + TODO: check +CVE-2017-11109 (Vim 8.0 allows attackers to cause a denial of service (invalid free) or ...) + TODO: check +CVE-2017-11108 (tcpdump 4.9.0 allows remote attackers to cause a denial of service ...) + TODO: check +CVE-2017-11107 (phpLDAPadmin through 1.2.3 has XSS in htdocs/entry_chooser.php via the ...) + TODO: check +CVE-2017-11106 + RESERVED +CVE-2017-11105 + RESERVED CVE-2017-1000050 [NULL Pointer Dereference jp2_encode (jp2_enc.c)] - jasper <removed> NOTE: http://www.openwall.com/lists/oss-security/2017/03/06/1 @@ -1575,7 +1593,7 @@ RESERVED CVE-2017-9826 RESERVED -CVE-2017-11104 [Improper TSIG validity period check can allow TSIG forgery] +CVE-2017-11104 (Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the ...) - knot <unfixed> (bug #865678) NOTE: https://lists.nic.cz/pipermail/knot-dns-users/2017-June/001144.html NOTE: http://www.synacktiv.ninja/ressources/Knot_DNS_TSIG_Signature_Forgery.pdf @@ -22865,11 +22883,13 @@ RESERVED CVE-2017-3143 [An error in TSIG authentication can permit unauthorized dynamic updates] RESERVED + {DSA-3904-1} - bind9 <unfixed> (bug #866564) NOTE: https://kb.isc.org/article/AA-01503 NOTE: Fixed by (master): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=581c1526ab0f74a177980da9ff0514f795ed8669 CVE-2017-3142 [An error in TSIG authentication can permit unauthorized zone transfers] RESERVED + {DSA-3904-1} - bind9 <unfixed> (bug #866564) NOTE: https://kb.isc.org/article/AA-01504 NOTE: Fixed by (master): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=581c1526ab0f74a177980da9ff0514f795ed8669 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits