Author: jmm Date: 2017-07-13 09:03:34 +0000 (Thu, 13 Jul 2017) New Revision: 53440
Modified: data/CVE/list Log: new libsndfile issue old markdown-it issue Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-07-13 08:13:28 UTC (rev 53439) +++ data/CVE/list 2017-07-13 09:03:34 UTC (rev 53440) @@ -1,3 +1,6 @@ +CVE-2017-XXXX [libsndfile binheader overflow] + - libsndfile 1.0.28-3 + NOTE: https://github.com/erikd/libsndfile/commit/cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8 CVE-2017-11196 (Pulse Connect Secure 8.3R1 has CSRF in logout.cgi. The logout function ...) NOT-FOR-US: Pulse Connect Secure CVE-2017-11195 (Pulse Connect Secure 8.3R1 has Reflected XSS in launchHelp.cgi. The ...) @@ -76965,7 +76968,7 @@ CVE-2015-3296 RESERVED CVE-2015-3295 (markdown-it before 4.1.0 does not block data: URLs. ...) - TODO: check + - ruby-rails-assets-markdown-it 4.2.1-1 CVE-2015-3294 (The tcp_request function in Dnsmasq before 2.73rc4 does not properly ...) {DSA-3251-1 DLA-225-1} - dnsmasq 2.72-3.1 (bug #783459) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits