[Secure-testing-commits] r54205 - data/CVE

Wed, 02 Aug 2017 09:48:13 -0700 

Author: jmm
Date: 2017-08-02 16:47:32 +0000 (Wed, 02 Aug 2017)
New Revision: 54205

Modified:
   data/CVE/list
Log:
NFUs
new libquicktime issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-08-02 13:47:52 UTC (rev 54204)
+++ data/CVE/list       2017-08-02 16:47:32 UTC (rev 54205)
@@ -6,9 +6,9 @@
        NOTE: https://github.com/varnishcache/varnish-cache/issues/2379
        NOTE: 
https://github.com/varnishcache/varnish-cache/commit/09731b24b2225e3c0d66d3ec1b4fedef6fa22b6e
 CVE-2017-12200 (The Etoile Ultimate Product Catalog plugin 4.2.11 for 
WordPress has XSS ...)
-       TODO: check
+       NOT-FOR-US: Wordpress plugin
 CVE-2017-12199 (The Etoile Ultimate Product Catalog plugin 4.2.11 for 
WordPress has SQL ...)
-       TODO: check
+       NOT-FOR-US: Wordpress plugin
 CVE-2017-12198
        RESERVED
 CVE-2017-12197
@@ -116,12 +116,14 @@
 CVE-2017-12146
        RESERVED
 CVE-2017-12145 (In libquicktime 1.2.4, an allocation failure was found in the 
function ...)
-       TODO: check
+       - libquicktime <unfixed> (unimportant)
+       NOTE: Negligable security impact
 CVE-2017-12144 (In ytnef 1.9.2, an allocation failure was found in the 
function ...)
        - libytnef <unfixed>
        NOTE: https://github.com/Yeraze/ytnef/issues/51
 CVE-2017-12143 (In libquicktime 1.2.4, an allocation failure was found in the 
function ...)
-       TODO: check
+       - libquicktime <unfixed> (unimportant)
+       NOTE: Negligable security impact
 CVE-2017-12142 (In ytnef 1.9.2, an invalid memory read vulnerability was found 
in the ...)
        - libytnef <unfixed>
        NOTE: https://github.com/Yeraze/ytnef/issues/49
@@ -134,9 +136,9 @@
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/94933146cb2d9d95889a385f08d5eb5f92d4e3cd
        NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/6bf56fbe1fc551f198c3491ed58d56bb5efea23c
 CVE-2017-12139 (XOOPS Core 2.5.8 has stored XSS in imagemanager.php because of 
missing ...)
-       TODO: check
+       NOT-FOR-US: XOOPS
 CVE-2017-12138 (XOOPS Core 2.5.8 has a stored URL redirect bypass 
vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: XOOPS
 CVE-2017-12137
        RESERVED
 CVE-2017-12136


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to