[Secure-testing-commits] r56127 - data/CVE

Mon, 25 Sep 2017 05:23:24 -0700 

Author: agx
Date: 2017-09-25 12:23:01 +0000 (Mon, 25 Sep 2017)
New Revision: 56127

Modified:
   data/CVE/list
Log:
sam2p: the upstream bug matches 6 CVEs, add a mapping

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-09-25 11:45:59 UTC (rev 56126)
+++ data/CVE/list       2017-09-25 12:23:01 UTC (rev 56127)
@@ -205,10 +205,10 @@
        NOT-FOR-US: Bento4
 CVE-2017-14637 (In sam2p 0.49.3, there is an invalid read of size 2 in the 
parse_rgb ...)
        - sam2p <removed>
-       NOTE: https://github.com/pts/sam2p/issues/14
+       NOTE: https://github.com/pts/sam2p/issues/14 (bug 5)
 CVE-2017-14636 (Because of an integer overflow in sam2p 0.49.3, a loop 
executes ...)
        - sam2p <removed>
-       NOTE: https://github.com/pts/sam2p/issues/14
+       NOTE: https://github.com/pts/sam2p/issues/14 (bug 4)
 CVE-2017-14635 (In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x 
before ...)
        - otrs2 <unfixed> (bug #876462)
        NOTE: Commit 5.x: 
https://github.com/OTRS/otrs/commit/a4093dc404fcbd87b235b31c72913141672f2a85
@@ -232,16 +232,16 @@
        NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2328
 CVE-2017-14631 (In sam2p 0.49.3, the pcxLoadRaster function in in_pcx.cpp has 
an ...)
        - sam2p <removed>
-       NOTE: https://github.com/pts/sam2p/issues/14
+       NOTE: https://github.com/pts/sam2p/issues/14 (bug 1)
 CVE-2017-14630 (In sam2p 0.49.3, an integer overflow exists in the 
pcxLoadImage24 ...)
        - sam2p <removed>
-       NOTE: https://github.com/pts/sam2p/issues/14
+       NOTE: https://github.com/pts/sam2p/issues/14 (bug 6)
 CVE-2017-14629 (In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has 
an ...)
        - sam2p <removed>
-       NOTE: https://github.com/pts/sam2p/issues/14
+       NOTE: https://github.com/pts/sam2p/issues/14 (bug 3)
 CVE-2017-14628 (In sam2p 0.49.3, a heap-based buffer overflow exists in the 
...)
        - sam2p <removed>
-       NOTE: https://github.com/pts/sam2p/issues/14
+       NOTE: https://github.com/pts/sam2p/issues/14 (bug 2)
 CVE-2017-14627 (Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow 
remote ...)
        NOT-FOR-US: CyberLink LabelPrint
 CVE-2017-14626 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference 
vulnerability in ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to