Author: jmm Date: 2017-11-23 12:26:23 +0000 (Thu, 23 Nov 2017) New Revision: 57955
Modified: data/CVE/list Log: shairpoint non-issue a few no-dsa Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-23 11:50:22 UTC (rev 57954) +++ data/CVE/list 2017-11-23 12:26:23 UTC (rev 57955) @@ -218,6 +218,7 @@ REJECTED CVE-2017-1000203 (ROOT version 6.9.03 and below is vulnerable to an authenticated shell ...) - root-system <removed> + [jessie] - root-system <ignored> (Minor issue) [wheezy] - root-system <ignored> (Minor issue as it's restricted to authenticated users) NOTE: https://github.com/root-project/root/commit/88ccff152604e0f1012653a596d802ff7ede3145#diff-6cd6f6c31bac70116b7ca7abdc8e517e CVE-2017-1000192 (Cygnux sysPass version 2.1.7 and older is vulnerable to a Local File ...) @@ -356,6 +357,8 @@ NOT-FOR-US: EllisLab ExpressionEngine CVE-2017-1000158 (CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow ...) - python2.7 2.7.13-4 + [stretch] - python2.7 <no-dsa> (Minor issue) + [jessie] - python2.7 <no-dsa> (Minor issue) - python2.6 <removed> NOTE: https://bugs.python.org/issue30657 NOTE: https://github.com/python/cpython/commit/c3c9db89273fabc62ea1b48389d9a3000c1c03ae @@ -3356,6 +3359,8 @@ CVE-2016-10517 (networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" ...) {DLA-1161-1} - redis 3:3.2.7-1 + [stretch] - redis <no-dsa> (Minor issue) + [jessie] - redis <no-dsa> (Minor issue) NOTE: https://github.com/antirez/redis/commit/874804da0c014a7d704b3d285aa500098a931f50 CVE-2017-15863 (Cross Site Scripting (XSS) exists in the wp-noexternallinks plugin ...) NOT-FOR-US: WordPress plugin wp-noexternallinks @@ -14231,6 +14236,9 @@ RESERVED CVE-2017-12087 RESERVED + - shairport-sync <unfixed> (unimportant) + NOTE: Debian build uses Avahi instead + NOTE: https://bugs.launchpad.net/ubuntu/+source/shairport-sync/+bug/1729668 CVE-2017-12086 RESERVED CVE-2017-12085 (An exploitable routing vulnerability exists in the Circle with Disney ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits