Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0c1497cd by security tracker role at 2017-12-31T21:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,13 @@
+CVE-2017-18005 (Exiv2 0.26 has a Null Pointer Dereference in the ...)
+ TODO: check
+CVE-2017-18004 (Zurmo 3.2.3 allows XSS via the latitude or longitude parameter
to ...)
+ TODO: check
+CVE-2017-18003
+ RESERVED
+CVE-2017-18002
+ RESERVED
+CVE-2017-18001 (Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows
remote ...)
+ TODO: check
CVE-2016-10704 (Magento Community Edition and Enterprise Edition before 2.0.10
and ...)
NOT-FOR-US: Magento
CVE-2017-18000
@@ -8614,19 +8624,19 @@ CVE-2017-17087 (fileio.c in Vim prior to 8.0.1263 sets
the group ownership of a
CVE-2017-17086 (Indeo Otter through 1.7.4 mishandles a
"</script>" substring in an ...)
NOT-FOR-US: Indeo Otter
CVE-2017-17085 (In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP
Safety ...)
- {DSA-4060-1}
+ {DSA-4060-1 DLA-1226-1}
- wireshark 2.4.3-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14250
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f5939debe96e3c3953c6020818f1fbb80eb83ce8
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-49.html
CVE-2017-17084 (In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA
...)
- {DSA-4060-1}
+ {DSA-4060-1 DLA-1226-1}
- wireshark 2.4.3-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14236
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8502fe94ef9e431860921507e1a351c5e3f5c634
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-47.html
CVE-2017-17083 (In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS
dissector ...)
- {DSA-4060-1}
+ {DSA-4060-1 DLA-1226-1}
- wireshark 2.4.3-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14249
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=79768d63d14fbce6bf7fb4d4a1c86be0c5205eb3
@@ -27037,7 +27047,7 @@ CVE-2017-11409 (In Wireshark 2.0.0 to 2.0.13, the GPRS
LLC dissector could go in
NOTE: after 2.1.0 from upstream. Upstream changed the types in
llc_gprs_dissect_xid
NOTE: in version 2.1.0.
CVE-2017-11408 (In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP
dissector ...)
- {DSA-4060-1}
+ {DSA-4060-1 DLA-1226-1}
- wireshark 2.4.0-1 (bug #870172)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13780
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a102c172b0b2fe231fdb49f4f6694603f5b93b0c
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0c1497cd307eaa0e288d20abd2d17389e509e3fe
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0c1497cd307eaa0e288d20abd2d17389e509e3fe
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
