Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
064fef0c by Moritz Muehlenhoff at 2018-04-12T20:50:40+02:00
new r-cran-readxl issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -42226,9 +42226,11 @@ CVE-2017-12113 (An exploitable improper authorization
vulnerability exists in ..
CVE-2017-12112 (An exploitable improper authorization vulnerability exists in
...)
- cpp-ethereum <itp> (bug #860434)
CVE-2017-12111 (An exploitable out-of-bounds vulnerability exists in the
xls_addCell ...)
- TODO: check, libxls is not packaged in Debian, but embedded in
r-cran-readxl
+ - r-cran-readxl <unfixed> (bug #895564)
+ NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0463
CVE-2017-12110 (An exploitable integer overflow vulnerability exists in the
...)
- TODO: check, libxls is not packaged in Debian, but embedded in
r-cran-readxl
+ - r-cran-readxl <unfixed> (bug #895564)
+ NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0462
CVE-2017-12109
RESERVED
CVE-2017-12108
@@ -70790,7 +70792,8 @@ CVE-2017-2921 (An exploitable memory corruption
vulnerability exists in the Webs
CVE-2017-2920 (An memory corruption vulnerability exists in the .SVG parsing
...)
NOT-FOR-US: Computerinsel Photoline
CVE-2017-2919 (An exploitable stack based buffer overflow vulnerability exists
in the ...)
- TODO: check, libxls is not packaged in Debian, but embedded in
r-cran-readxl
+ - r-cran-readxl <unfixed> (bug #895564)
+ NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0426
CVE-2017-2918
RESERVED
CVE-2017-2917 (An exploitable vulnerability exists in the notifications
functionality ...)
@@ -70835,9 +70838,11 @@ CVE-2017-2899
CVE-2017-2898 (An exploitable vulnerability exists in the signature
verification of ...)
NOT-FOR-US: Circle with Disney
CVE-2017-2897 (An exploitable out-of-bounds write vulnerability exists in the
...)
- TODO: check, libxls is not packaged in Debian, but embedded in
r-cran-readxl
+ - r-cran-readxl <unfixed> (bug #895564)
+ NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0404
CVE-2017-2896 (An exploitable out-of-bounds write vulnerability exists in the
...)
- TODO: check, libxls is not packaged in Debian, but embedded in
r-cran-readxl
+ - r-cran-readxl <unfixed> (bug #895564)
+ NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0403
CVE-2017-2895 (An exploitable arbitrary memory read vulnerability exists in
the MQTT ...)
NOT-FOR-US: Cesanta Mongoose
TODO: check smplayer, embeds it
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/064fef0cae91a3ce8d0ce4d5d15af8216b0ab562
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/064fef0cae91a3ce8d0ce4d5d15af8216b0ab562
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
