[Secure-testing-commits] r50278 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Apr 3 09:42:29 UTC 2017 

Author: jmm
Date: 2017-04-03 09:42:29 +0000 (Mon, 03 Apr 2017)
New Revision: 50278

Modified:
   data/CVE/list
Log:
new issues in yara and webkit


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-03 09:39:10 UTC (rev 50277)
+++ data/CVE/list	2017-04-03 09:42:29 UTC (rev 50278)
@@ -3726,7 +3726,8 @@
 CVE-2017-6063
 	RESERVED
 CVE-2016-10226 (JavaScriptCore in WebKit, as distributed in Safari Technology Preview ...)
-	TODO: check
+	- webkitgtk <unfixed> (unimportant)
+	NOTE: Not covered by security support
 CVE-2017-6061 (Cross-site scripting (XSS) vulnerability in the help component of SAP ...)
 	NOT-FOR-US: SAP
 CVE-2017-6060 (Stack-based buffer overflow in jstest_main.c in mujstest in Artifex ...)
@@ -4059,7 +4060,8 @@
 CVE-2017-5950 (The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) ...)
 	TODO: check
 CVE-2017-5949 (JavaScriptCore in WebKit, as distributed in Safari Technology Preview ...)
-	TODO: check
+	- webkitgtk <unfixed> (unimportant)
+	NOTE: Not covered by security support
 CVE-2017-5948
 	RESERVED
 CVE-2017-5947
@@ -4078,7 +4080,8 @@
 CVE-2017-5942 (An issue was discovered in the WP Mail plugin before 1.2 for WordPress. ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2016-10222 (runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in ...)
-	TODO: check
+	- webkitgtk <unfixed> (unimportant)
+	NOTE: Not covered by security support
 CVE-2016-10221 (The count_entries function in pdf-layer.c in Artifex Software, Inc. ...)
 	TODO: check
 CVE-2016-10220 (The gs_makewordimagedevice function in base/gsdevmem.c in Artifex ...)
@@ -4151,9 +4154,9 @@
 CVE-2017-5925 (Page table walks conducted by the MMU during virtual to physical ...)
 	NOT-FOR-US: Hardware issue in some Intel CPUs
 CVE-2017-5924 (libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a ...)
-	TODO: check
+	- yara <unfixed>
 CVE-2017-5923 (libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a ...)
-	TODO: check
+	- yara <unfixed>
 CVE-2017-5922
 	RESERVED
 CVE-2017-5921
@@ -4161,9 +4164,9 @@
 CVE-2017-5920
 	RESERVED
 CVE-2016-10211 (libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a ...)
-	TODO: check
+	- yara <unfixed>
 CVE-2016-10210 (libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial ...)
-	TODO: check
+	- yara <unfixed>
 CVE-2016-10209 (The archive_wstring_append_from_mbs function in archive_string.c in ...)
 	TODO: check
 CVE-2017-5919

More information about the Secure-testing-commits mailing list