[Secure-testing-commits] r50535 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Apr 10 16:57:45 UTC 2017
Author: jmm
Date: 2017-04-10 16:57:44 +0000 (Mon, 10 Apr 2017)
New Revision: 50535
Modified:
data/CVE/list
Log:
vim issues also affect neovim
new heimdal issue
more elfutils no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-10 16:00:34 UTC (rev 50534)
+++ data/CVE/list 2017-04-10 16:57:44 UTC (rev 50535)
@@ -7,18 +7,22 @@
NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ad32986fdf9da1c8748e47b8b45100398223dba8
CVE-2017-7613 (elflint.c in elfutils 0.168 does not validate the number of sections ...)
- elfutils <unfixed> (bug #859990)
+ [jessie] - elfutils <no-dsa> (Minor issue)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21312
NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-memory-allocation-failure-in-xcalloc-xmalloc-c/
CVE-2017-7612 (The check_sysv_hash function in elflint.c in elfutils 0.168 allows ...)
- elfutils <unfixed> (bug #859991)
+ [jessie] - elfutils <no-dsa> (Minor issue)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21311
NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_sysv_hash-elflint-c/
CVE-2017-7611 (The check_symtab_shndx function in elflint.c in elfutils 0.168 allows ...)
- elfutils <unfixed> (bug #859992)
+ [jessie] - elfutils <no-dsa> (Minor issue)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21310
NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_symtab_shndx-elflint-c/
CVE-2017-7610 (The check_group function in elflint.c in elfutils 0.168 allows remote ...)
- elfutils <unfixed> (bug #859993)
+ [jessie] - elfutils <no-dsa> (Minor issue)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21320
NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_group-elflint-c/
CVE-2017-7609 (elf_compress.c in elfutils 0.168 does not validate the zlib compression ...)
@@ -2731,6 +2735,7 @@
RESERVED
CVE-2017-6594
RESERVED
+ - heimdal 7.1.0+dfsg-10
CVE-2017-6593
RESERVED
CVE-2017-6592
@@ -3631,11 +3636,13 @@
{DLA-850-1}
- vim 2:8.0.0197-3 (bug #856266)
[jessie] - vim <no-dsa> (Minor issue, can be fixed via point release)
+ - neovim 0.1.7-4
NOTE: Fixed by: https://github.com/vim/vim/commit/0c8485f0e4931463c0f7986e1ea84a7d79f10c75
CVE-2017-6349 (An integer overflow at a u_read_undo memory allocation site would occur ...)
{DLA-850-1}
- vim 2:8.0.0197-3 (bug #856266)
[jessie] - vim <no-dsa> (Minor issue, can be fixed via point release)
+ - neovim 0.1.7-4
NOTE: Fixed by: https://github.com/vim/vim/commit/3eb1637b1bba19519885dd6d377bd5596e91d22c
CVE-2017-6344 (XML External Entity (XXE) vulnerability in Grails PDF Plugin 0.6 allows ...)
NOT-FOR-US: Grails PDF plugin
@@ -4674,6 +4681,7 @@
CVE-2017-5953 (vim before patch 8.0.0322 does not properly validate values for tree ...)
{DSA-3786-1 DLA-822-1}
- vim 2:8.0.0197-2 (bug #854969)
+ - neovim 0.1.7-4
NOTE: Fixed by https://github.com/vim/vim/commit/399c297aa93afe2c0a39e2a1b3f972aebba44c9d
CVE-2017-5952
RESERVED
More information about the Secure-testing-commits
mailing list