[Secure-testing-commits] r51016 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Apr 25 04:28:04 UTC 2017
Author: carnil
Date: 2017-04-25 04:28:04 +0000 (Tue, 25 Apr 2017)
New Revision: 51016
Modified:
data/CVE/list
Log:
Update information for one freetype issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-25 04:27:51 UTC (rev 51015)
+++ data/CVE/list 2017-04-25 04:28:04 UTC (rev 51016)
@@ -3,7 +3,10 @@
NOTE: Introduced by: https://git.kernel.org/linus/bfd0a56b90005f8c8a004baf407ad90045c2b11e (3.12-rc1)
NOTE: Fixed by: https://git.kernel.org/linus/4b855078601fc422dbac3059f2215e776f49780f (3.16-rc4)
CVE-2017-8105 (FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a ...)
- TODO: check
+ - freetype <undetermined>
+ NOTE: Fixed by: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791
+ NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
+ TODO: check, possibly affected only some head version
CVE-2017-8104 (In MyBB before 1.8.11, the smilie module allows Directory Traversal via ...)
TODO: check
CVE-2017-8103 (In MyBB before 1.8.11, the Email MyCode component allows XSS, as ...)
More information about the Secure-testing-commits
mailing list