[Secure-testing-commits] r51056 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Apr 26 06:21:33 UTC 2017
Author: carnil
Date: 2017-04-26 06:21:33 +0000 (Wed, 26 Apr 2017)
New Revision: 51056
Modified:
data/CVE/list
Log:
CVE-2017-8105 checked with upstream confirmation
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-26 06:13:48 UTC (rev 51055)
+++ data/CVE/list 2017-04-26 06:21:33 UTC (rev 51056)
@@ -247,10 +247,9 @@
NOTE: Introduced by: https://git.kernel.org/linus/bfd0a56b90005f8c8a004baf407ad90045c2b11e (3.12-rc1)
NOTE: Fixed by: https://git.kernel.org/linus/4b855078601fc422dbac3059f2215e776f49780f (3.16-rc4)
CVE-2017-8105 (FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a ...)
- - freetype <undetermined>
+ - freetype <unfixed>
NOTE: Fixed by: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
- TODO: check, possibly affected only some head version
CVE-2017-8104 (In MyBB before 1.8.11, the smilie module allows Directory Traversal via ...)
NOT-FOR-US: MyBB
CVE-2017-8103 (In MyBB before 1.8.11, the Email MyCode component allows XSS, as ...)
More information about the Secure-testing-commits
mailing list