[Secure-testing-commits] r54174 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Aug 1 09:29:41 UTC 2017
Author: carnil
Date: 2017-08-01 09:29:41 +0000 (Tue, 01 Aug 2017)
New Revision: 54174
Modified:
data/CVE/list
Log:
Add CVE-2017-12067/potrace
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-01 09:29:30 UTC (rev 54173)
+++ data/CVE/list 2017-08-01 09:29:41 UTC (rev 54174)
@@ -127,7 +127,8 @@
CVE-2017-12068 (The Event List plugin 0.7.9 for WordPress has XSS in the slug array ...)
TODO: check
CVE-2017-12067 (Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic ...)
- TODO: check
+ - potrace <unfixed>
+ NOTE: https://github.com/hackerlib/hackerlib-vul/tree/master/potrace/heap-buffer-overflow-mkbitmap
CVE-2017-12066 (Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in ...)
- cacti <unfixed>
[stretch] - cacti <not-affected> (Vulnerable code introduced later)
More information about the Secure-testing-commits
mailing list