[Secure-testing-commits] r54177 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Aug 1 12:26:03 UTC 2017
Author: carnil
Date: 2017-08-01 12:26:03 +0000 (Tue, 01 Aug 2017)
New Revision: 54177
Modified:
data/CVE/list
Log:
Add bug reference for CVE-2017-12067/potrace
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-01 11:42:06 UTC (rev 54176)
+++ data/CVE/list 2017-08-01 12:26:03 UTC (rev 54177)
@@ -127,7 +127,7 @@
CVE-2017-12068 (The Event List plugin 0.7.9 for WordPress has XSS in the slug array ...)
TODO: check
CVE-2017-12067 (Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic ...)
- - potrace <unfixed> (unimportant)
+ - potrace <unfixed> (unimportant; bug #870356)
NOTE: https://github.com/hackerlib/hackerlib-vul/tree/master/potrace/heap-buffer-overflow-mkbitmap
NOTE: Crash only in CLI tool mkbitmap, negligible security impact
CVE-2017-12066 (Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in ...)
More information about the Secure-testing-commits
mailing list