[Secure-testing-commits] r54205 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Aug 2 16:47:32 UTC 2017
Author: jmm
Date: 2017-08-02 16:47:32 +0000 (Wed, 02 Aug 2017)
New Revision: 54205
Modified:
data/CVE/list
Log:
NFUs
new libquicktime issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-02 13:47:52 UTC (rev 54204)
+++ data/CVE/list 2017-08-02 16:47:32 UTC (rev 54205)
@@ -6,9 +6,9 @@
NOTE: https://github.com/varnishcache/varnish-cache/issues/2379
NOTE: https://github.com/varnishcache/varnish-cache/commit/09731b24b2225e3c0d66d3ec1b4fedef6fa22b6e
CVE-2017-12200 (The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has XSS ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2017-12199 (The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQL ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2017-12198
RESERVED
CVE-2017-12197
@@ -116,12 +116,14 @@
CVE-2017-12146
RESERVED
CVE-2017-12145 (In libquicktime 1.2.4, an allocation failure was found in the function ...)
- TODO: check
+ - libquicktime <unfixed> (unimportant)
+ NOTE: Negligable security impact
CVE-2017-12144 (In ytnef 1.9.2, an allocation failure was found in the function ...)
- libytnef <unfixed>
NOTE: https://github.com/Yeraze/ytnef/issues/51
CVE-2017-12143 (In libquicktime 1.2.4, an allocation failure was found in the function ...)
- TODO: check
+ - libquicktime <unfixed> (unimportant)
+ NOTE: Negligable security impact
CVE-2017-12142 (In ytnef 1.9.2, an invalid memory read vulnerability was found in the ...)
- libytnef <unfixed>
NOTE: https://github.com/Yeraze/ytnef/issues/49
@@ -134,9 +136,9 @@
NOTE: https://github.com/ImageMagick/ImageMagick/commit/94933146cb2d9d95889a385f08d5eb5f92d4e3cd
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6bf56fbe1fc551f198c3491ed58d56bb5efea23c
CVE-2017-12139 (XOOPS Core 2.5.8 has stored XSS in imagemanager.php because of missing ...)
- TODO: check
+ NOT-FOR-US: XOOPS
CVE-2017-12138 (XOOPS Core 2.5.8 has a stored URL redirect bypass vulnerability in ...)
- TODO: check
+ NOT-FOR-US: XOOPS
CVE-2017-12137
RESERVED
CVE-2017-12136
More information about the Secure-testing-commits
mailing list