[Secure-testing-commits] r54238 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Aug 3 21:02:14 UTC 2017
Author: jmm
Date: 2017-08-03 21:02:14 +0000 (Thu, 03 Aug 2017)
New Revision: 54238
Modified:
data/CVE/list
Log:
links2 unimportant
smplayer no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-03 20:10:34 UTC (rev 54237)
+++ data/CVE/list 2017-08-03 21:02:14 UTC (rev 54238)
@@ -1356,7 +1356,9 @@
CVE-2017-11757 (Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 ...)
NOT-FOR-US: Actian Pervasive PSQL server
CVE-2017-XXXX [executes javascript code downloaded from insecure URL]
- - smplayer <unfixed> (bug #870233)
+ - smplayer <unfixed> (low; bug #870233)
+ [stretch] - smplayer <no-dsa> (Minor issue)
+ [jessie] - smplayer <no-dsa> (Minor issue)
CVE-2017-XXXX [bad free in RelinquishMagickMemory]
- imagemagick 8:6.9.7.4+dfsg-15 (bug #870119)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/621
@@ -3380,7 +3382,7 @@
CVE-2017-11115 (The ExifJpegHUFFTable::deriveTable function in ExifHuffmanTable.cpp in ...)
NOT-FOR-US: OpenExif
CVE-2017-11114 (The put_chars function in html_r.c in Twibright Links 2.14 allows ...)
- - links2 <unfixed> (bug #870299)
+ - links2 <unfixed> (unimportant; bug #870299)
NOTE: PoC: http://seclists.org/fulldisclosure/2017/Jul/76
CVE-2017-11527 (The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 ...)
{DSA-3914-1}
More information about the Secure-testing-commits
mailing list