[Secure-testing-commits] r54364 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Aug 6 17:31:35 UTC 2017
Author: carnil
Date: 2017-08-06 17:31:35 +0000 (Sun, 06 Aug 2017)
New Revision: 54364
Modified:
data/CVE/list
Log:
mark swftools as unimportant
We trated the other CLI crashes as unimportant, since hardly a security
impact (or at most for services using swftools exposed). If you disagree
let me know and we can revisit those two updates. Still filling a bug
for the maintainer for CVE-2017-11099 since verified.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-06 15:45:52 UTC (rev 54363)
+++ data/CVE/list 2017-08-06 17:31:35 UTC (rev 54364)
@@ -3909,10 +3909,10 @@
- swftools <unfixed> (unimportant)
NOTE: https://github.com/matthiaskramm/swftools/issues/27
CVE-2017-11099 (When SWFTools 0.9.2 processes a crafted file in wav2swf, it can lead to ...)
- - swftools <unfixed>
+ - swftools <unfixed> (unimportant)
NOTE: https://github.com/matthiaskramm/swftools/issues/31
CVE-2017-11098 (When SWFTools 0.9.2 processes a crafted file in png2swf, it can lead to ...)
- - swftools <unfixed>
+ - swftools <unfixed> (unimportant)
NOTE: https://github.com/matthiaskramm/swftools/issues/32
CVE-2017-11097 (When SWFTools 0.9.2 processes a crafted file in swfc, it can lead to a ...)
- swftools <unfixed> (unimportant)
More information about the Secure-testing-commits
mailing list