[Secure-testing-commits] r54436 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Aug 8 14:17:01 UTC 2017 

Author: carnil
Date: 2017-08-08 14:17:00 +0000 (Tue, 08 Aug 2017)
New Revision: 54436

Modified:
   data/CVE/list
Log:
Add note for unimportant swftools, feedback from upstream

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-08 14:16:50 UTC (rev 54435)
+++ data/CVE/list	2017-08-08 14:17:00 UTC (rev 54436)
@@ -5580,15 +5580,19 @@
 CVE-2017-9927 (In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: No actionable information, just a crash report against a four year old release
+	NOTE: https://github.com/matthiaskramm/swftools/issues/41
 CVE-2017-9926 (In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: No actionable information, just a crash report against a four year old release
+	NOTE: https://github.com/matthiaskramm/swftools/issues/41
 CVE-2017-9925 (In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: No actionable information, just a crash report against a four year old release
+	NOTE: https://github.com/matthiaskramm/swftools/issues/41
 CVE-2017-9924 (In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: No actionable information, just a crash report against a four year old release
+	NOTE: https://github.com/matthiaskramm/swftools/issues/41
 CVE-2017-9923 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow ...)
 	NOT-FOR-US: IrfanView
 CVE-2017-9922 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow ...)
@@ -11348,6 +11352,7 @@
 CVE-2017-8420 (SWFTools 2013-04-09-1007 on Windows has a "Data from Faulting Address ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: No actionable information, just a crash report against a four year old release
+	NOTE: https://github.com/matthiaskramm/swftools/issues/41
 CVE-2017-8419 (LAME through 3.99.5 relies on the signed integer data type for values ...)
 	- lame 3.99.5+repack1-7
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1

More information about the Secure-testing-commits mailing list