[Secure-testing-commits] r54684 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sat Aug 12 15:55:18 UTC 2017
Author: jmm
Date: 2017-08-12 15:55:18 +0000 (Sat, 12 Aug 2017)
New Revision: 54684
Modified:
data/CVE/list
Log:
jpeg-turbo reported upstream
lucene-solr no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-12 15:49:31 UTC (rev 54683)
+++ data/CVE/list 2017-08-12 15:55:18 UTC (rev 54684)
@@ -8371,6 +8371,7 @@
NOT-FOR-US: Cognito Software Moneyworks
CVE-2017-9614 (The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 ...)
- libjpeg-turbo <unfixed> (bug #869927)
+ NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/167
CVE-2017-9613 (Stored Cross-site scripting (XSS) vulnerability in SAP SuccessFactors ...)
NOT-FOR-US: SAP SuccessFactors
CVE-2017-9612 (The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS ...)
@@ -28127,6 +28128,8 @@
RESERVED
{DLA-1046-1}
- lucene-solr <unfixed> (bug #867712)
+ [stretch] - lucene-solr <no-dsa> (Minor issue)
+ [jessie] - lucene-solr <no-dsa> (Minor issue)
NOTE: https://issues.apache.org/jira/browse/SOLR-10031
NOTE: https://github.com/apache/lucene-solr/commit/ae789c252687dc8a18bfdb677f2e6cd14570e4db
CVE-2017-3162 (HDFS clients interact with a servlet on the DataNode to browse the ...)
More information about the Secure-testing-commits
mailing list