[Secure-testing-commits] r54684 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Sat Aug 12 15:55:18 UTC 2017


Author: jmm
Date: 2017-08-12 15:55:18 +0000 (Sat, 12 Aug 2017)
New Revision: 54684

Modified:
   data/CVE/list
Log:
jpeg-turbo reported upstream
lucene-solr no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-12 15:49:31 UTC (rev 54683)
+++ data/CVE/list	2017-08-12 15:55:18 UTC (rev 54684)
@@ -8371,6 +8371,7 @@
 	NOT-FOR-US: Cognito Software Moneyworks
 CVE-2017-9614 (The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 ...)
 	- libjpeg-turbo <unfixed> (bug #869927)
+	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/167
 CVE-2017-9613 (Stored Cross-site scripting (XSS) vulnerability in SAP SuccessFactors ...)
 	NOT-FOR-US: SAP SuccessFactors
 CVE-2017-9612 (The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS ...)
@@ -28127,6 +28128,8 @@
 	RESERVED
 	{DLA-1046-1}
 	- lucene-solr <unfixed> (bug #867712)
+	[stretch] - lucene-solr <no-dsa> (Minor issue)
+	[jessie] - lucene-solr <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-10031
 	NOTE: https://github.com/apache/lucene-solr/commit/ae789c252687dc8a18bfdb677f2e6cd14570e4db
 CVE-2017-3162 (HDFS clients interact with a servlet on the DataNode to browse the ...)




More information about the Secure-testing-commits mailing list