[Secure-testing-commits] r54841 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Fri Aug 18 09:10:14 UTC 2017 

Author: sectracker
Date: 2017-08-18 09:10:14 +0000 (Fri, 18 Aug 2017)
New Revision: 54841

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-18 09:00:55 UTC (rev 54840)
+++ data/CVE/list	2017-08-18 09:10:14 UTC (rev 54841)
@@ -1,3 +1,19 @@
+CVE-2017-12934 (ext/standard/var_unserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x ...)
+	TODO: check
+CVE-2017-12933 (The finish_nested_data function in ext/standard/var_unserializer.re in ...)
+	TODO: check
+CVE-2017-12932 (ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x ...)
+	TODO: check
+CVE-2017-12931
+	RESERVED
+CVE-2017-12930
+	RESERVED
+CVE-2017-12929
+	RESERVED
+CVE-2017-12928
+	RESERVED
+CVE-2017-12926
+	RESERVED
 CVE-2017-12918
 	RESERVED
 CVE-2017-12917
@@ -27,6 +43,7 @@
 CVE-2017-12905
 	RESERVED
 CVE-2017-12904 [RCE in newbeuter when bookmarking malicious article]
+	RESERVED
 	- newsbeuter <unfixed>
 	NOTE: https://github.com/akrennmair/newsbeuter/issues/591
 	NOTE: https://github.com/akrennmair/newsbeuter/commit/96e9506ae9e252c548665152d1b8968297128307
@@ -73,7 +90,7 @@
 CVE-2017-12919
 	RESERVED
 	NOT-FOR-US: libfpx
-CVE-2017-12927 [XSS in spikekill.php via method parameter]
+CVE-2017-12927 (A cross-site scripting vulnerability exists in Cacti 1.1.17 in the ...)
 	- cacti <unfixed> (bug #872478)
 	[stretch] - cacti <not-affected> (Vulnerable code introduced later)
 	[jessie] - cacti <not-affected> (Vulnerable code introduced later)
@@ -4233,6 +4250,7 @@
 CVE-2017-11424
 	RESERVED
 CVE-2017-11423 (The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, ...)
+	{DSA-3946-1}
 	- libmspack 0.6-1 (bug #868956)
 	- clamav 0.99.3~beta1+dfsg-1 (unimportant)
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11873 (not public)
@@ -19129,6 +19147,7 @@
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11798
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/dfc00cd3301a42b571454b51a6102eecf58407bc
 CVE-2017-6419 (mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows ...)
+	{DSA-3946-1}
 	- libmspack 0.6-1 (bug #871263)
 	- clamav 0.99.3~beta1+dfsg-1 (unimportant)
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11701

More information about the Secure-testing-commits mailing list