[Secure-testing-commits] r55116 - data/CVE

Sat Aug 26 21:10:17 UTC 2017

Author: sectracker
Date: 2017-08-26 21:10:17 +0000 (Sat, 26 Aug 2017)
New Revision: 55116

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-08-26 20:52:32 UTC (rev 55115)
+++ data/CVE/list	2017-08-26 21:10:17 UTC (rev 55116)
@@ -5371,6 +5371,7 @@
 CVE-2017-11629 (dayrui FineCms through 5.0.10 has Cross Site Scripting (XSS) in ...)
 	NOT-FOR-US: FineCMS
 CVE-2017-11628 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a ...)
+	{DLA-1066-1}
 	- php7.1 7.1.8-1 (low)
 	- php7.0 7.0.22-1 (low)
 	- php5 <removed> (low)
@@ -5554,18 +5555,22 @@
 CVE-2017-11578
 	RESERVED
 CVE-2017-11577 (FontForge 20161012 is vulnerable to a buffer over-read in getsid ...)
+	{DLA-1065-1}
 	- fontforge <unfixed> (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3088
 	NOTE: https://github.com/fontforge/fontforge/commit/3245d354865def9d712bdffe61fa211ad6aa4081
 CVE-2017-11576 (FontForge 20161012 does not ensure a positive size in a weight vector ...)
+	{DLA-1065-1}
 	- fontforge <unfixed> (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3091
 	NOTE: https://github.com/fontforge/fontforge/commit/df349365630344ef3004a3c7934c7e7496692fb1
 CVE-2017-11575 (FontForge 20161012 is vulnerable to a buffer over-read in strnmatch ...)
+	{DLA-1065-1}
 	- fontforge <unfixed> (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3096
 	NOTE: https://github.com/fontforge/fontforge/commit/4de0c58a01e5e30610c200e9aea98bc7db12c7ac
 CVE-2017-11574 (FontForge 20161012 is vulnerable to a heap-based buffer overflow in ...)
+	{DLA-1065-1}
 	- fontforge <unfixed> (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3090
 	NOTE: https://github.com/fontforge/fontforge/commit/62b6433a81ee7ed6e0ac2d6b09ac85b885046ac3
@@ -5573,9 +5578,11 @@
 	- fontforge <unfixed> (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3098
 CVE-2017-11572 (FontForge 20161012 is vulnerable to a heap-based buffer over-read in ...)
+	{DLA-1065-1}
 	- fontforge <unfixed> (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3092
 CVE-2017-11571 (FontForge 20161012 is vulnerable to a stack-based buffer overflow in ...)
+	{DLA-1065-1}
 	- fontforge <unfixed> (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3087
 	NOTE: https://github.com/fontforge/fontforge/commit/5a0c6522682b0788fc478dd159dd6168cb5fa38b
@@ -5583,10 +5590,12 @@
 	- fontforge <unfixed> (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3097
 CVE-2017-11569 (FontForge 20161012 is vulnerable to a heap-based buffer over-read in ...)
+	{DLA-1065-1}
 	- fontforge <unfixed> (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3093
 	NOTE: https://github.com/fontforge/fontforge/commit/7bfec47910293bf149b8debe44c6f3f788506092
 CVE-2017-11568 (FontForge 20161012 is vulnerable to a heap-based buffer over-read in ...)
+	{DLA-1065-1}
 	- fontforge <unfixed> (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3089
 CVE-2017-11567
@@ -17250,7 +17259,7 @@
 CVE-2017-7556 (Hawtio versions up to and including 1.5.3 are vulnerable to CSRF ...)
 	NOT-FOR-US: hawtio
 CVE-2017-7555 (Augeas versions up to and including 1.8.0 are vulnerable to heap-based ...)
-	{DSA-3949-1}
+	{DSA-3949-1 DLA-1067-1}
 	- augeas 1.8.1-1 (bug #872400)
 	NOTE: https://github.com/hercules-team/augeas/pull/480
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1478373
@@ -29380,7 +29389,7 @@
 CVE-2017-3654
 	RESERVED
 CVE-2017-3653 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	{DSA-3944-1 DSA-3922-1 DLA-1043-1}
+	{DSA-3955-1 DSA-3944-1 DSA-3922-1 DLA-1043-1}
 	- mariadb-10.1 10.1.26-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 <unfixed> (bug #868798)
@@ -29422,7 +29431,7 @@
 	- mysql-5.7 <unfixed> (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 CVE-2017-3641 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	{DSA-3944-1 DSA-3922-1 DLA-1043-1}
+	{DSA-3955-1 DSA-3944-1 DSA-3922-1 DLA-1043-1}
 	- mariadb-10.1 10.1.26-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 <unfixed> (bug #868798)
@@ -29440,7 +29449,7 @@
 	- mysql-5.7 <unfixed> (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 CVE-2017-3636 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	{DSA-3944-1 DSA-3922-1 DLA-1043-1}
+	{DSA-3955-1 DSA-3944-1 DSA-3922-1 DLA-1043-1}
 	- mariadb-10.1 10.1.26-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 <not-affected> (Only affects MySQL 5.5 and 5.6)


