[Secure-testing-commits] r55187 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Aug 29 10:31:17 UTC 2017 

Author: jmm
Date: 2017-08-29 10:31:17 +0000 (Tue, 29 Aug 2017)
New Revision: 55187

Modified:
   data/CVE/list
Log:
new liblouis issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-29 10:22:28 UTC (rev 55186)
+++ data/CVE/list	2017-08-29 10:31:17 UTC (rev 55187)
@@ -26,19 +26,40 @@
 	- jasper <removed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485274
 CVE-2017-13744 (There is an illegal address access in the function _lou_getALine() in ...)
-	TODO: check
+	- liblouis <unfixed> (low)
+	[stretch] - liblouis <no-dsa> (Minor issue)
+	[jessie] - liblouis <no-dsa> (Minor issue)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484338
 CVE-2017-13743 (There is a buffer overflow in Liblouis 3.2.0, triggered in the function ...)
-	TODO: check
+	- liblouis <unfixed> (low)
+	[stretch] - liblouis <no-dsa> (Minor issue)
+	[jessie] - liblouis <no-dsa> (Minor issue)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484335
 CVE-2017-13742 (There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in ...)
-	TODO: check
+	- liblouis <unfixed> (low)
+	[stretch] - liblouis <no-dsa> (Minor issue)
+	[jessie] - liblouis <no-dsa> (Minor issue)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484334
 CVE-2017-13741 (There is a use-after-free in the function compileBrailleIndicator() in ...)
-	TODO: check
+	- liblouis <unfixed> (low)
+	[stretch] - liblouis <no-dsa> (Minor issue)
+	[jessie] - liblouis <no-dsa> (Minor issue)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484332
 CVE-2017-13740 (There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in ...)
-	TODO: check
+	- liblouis <unfixed> (low)
+	[stretch] - liblouis <no-dsa> (Minor issue)
+	[jessie] - liblouis <no-dsa> (Minor issue)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484306
 CVE-2017-13739 (There is a heap-based buffer overflow that causes a more than two ...)
-	TODO: check
+	- liblouis <unfixed> (low)
+	[stretch] - liblouis <no-dsa> (Minor issue)
+	[jessie] - liblouis <no-dsa> (Minor issue)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484299
 CVE-2017-13738 (There is an illegal address access in the _lou_getALine function in ...)
-	TODO: check
+	- liblouis <unfixed> (low)
+	[stretch] - liblouis <no-dsa> (Minor issue)
+	[jessie] - liblouis <no-dsa> (Minor issue)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484297
 CVE-2017-13737 (There is an invalid free in the MagickFree function in magick/memory.c ...)
 	TODO: check
 CVE-2017-13736 (There are lots of memory leaks in the GMCommand function in ...)

More information about the Secure-testing-commits mailing list