[Secure-testing-commits] r55234 - data/CVE

Raphaël Hertzog hertzog at moszumanska.debian.org
Wed Aug 30 13:44:17 UTC 2017 

Author: hertzog
Date: 2017-08-30 13:44:17 +0000 (Wed, 30 Aug 2017)
New Revision: 55234

Modified:
   data/CVE/list
Log:
Mark all ncurses CVE as ignored on wheezy

They all affect (pretty much unknown) command-line tools that you are
unlikely to use with untrusted input.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-30 13:29:27 UTC (rev 55233)
+++ data/CVE/list	2017-08-30 13:44:17 UTC (rev 55234)
@@ -138,24 +138,31 @@
 	TODO: check
 CVE-2017-13734 (There is an illegal address access in the _nc_safe_strcat function in ...)
 	- ncurses <unfixed>
+	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484291
 CVE-2017-13733 (There is an illegal address access in the fmt_entry function in ...)
 	- ncurses <unfixed>
+	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484290
 CVE-2017-13732 (There is an illegal address access in the function dump_uses() in ...)
 	- ncurses <unfixed>
+	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484287
 CVE-2017-13731 (There is an illegal address access in the function ...)
 	- ncurses <unfixed>
+	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484285
 CVE-2017-13730 (There is an illegal address access in the function ...)
 	- ncurses <unfixed>
+	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484284
 CVE-2017-13729 (There is an illegal address access in the _nc_save_str function in ...)
 	- ncurses <unfixed>
+	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484276
 CVE-2017-13728 (There is an infinite loop in the next_char function in comp_scan.c in ...)
 	- ncurses <unfixed>
+	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484274
 CVE-2017-13727 (There is a reachable assertion abort in the function ...)
 	- tiff <unfixed>

More information about the Secure-testing-commits mailing list