[Secure-testing-commits] r58223 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sun Dec 3 09:10:31 UTC 2017


Author: sectracker
Date: 2017-12-03 09:10:31 +0000 (Sun, 03 Dec 2017)
New Revision: 58223

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-03 08:03:43 UTC (rev 58222)
+++ data/CVE/list	2017-12-03 09:10:31 UTC (rev 58223)
@@ -651,7 +651,7 @@
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=79768d63d14fbce6bf7fb4d4a1c86be0c5205eb3
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-48.html
 CVE-2017-17082
-	RESERVED
+	REJECTED
 CVE-2017-17081 (The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 3.4 ...)
 	- ffmpeg <unfixed>
 	[stretch] - ffmpeg <postponed> (Can wait for the next 3.2.x release)
@@ -9580,8 +9580,8 @@
 	[jessie] - poppler <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102687
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=476394e7a025e02e4897da2e765df2c895d0708f
-CVE-2017-14516
-	RESERVED
+CVE-2017-14516 (Cross-Site Scripting (XSS) exists in SAP Business Objects Financial ...)
+	TODO: check
 CVE-2017-14515 (Heap-based Buffer Overflow on Tenda W15E devices before 15.11.0.14 ...)
 	NOT-FOR-US: Tenda W15E devices
 CVE-2017-14514 (Directory Traversal on Tenda W15E devices before 15.11.0.14 allows ...)
@@ -26449,28 +26449,23 @@
 	NOTE: https://github.com/dinhviethoa/libetpan/issues/274
 CVE-2017-8824
 	RESERVED
-CVE-2017-8823 [TROVE-2017-013: Use-after-free in onion service v2]
-	RESERVED
+CVE-2017-8823 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...)
 	- tor 0.3.1.9-1
 	NOTE: https://bugs.torproject.org/24313
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8822 [TROVE-2017-012: Relays can pick themselves in a circuit path]
-	RESERVED
+CVE-2017-8822 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...)
 	- tor 0.3.1.9-1
 	NOTE: https://bugs.torproject.org/21534
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8821 [TROVE-2017-011: An attacker can make Tor ask for a password]
-	RESERVED
+CVE-2017-8821 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...)
 	- tor 0.3.1.9-1
 	NOTE: https://bugs.torproject.org/24246
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8820 [TROVE-2017-010: Remote DoS attack against directory authorities]
-	RESERVED
+CVE-2017-8820 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...)
 	- tor 0.3.1.9-1
 	NOTE: https://bugs.torproject.org/24245
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8819 [TROVE-2017-009: Replay-cache ineffective for v2 onion services]
-	RESERVED
+CVE-2017-8819 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...)
 	- tor 0.3.1.9-1
 	NOTE: https://bugs.torproject.org/24244
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516




More information about the Secure-testing-commits mailing list