[Secure-testing-commits] r58223 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Sun Dec 3 09:10:31 UTC 2017
Author: sectracker
Date: 2017-12-03 09:10:31 +0000 (Sun, 03 Dec 2017)
New Revision: 58223
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-03 08:03:43 UTC (rev 58222)
+++ data/CVE/list 2017-12-03 09:10:31 UTC (rev 58223)
@@ -651,7 +651,7 @@
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=79768d63d14fbce6bf7fb4d4a1c86be0c5205eb3
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-48.html
CVE-2017-17082
- RESERVED
+ REJECTED
CVE-2017-17081 (The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 3.4 ...)
- ffmpeg <unfixed>
[stretch] - ffmpeg <postponed> (Can wait for the next 3.2.x release)
@@ -9580,8 +9580,8 @@
[jessie] - poppler <no-dsa> (Minor issue)
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102687
NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=476394e7a025e02e4897da2e765df2c895d0708f
-CVE-2017-14516
- RESERVED
+CVE-2017-14516 (Cross-Site Scripting (XSS) exists in SAP Business Objects Financial ...)
+ TODO: check
CVE-2017-14515 (Heap-based Buffer Overflow on Tenda W15E devices before 15.11.0.14 ...)
NOT-FOR-US: Tenda W15E devices
CVE-2017-14514 (Directory Traversal on Tenda W15E devices before 15.11.0.14 allows ...)
@@ -26449,28 +26449,23 @@
NOTE: https://github.com/dinhviethoa/libetpan/issues/274
CVE-2017-8824
RESERVED
-CVE-2017-8823 [TROVE-2017-013: Use-after-free in onion service v2]
- RESERVED
+CVE-2017-8823 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...)
- tor 0.3.1.9-1
NOTE: https://bugs.torproject.org/24313
NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8822 [TROVE-2017-012: Relays can pick themselves in a circuit path]
- RESERVED
+CVE-2017-8822 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...)
- tor 0.3.1.9-1
NOTE: https://bugs.torproject.org/21534
NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8821 [TROVE-2017-011: An attacker can make Tor ask for a password]
- RESERVED
+CVE-2017-8821 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...)
- tor 0.3.1.9-1
NOTE: https://bugs.torproject.org/24246
NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8820 [TROVE-2017-010: Remote DoS attack against directory authorities]
- RESERVED
+CVE-2017-8820 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...)
- tor 0.3.1.9-1
NOTE: https://bugs.torproject.org/24245
NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8819 [TROVE-2017-009: Replay-cache ineffective for v2 onion services]
- RESERVED
+CVE-2017-8819 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...)
- tor 0.3.1.9-1
NOTE: https://bugs.torproject.org/24244
NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
More information about the Secure-testing-commits
mailing list