[Secure-testing-commits] r58272 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-12-05 20:02:09 +0000 (Tue, 05 Dec 2017)
New Revision: 58272

Modified:
   data/CVE/list
Log:
Add CVE-2017-17051/nova

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-05 19:37:27 UTC (rev 58271)
+++ data/CVE/list	2017-12-05 20:02:09 UTC (rev 58272)
@@ -1724,8 +1724,6 @@
 	[jessie] - aubio <not-affected> (Vulnerability introduced in 0.4.3)
 	[wheezy] - aubio <not-affected> (Vulnerability introduced in 0.4.3)
 	NOTE: https://github.com/aubio/aubio/issues/148
-CVE-2017-17051
-	RESERVED
 CVE-2017-17050 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
 CVE-2017-17049 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a ...)
@@ -5513,13 +5511,20 @@
 	RESERVED
 CVE-2017-16240
 	RESERVED
+CVE-2017-17051 [Regression introduced with the fix for OSSA-2017-005 (CVE-2017-16239)]
+	- nova <unfixed>
+	[stretch] - nova <not-affected> (Fix for CVE-2017-16239 not applied and not affecting 14.x.y)
+	[jessie] - nova <not-affected> (Vulnerable code not present)
+	[wheezy] - nova <not-affected> (Vulnerable code not present)
+	NOTE: http://www.openwall.com/lists/oss-security/2017/12/05/5
 CVE-2017-16239 (In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through ...)
 	- nova 2:16.0.3-1 (bug #882009)
 	[jessie] - nova <not-affected> (Vulnerble code introduced later)
 	[wheezy] - nova <not-affected> (Vulnerble code introduced later)
 	NOTE: https://launchpad.net/bugs/1664931
 	NOTE: https://security.openstack.org/ossa/OSSA-2017-005.html
-	NOTE: Regression fix: http://www.openwall.com/lists/oss-security/2017/12/05/4
+	NOTE: Regression fix: http://www.openwall.com/lists/oss-security/2017/12/05/4 got
+	NOTE: a seprate CVE.
 CVE-2017-16238
 	RESERVED
 CVE-2017-16237 (In Vir.IT eXplorer Anti-Virus before 8.5.42, the driver file ...)