[Secure-testing-commits] r58312 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Dec 6 22:41:15 UTC 2017


Author: jmm
Date: 2017-12-06 22:41:15 +0000 (Wed, 06 Dec 2017)
New Revision: 58312

Modified:
   data/CVE/list
Log:
libextractor no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-06 21:55:57 UTC (rev 58311)
+++ data/CVE/list	2017-12-06 22:41:15 UTC (rev 58312)
@@ -217,6 +217,8 @@
 	NOTE: https://bitbucket.org/mpyne/game-music-emu/issues/14/addresssanitizer-negative-size-param-size
 CVE-2017-17440 (GNU Libextractor 1.6 allows remote attackers to cause a denial of ...)
 	- libextractor <unfixed> (bug #883528)
+	[stretch] - libextractor <no-dsa> (Minor issue)
+	[jessie] - libextractor <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=7cc63b001ceaf81143795321379c835486d0c92e
 CVE-2017-17439 (In Heimdal through 7.4, remote unauthenticated attackers are able to ...)
 	- heimdal <unfixed> (bug #878144)
@@ -6887,6 +6889,8 @@
 CVE-2017-15922 (In GNU Libextractor 1.4, there is an out-of-bounds read in the ...)
 	{DLA-1198-1}
 	- libextractor <unfixed> (low; bug #880016)
+	[stretch] - libextractor <no-dsa> (Minor issue)
+	[jessie] - libextractor <no-dsa> (Minor issue)
 	NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html
 	NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=d4d488b0e5ab13dda241d688d87a07816368f117
 CVE-2017-15921 (In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro ...)
@@ -7629,17 +7633,23 @@
 	RESERVED
 CVE-2017-15602 (In GNU Libextractor 1.4, there is an integer signedness error for the ...)
 	{DLA-1198-1}
-	- libextractor 1:1.6-1
+	- libextractor 1:1.6-1 (low)
+	[stretch] - libextractor <no-dsa> (Minor issue)
+	[jessie] - libextractor <no-dsa> (Minor issue)
 	NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html
 	NOTE: Fixed by https://gnunet.org/git/libextractor.git/commit/?id=ffab889c1710c7646af9ed360c796a2a0a619efc
 CVE-2017-15601 (In GNU Libextractor 1.4, there is a heap-based buffer overflow in the ...)
 	{DLA-1198-1}
-	- libextractor 1:1.6-1
+	- libextractor 1:1.6-1 (low)
+	[stretch] - libextractor <no-dsa> (Minor issue)
+	[jessie] - libextractor <no-dsa> (Minor issue)
 	NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html
 	NOTE: Fixed by https://gnunet.org/git/libextractor.git/commit/?id=f813535dad4ad860b989952a46266a1469801091
 CVE-2017-15600 (In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the ...)
 	{DLA-1198-1}
-	- libextractor 1:1.6-1
+	- libextractor 1:1.6-1 (low)
+	[stretch] - libextractor <no-dsa> (Minor issue)
+	[jessie] - libextractor <no-dsa> (Minor issue)
 	NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1501695
 	NOTE: Fixed by https://gnunet.org/git/libextractor.git/commit/?id=38e8933539ee9d044057b18a971c2eae3c21aba7




More information about the Secure-testing-commits mailing list