[Secure-testing-commits] r58316 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu Dec 7 09:10:16 UTC 2017
Author: sectracker
Date: 2017-12-07 09:10:16 +0000 (Thu, 07 Dec 2017)
New Revision: 58316
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-07 09:10:07 UTC (rev 58315)
+++ data/CVE/list 2017-12-07 09:10:16 UTC (rev 58316)
@@ -1,3 +1,23 @@
+CVE-2017-17457 (The function d2ulaw_array() in ulaw.c of libsndfile 1.0.29pre1 may lead ...)
+ TODO: check
+CVE-2017-17456 (The function d2alaw_array() in alaw.c of libsndfile 1.0.29pre1 may lead ...)
+ TODO: check
+CVE-2017-17455
+ RESERVED
+CVE-2017-17454
+ RESERVED
+CVE-2017-17453
+ RESERVED
+CVE-2017-17452
+ RESERVED
+CVE-2017-17451 (The WP Mailster plugin before 1.5.5 for WordPress has XSS in the ...)
+ TODO: check
+CVE-2017-17450 (net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not ...)
+ TODO: check
+CVE-2017-17449 (The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in ...)
+ TODO: check
+CVE-2017-17448 (net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 ...)
+ TODO: check
CVE-2018-1280
RESERVED
CVE-2018-1279
@@ -223,6 +243,7 @@
[jessie] - libextractor <no-dsa> (Minor issue)
NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=7cc63b001ceaf81143795321379c835486d0c92e
CVE-2017-17439 (In Heimdal through 7.4, remote unauthenticated attackers are able to ...)
+ {DSA-4055-1}
- heimdal <unfixed> (bug #878144)
[jessie] - heimdal <not-affected> (Vulnerability introduced in 7.0)
[wheezy] - heimdal <not-affected> (Vulnerability introduced in 7.0)
@@ -233,10 +254,10 @@
RESERVED
CVE-2017-17437
RESERVED
-CVE-2017-17436
- RESERVED
-CVE-2017-17435
- RESERVED
+CVE-2017-17436 (An issue was discovered in the software on Vaultek Gun Safe VT20i ...)
+ TODO: check
+CVE-2017-17435 (An issue was discovered in the software on Vaultek Gun Safe VT20i ...)
+ TODO: check
CVE-2017-17434 (The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, ...)
- rsync <unfixed> (bug #883665)
NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=5509597decdbd7b91994210f700329d8a35e70a1
@@ -246,8 +267,8 @@
NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=3e06d40029cfdce9d0f73d87cfd4edaf54be9c51
CVE-2017-17431 (GeniXCMS 1.1.5 has XSS via the from, id, lang, menuid, mod, q, status, ...)
NOT-FOR-US: GeniXCMS
-CVE-2017-17430
- RESERVED
+CVE-2017-17430 (Sangoma NetBorder / Vega Session Controller before 2.3.12-80-GA allows ...)
+ TODO: check
CVE-2017-17429
RESERVED
CVE-2017-17428
@@ -432,8 +453,8 @@
RESERVED
CVE-2017-17385
RESERVED
-CVE-2017-17384
- RESERVED
+CVE-2017-17384 (ISPConfig 3.x before 3.1.9 allows remote authenticated users to obtain ...)
+ TODO: check
CVE-2017-17383 (Jenkins through 2.93 allows remote authenticated administrators to ...)
- jenkins <removed>
CVE-2017-17382
@@ -2629,7 +2650,7 @@
NOT-FOR-US: GitPHP
CVE-2017-1000207 (A vulnerability in Swagger-Parser's version <= 1.0.30 and Swagger ...)
NOT-FOR-US: Swagger-Parser
-CVE-2017-1000159 (Command injection in evince 3.24.8 via filename when printing to PDF ...)
+CVE-2017-1000159 (Command injection in evince via filename when printing to PDF. This ...)
- evince 3.25.92-1
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=784947
NOTE: Introduced by: https://git.gnome.org/browse/evince/commit/?id=1fcca0b8041de0d6074d7e17fba174da36c65f99 (EVINCE_0_9_1)
@@ -169200,7 +169221,7 @@
NOT-FOR-US: Opera
CVE-2002-2483
- linux-2.6 2.4.20
-CVE-2012-1002 (Unspecified vulnerability in OpenConf 4.x before 4.12 has unknown ...)
+CVE-2012-1002 (SQL injection vulnerability in author/edit.php in OpenConf 4.x before ...)
NOT-FOR-US: OpenConf
CVE-2012-1001
RESERVED
More information about the Secure-testing-commits
mailing list