[Secure-testing-commits] r58665 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Dec 17 20:20:50 UTC 2017
Author: carnil
Date: 2017-12-17 20:20:50 +0000 (Sun, 17 Dec 2017)
New Revision: 58665
Modified:
data/CVE/list
Log:
mark geomview as unimportant, arguments to browser are not validated, but only trusted input is passed to ui_manual_browser and accessing the documentation
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-17 20:17:36 UTC (rev 58664)
+++ data/CVE/list 2017-12-17 20:20:50 UTC (rev 58665)
@@ -4859,8 +4859,7 @@
- global <unfixed> (unimportant)
NOTE: https://sources.debian.org/src/global/4.8.6-2/gozilla/gozilla.c/#L269
CVE-2017-17530 (common/help.c in Geomview 1.9.5 does not validate strings before ...)
- - geomview <unfixed>
- [wheezy] - geomview <no-dsa> (Minor issue)
+ - geomview <unfixed> (unimportant)
NOTE: https://sources.debian.org/src/geomview/1.9.5-1/src/bin/geomview/common/help.c/?hl=51#L83
CVE-2017-17529 (af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings ...)
- abiword <unfixed>
More information about the Secure-testing-commits
mailing list