[Secure-testing-commits] r58671 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon Dec 18 09:10:16 UTC 2017
Author: sectracker
Date: 2017-12-18 09:10:16 +0000 (Mon, 18 Dec 2017)
New Revision: 58671
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-18 07:09:46 UTC (rev 58670)
+++ data/CVE/list 2017-12-18 09:10:16 UTC (rev 58671)
@@ -1,5 +1,50 @@
-CVE-2017-17718 [Net::Ldap missing certificate validation]
+CVE-2017-17741 (The KVM implementation in the Linux kernel through 4.14.7 allows ...)
+ TODO: check
+CVE-2017-17740 (contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both ...)
+ TODO: check
+CVE-2017-17739 (The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and ...)
+ TODO: check
+CVE-2017-17738 (The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and ...)
+ TODO: check
+CVE-2017-17737 (The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and ...)
+ TODO: check
+CVE-2017-17736
RESERVED
+CVE-2017-17735 (CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login ...)
+ TODO: check
+CVE-2017-17734 (CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login ...)
+ TODO: check
+CVE-2017-17733 (Maccms 8.x allows remote command execution via the wd parameter in an ...)
+ TODO: check
+CVE-2017-17732
+ RESERVED
+CVE-2017-17731 (DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to ...)
+ TODO: check
+CVE-2017-17730 (DedeCMS through 5.7 has SQL Injection via the logo parameter to ...)
+ TODO: check
+CVE-2017-17729
+ RESERVED
+CVE-2017-17728
+ RESERVED
+CVE-2017-17727 (DedeCMS through 5.6 allows arbitrary file upload and PHP code execution ...)
+ TODO: check
+CVE-2017-17726
+ RESERVED
+CVE-2017-17725
+ RESERVED
+CVE-2017-17724
+ RESERVED
+CVE-2017-17723
+ RESERVED
+CVE-2017-17722
+ RESERVED
+CVE-2017-17721
+ RESERVED
+CVE-2017-17720
+ RESERVED
+CVE-2017-17719
+ RESERVED
+CVE-2017-17718 (The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SSL ...)
- ruby-net-ldap <unfixed>
NOTE: https://github.com/ruby-ldap/ruby-net-ldap/issues/258
CVE-2017-17717 (Sonatype Nexus Repository Manager through 2.14.5 has weak password ...)
@@ -4934,7 +4979,7 @@
CVE-2017-17516 (scripts/inspect_webbrowser.py in Reddit Terminal Viewer (RTV) 1.19.0 ...)
- rtv <unfixed> (unimportant)
NOTE: https://sources.debian.org/src/rtv/1.20.0+dfsg-1/scripts/inspect_webbrowser.py/
-CVE-2017-17515 (etc/ObjectList in Metview 4.7.3 does not validate strings before ...)
+CVE-2017-17515 (** DISPUTED ** etc/ObjectList in Metview 4.7.3 does not validate ...)
- metview <unfixed> (unimportant)
NOTE: https://sources.debian.org/src/metview/4.7.2-3/share/metview/etc/ObjectList/?hl=2857#L2857
CVE-2017-17514 (** DISPUTED ** boxes.c in nip2 8.4.0 does not validate strings before ...)
@@ -7938,8 +7983,7 @@
RESERVED
CVE-2017-16998
RESERVED
-CVE-2017-16997 [Incorrect handling of RPATH or RUNPATH containing $ORIGIN for ...]
- RESERVED
+CVE-2017-16997 (elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through ...)
- glibc <unfixed> (bug #884615)
[stretch] - glibc <no-dsa> (Minor issue)
[jessie] - glibc <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list