[Secure-testing-commits] r58786 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Dec 21 12:24:47 UTC 2017 

Author: carnil
Date: 2017-12-21 12:24:47 +0000 (Thu, 21 Dec 2017)
New Revision: 58786

Modified:
   data/CVE/list
Log:
Add references for nasm issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-21 12:20:34 UTC (rev 58785)
+++ data/CVE/list	2017-12-21 12:24:47 UTC (rev 58786)
@@ -23,36 +23,51 @@
 	TODO: check
 CVE-2017-17820 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...)
 	- nasm <unfixed>
+	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392433
 	TODO: check
 CVE-2017-17819 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access ...)
 	- nasm <unfixed>
+	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392435
+	NOTE: http://repo.or.cz/nasm.git/commit/7524cfd91492e6e3719b959498be584a9ced13af
 	TODO: check
 CVE-2017-17818 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...)
 	- nasm <unfixed>
+	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392428
 	TODO: check
 CVE-2017-17817 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...)
 	- nasm <unfixed>
+	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392427
 	TODO: check
 CVE-2017-17816 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...)
 	- nasm <unfixed>
+	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392426
 	TODO: check
 CVE-2017-17815 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access ...)
 	- nasm <unfixed>
+	NOTE: http://repo.or.cz/nasm.git/commit/c9244eaadd05b27637cde06021bac3fa1d920aa3
+	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392436
 	TODO: check
 CVE-2017-17814 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...)
 	- nasm <unfixed>
+	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392430
 	TODO: check
 CVE-2017-17813 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the ...)
 	- nasm <unfixed>
+	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392429
 	TODO: check
 CVE-2017-17812 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...)
 	- nasm <unfixed>
+	NOTE: http://repo.or.cz/nasm.git/commit/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9
+	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392424
 	TODO: check
 CVE-2017-17811 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...)
 	- nasm <unfixed>
+	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392432
 	TODO: check
 CVE-2017-17810 (In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown ...)
 	- nasm <unfixed>
+	NOTE: http://repo.or.cz/nasm.git/commit/59ce1c67b16967c652765e62aa130b7e43f21dd4
+	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392431
 	TODO: check
 CVE-2017-17809 (In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpnservice ...)
 	NOT-FOR-US: Golden Frog VyprVPN

More information about the Secure-testing-commits mailing list