[Secure-testing-commits] r58821 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Dec 21 20:06:42 UTC 2017
Author: carnil
Date: 2017-12-21 20:06:42 +0000 (Thu, 21 Dec 2017)
New Revision: 58821
Modified:
data/CVE/list
Log:
Add upstream reference for CVE-2017-17522
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-21 20:06:30 UTC (rev 58820)
+++ data/CVE/list 2017-12-21 20:06:42 UTC (rev 58821)
@@ -5315,6 +5315,7 @@
- python3.7 <unfixed>
NOTE: Lib/webbrowser.py does not validate strings before launching the program
NOTE: specified by the BROWSER environment variable.
+ NOTE: https://bugs.python.org/issue32367
CVE-2017-17521 (uiutil.c in FontForge through 20170731 does not validate strings before ...)
- fontforge <unfixed> (unimportant)
NOTE: https://sources.debian.org/src/fontforge/1:20170731%7Edfsg-1/fontforgeexe/uiutil.c/#L285
More information about the Secure-testing-commits
mailing list