[Secure-testing-commits] r58858 - in data: CVE DSA

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Dec 23 08:10:29 UTC 2017


Author: carnil
Date: 2017-12-23 08:10:29 +0000 (Sat, 23 Dec 2017)
New Revision: 58858

Modified:
   data/CVE/list
   data/DSA/list
Log:
Track assigned enigmail CVEs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-23 07:33:21 UTC (rev 58857)
+++ data/CVE/list	2017-12-23 08:10:29 UTC (rev 58858)
@@ -63,11 +63,24 @@
 	RESERVED
 CVE-2017-17832 (ServersCheck Monitoring Software before 14.2.3 is prone to a ...)
 	TODO: check
-CVE-2017-XXXX [Multiple Enigmail issues]
+CVE-2017-17843
 	- enigmail 2:1.9.9-1
-	[stretch] - enigmail 2:1.9.9-1~deb9u1
-	[jessie] - enigmail 2:1.9.9-1~deb8u1
 	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
+CVE-2017-17844
+	- enigmail 2:1.9.9-1
+	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
+CVE-2017-17845
+	- enigmail 2:1.9.9-1
+	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
+CVE-2017-17846
+	- enigmail 2:1.9.9-1
+	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
+CVE-2017-17847
+	- enigmail 2:1.9.9-1
+	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
+CVE-2017-17848
+	- enigmail 2:1.9.9-1
+	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
 CVE-2017-17831 (GitHub Git LFS before 2.1.1 allows remote attackers to execute ...)
 	- git-lfs <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/git-lfs/git-lfs/pull/2242

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2017-12-23 07:33:21 UTC (rev 58857)
+++ data/DSA/list	2017-12-23 08:10:29 UTC (rev 58858)
@@ -6,6 +6,7 @@
 	[jessie] - sensible-utils 0.0.9+deb8u1
 	[stretch] - sensible-utils 0.0.9+deb9u1
 [21 Dec 2017] DSA-4070-1 enigmail - security update
+	{CVE-2017-17843 CVE-2017-17844 CVE-2017-17845 CVE-2017-17846 CVE-2017-17847 CVE-2017-17848}
 	[jessie] - enigmail 2:1.9.9-1~deb8u1
 	[stretch] - enigmail 2:1.9.9-1~deb9u1
 [20 Dec 2017] DSA-4069-1 otrs2 - security update




More information about the Secure-testing-commits mailing list