[Secure-testing-commits] r58858 - in data: CVE DSA
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Dec 23 08:10:29 UTC 2017
Author: carnil
Date: 2017-12-23 08:10:29 +0000 (Sat, 23 Dec 2017)
New Revision: 58858
Modified:
data/CVE/list
data/DSA/list
Log:
Track assigned enigmail CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-23 07:33:21 UTC (rev 58857)
+++ data/CVE/list 2017-12-23 08:10:29 UTC (rev 58858)
@@ -63,11 +63,24 @@
RESERVED
CVE-2017-17832 (ServersCheck Monitoring Software before 14.2.3 is prone to a ...)
TODO: check
-CVE-2017-XXXX [Multiple Enigmail issues]
+CVE-2017-17843
- enigmail 2:1.9.9-1
- [stretch] - enigmail 2:1.9.9-1~deb9u1
- [jessie] - enigmail 2:1.9.9-1~deb8u1
NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
+CVE-2017-17844
+ - enigmail 2:1.9.9-1
+ NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
+CVE-2017-17845
+ - enigmail 2:1.9.9-1
+ NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
+CVE-2017-17846
+ - enigmail 2:1.9.9-1
+ NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
+CVE-2017-17847
+ - enigmail 2:1.9.9-1
+ NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
+CVE-2017-17848
+ - enigmail 2:1.9.9-1
+ NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
CVE-2017-17831 (GitHub Git LFS before 2.1.1 allows remote attackers to execute ...)
- git-lfs <not-affected> (Fixed before initial upload to Debian)
NOTE: https://github.com/git-lfs/git-lfs/pull/2242
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2017-12-23 07:33:21 UTC (rev 58857)
+++ data/DSA/list 2017-12-23 08:10:29 UTC (rev 58858)
@@ -6,6 +6,7 @@
[jessie] - sensible-utils 0.0.9+deb8u1
[stretch] - sensible-utils 0.0.9+deb9u1
[21 Dec 2017] DSA-4070-1 enigmail - security update
+ {CVE-2017-17843 CVE-2017-17844 CVE-2017-17845 CVE-2017-17846 CVE-2017-17847 CVE-2017-17848}
[jessie] - enigmail 2:1.9.9-1~deb8u1
[stretch] - enigmail 2:1.9.9-1~deb9u1
[20 Dec 2017] DSA-4069-1 otrs2 - security update
More information about the Secure-testing-commits
mailing list