[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Fix note for CVE-2017-17760/opencv

Salvatore Bonaccorso carnil at debian.org
Sat Dec 30 10:31:28 UTC 2017 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
644c0c99 by Salvatore Bonaccorso at 2017-12-30T11:20:27+01:00
Fix note for CVE-2017-17760/opencv

- - - - -
14dbe4af by Salvatore Bonaccorso at 2017-12-30T11:30:45+01:00
Add Debian bug reference for CVE-2017-17760/opencv: #885843

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1249,10 +1249,9 @@ CVE-2017-17787 (In GIMP 2.8.22, there is a heap-based buffer over-read in ...)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790853
 	NOTE: Crash in desktop tool, no/negligable security impact
 CVE-2017-17760 (OpenCV 3.3.1 has a Buffer Overflow in the cv::PxMDecoder::readData ...)
-	- opencv <unfixed>
+	- opencv <unfixed> (bug #885843)
 	NOTE: https://github.com/opencv/opencv/issues/10351
-	NOTE: MISC:https://github.com/opencv/opencv/pull/10369/commits/7bbe1a53cfc097b82b1589f7915a2120de39274c
-	TODO: check
+	NOTE: https://github.com/opencv/opencv/pull/10369/commits/7bbe1a53cfc097b82b1589f7915a2120de39274c
 CVE-2017-17759 (Conarc iChannel allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: Conarc iChannel
 CVE-2017-17758 (TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/6476255899ad6ab3992ae0841aefa84ba0ee1e2a...14dbe4afaa38de9a42808f94b43d1da7634928b2

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/6476255899ad6ab3992ae0841aefa84ba0ee1e2a...14dbe4afaa38de9a42808f94b43d1da7634928b2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20171230/f838a11b/attachment-0001.html>

More information about the Secure-testing-commits mailing list