[Secure-testing-commits] r53186 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Jul 5 13:50:14 UTC 2017
Author: jmm
Date: 2017-07-05 13:50:14 +0000 (Wed, 05 Jul 2017)
New Revision: 53186
Modified:
data/CVE/list
Log:
libxml2 patch reference for Android
mosquitto, podofo no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-05 11:32:22 UTC (rev 53185)
+++ data/CVE/list 2017-07-05 13:50:14 UTC (rev 53186)
@@ -1010,6 +1010,8 @@
NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-global-buffer-overflow-in-ii_step_one-layer2-c/
CVE-2017-9868 (In Mosquitto through 1.4.12, mosquitto.db (aka the persistence file) is ...)
- mosquitto <unfixed> (bug #865959)
+ [stretch] - mosquitto <no-dsa> (Minor issue)
+ [jessie] - mosquitto <no-dsa> (Minor issue)
NOTE: https://github.com/eclipse/mosquitto/issues/468
CVE-2017-9867
RESERVED
@@ -14785,7 +14787,8 @@
NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1840/
CVE-2017-5852 (The PoDoFo::PdfPage::GetInheritedKeyFromObject function in ...)
{DLA-929-1}
- - libpodofo <unfixed> (bug #854600)
+ - libpodofo <unfixed> (low; bug #854600)
+ [stretch] - libpodofo <no-dsa> (Minor issue)
[jessie] - libpodofo <no-dsa> (Minor issue)
NOTE: https://blogs.gentoo.org/ago/2017/02/01/podofo-infinite-loop-in-podofopdfpagegetinheritedkeyfromobject-pdfpage-cpp
NOTE: https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936
@@ -28066,6 +28069,7 @@
RESERVED
CVE-2017-0663 (A remote code execution vulnerability in libxml2 could enable an ...)
- libxml2 <undetermined>
+ NOTE: https://android.googlesource.com/platform/external/libxml2/+/521b88fbb6d18312923f0df653d045384b500ffc
CVE-2017-0662
RESERVED
CVE-2017-0661
More information about the Secure-testing-commits
mailing list