[Secure-testing-commits] r53295 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sat Jul 8 21:10:12 UTC 2017 

Author: sectracker
Date: 2017-07-08 21:10:12 +0000 (Sat, 08 Jul 2017)
New Revision: 53295

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-08 21:03:18 UTC (rev 53294)
+++ data/CVE/list	2017-07-08 21:10:12 UTC (rev 53295)
@@ -1,3 +1,21 @@
+CVE-2017-11113 (In ncurses 6.0, there is a NULL Pointer Dereference in the ...)
+	TODO: check
+CVE-2017-11112 (In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the ...)
+	TODO: check
+CVE-2017-11111 (In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers ...)
+	TODO: check
+CVE-2017-11110 (The ole_init function in ole.c in catdoc 0.95 allows remote attackers ...)
+	TODO: check
+CVE-2017-11109 (Vim 8.0 allows attackers to cause a denial of service (invalid free) or ...)
+	TODO: check
+CVE-2017-11108 (tcpdump 4.9.0 allows remote attackers to cause a denial of service ...)
+	TODO: check
+CVE-2017-11107 (phpLDAPadmin through 1.2.3 has XSS in htdocs/entry_chooser.php via the ...)
+	TODO: check
+CVE-2017-11106
+	RESERVED
+CVE-2017-11105
+	RESERVED
 CVE-2017-1000050 [NULL Pointer Dereference jp2_encode (jp2_enc.c)]
 	- jasper <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/06/1
@@ -1575,7 +1593,7 @@
 	RESERVED
 CVE-2017-9826
 	RESERVED
-CVE-2017-11104 [Improper TSIG validity period check can allow TSIG forgery]
+CVE-2017-11104 (Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the ...)
 	- knot <unfixed> (bug #865678)
 	NOTE: https://lists.nic.cz/pipermail/knot-dns-users/2017-June/001144.html
 	NOTE: http://www.synacktiv.ninja/ressources/Knot_DNS_TSIG_Signature_Forgery.pdf
@@ -22865,11 +22883,13 @@
 	RESERVED
 CVE-2017-3143 [An error in TSIG authentication can permit unauthorized dynamic updates]
 	RESERVED
+	{DSA-3904-1}
 	- bind9 <unfixed> (bug #866564)
 	NOTE: https://kb.isc.org/article/AA-01503
 	NOTE: Fixed by (master): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=581c1526ab0f74a177980da9ff0514f795ed8669
 CVE-2017-3142 [An error in TSIG authentication can permit unauthorized zone transfers]
 	RESERVED
+	{DSA-3904-1}
 	- bind9 <unfixed> (bug #866564)
 	NOTE: https://kb.isc.org/article/AA-01504
 	NOTE: Fixed by (master): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=581c1526ab0f74a177980da9ff0514f795ed8669

More information about the Secure-testing-commits mailing list