[Secure-testing-commits] r53304 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sat Jul 8 21:33:20 UTC 2017
Author: jmm
Date: 2017-07-08 21:33:20 +0000 (Sat, 08 Jul 2017)
New Revision: 53304
Modified:
data/CVE/list
Log:
swftools non-issue
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-08 21:30:30 UTC (rev 53303)
+++ data/CVE/list 2017-07-08 21:33:20 UTC (rev 53304)
@@ -253,13 +253,13 @@
- imagemagick <unfixed>
NOTE: https://github.com/ImageMagick/ImageMagick/issues/538
CVE-2017-10994 (Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrary ...)
- TODO: check
+ NOT-FOR-US: Foxit Reader
CVE-2017-10993
RESERVED
CVE-2017-10992
RESERVED
CVE-2017-10991 (The WP Statistics plugin through 12.0.9 for WordPress has XSS in the ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2017-10990
RESERVED
CVE-2017-10989 (The getNodeSize function in ext/rtree/rtree.c in SQLite through ...)
@@ -300,7 +300,8 @@
CVE-2017-10977
RESERVED
CVE-2017-10976 (When SWFTools 0.9.2 processes a crafted file in ttftool, it can lead to ...)
- TODO: check
+ - swftools <unfixed> (unimportant)
+ NOTE: ttftool not shipped in Debian package
CVE-2017-10975 (Cross-site scripting (XSS) vulnerability in Lutim before 0.8 might ...)
NOT-FOR-US: Lutim
CVE-2017-10974 (Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP ...)
More information about the Secure-testing-commits
mailing list