[Secure-testing-commits] r53451 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jul 13 19:27:07 UTC 2017
Author: carnil
Date: 2017-07-13 19:27:07 +0000 (Thu, 13 Jul 2017)
New Revision: 53451
Modified:
data/CVE/list
Log:
Add note for CVE-2017-9847
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-13 19:26:55 UTC (rev 53450)
+++ data/CVE/list 2017-07-13 19:27:07 UTC (rev 53451)
@@ -2011,6 +2011,7 @@
[wheezy] - libtorrent-rasterbar <not-affected> (new bdecode introduced in 1.1.0; vulnerable code not present)
NOTE: https://github.com/arvidn/libtorrent/issues/2099
NOTE: Fixed by: https://github.com/arvidn/libtorrent/commit/ec30a5e9ec703afb8abefba757c6d401303b53db
+ NOTE: Pre-1.1.0 versions possibly similarly affected in lazy_bdecode.cpp
CVE-2017-9846 (Winmail Server 6.1 allows remote code execution by authenticated users ...)
NOT-FOR-US: Winmail Server
CVE-2017-9845 (disp+work 7400.12.21.30308 in SAP NetWeaver 7.40 allows remote ...)
More information about the Secure-testing-commits
mailing list