[Secure-testing-commits] r53484 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Fri Jul 14 09:10:13 UTC 2017 

Author: sectracker
Date: 2017-07-14 09:10:13 +0000 (Fri, 14 Jul 2017)
New Revision: 53484

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-14 09:06:49 UTC (rev 53483)
+++ data/CVE/list	2017-07-14 09:10:13 UTC (rev 53484)
@@ -1,3 +1,37 @@
+CVE-2017-11328 (Heap buffer overflow in the yr_object_array_set_item() function in ...)
+	TODO: check
+CVE-2017-11327
+	RESERVED
+CVE-2017-11326
+	RESERVED
+CVE-2017-11325
+	RESERVED
+CVE-2017-11324
+	RESERVED
+CVE-2017-11323
+	RESERVED
+CVE-2017-11322
+	RESERVED
+CVE-2017-11321
+	RESERVED
+CVE-2017-11320
+	RESERVED
+CVE-2017-11319
+	RESERVED
+CVE-2017-11318 (Cobian Backup 11 client allows man-in-the-middle attackers to add and ...)
+	TODO: check
+CVE-2017-11317
+	RESERVED
+CVE-2017-11316
+	RESERVED
+CVE-2017-11315
+	RESERVED
+CVE-2017-11314
+	RESERVED
+CVE-2017-11313
+	RESERVED
+CVE-2017-11312
+	RESERVED
 CVE-2017-11311 (soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt ...)
 	- libopenmpt <unfixed> (bug #867579)
 	[stretch] - libopenmpt <no-dsa> (Scheduled for point release)
@@ -2344,8 +2378,8 @@
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2682
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/fb3dc46a2fcf6197ff3b93fc76f0c37fddc0333b
 	NOTE: The issue is addressed with the same commit as for CVE-2017-9403
-CVE-2017-9814
-	RESERVED
+CVE-2017-9814 (cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote ...)
+	TODO: check
 CVE-2017-9813
 	RESERVED
 CVE-2017-9812
@@ -23751,17 +23785,15 @@
 	RESERVED
 CVE-2017-3104
 	RESERVED
-CVE-2017-3103
-	RESERVED
-CVE-2017-3102
-	RESERVED
-CVE-2017-3101
-	RESERVED
-CVE-2017-3100
-	RESERVED
+CVE-2017-3103 (Adobe Connect versions 9.6.1 and earlier have a stored cross-site ...)
+	TODO: check
+CVE-2017-3102 (Adobe Connect versions 9.6.1 and earlier have a reflected cross-site ...)
+	TODO: check
+CVE-2017-3101 (Adobe Connect versions 9.6.1 and earlier have a clickjacking ...)
+	TODO: check
+CVE-2017-3100 (Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2017-3099
-	RESERVED
+CVE-2017-3099 (Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash
 CVE-2017-3098 (Adobe Captivate versions 9 and earlier have a remote code execution ...)
 	NOT-FOR-US: Adobe
@@ -23799,8 +23831,7 @@
 	NOT-FOR-US: Adobe Flash
 CVE-2017-3081 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2017-3080
-	RESERVED
+CVE-2017-3080 (Adobe Flash Player versions 26.0.0.131 and earlier have a security ...)
 	NOT-FOR-US: Adobe Flash
 CVE-2017-3079 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash

More information about the Secure-testing-commits mailing list