[Secure-testing-commits] r53499 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Jul 14 21:30:53 UTC 2017
Author: jmm
Date: 2017-07-14 21:30:52 +0000 (Fri, 14 Jul 2017)
New Revision: 53499
Modified:
data/CVE/list
Log:
new yara issue
xmlsec1 no-dsa
NFU
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-14 21:30:22 UTC (rev 53498)
+++ data/CVE/list 2017-07-14 21:30:52 UTC (rev 53499)
@@ -14,7 +14,7 @@
CVE-2016-10398 (Android 6.0 has an authentication bypass for attackers with root and ...)
NOT-FOR-US: Android
CVE-2017-11328 (Heap buffer overflow in the yr_object_array_set_item() function in ...)
- TODO: check
+ - yara <unfixed>
CVE-2017-11327
RESERVED
CVE-2017-11326
@@ -34,7 +34,7 @@
CVE-2017-11319
RESERVED
CVE-2017-11318 (Cobian Backup 11 client allows man-in-the-middle attackers to add and ...)
- TODO: check
+ NOT-FOR-US: Cobian
CVE-2017-11317
RESERVED
CVE-2017-11316
@@ -502,6 +502,8 @@
TODO: check
CVE-2017-1000061 (xmlsec 1.2.23 and before is vulnerable to XML External Entity ...)
- xmlsec1 1.2.24-1
+ [stretch] - xmlsec1 <no-dsa> (Minor issue)
+ [jessie] - xmlsec1 <no-dsa> (Minor issue)
NOTE: https://github.com/lsh123/xmlsec/issues/43
CVE-2017-1000060 (EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb ...)
TODO: check
More information about the Secure-testing-commits
mailing list