[Secure-testing-commits] r53600 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jul 18 05:30:09 UTC 2017
Author: carnil
Date: 2017-07-18 05:30:09 +0000 (Tue, 18 Jul 2017)
New Revision: 53600
Modified:
data/CVE/list
Log:
Add entry for gnome-exe-thumbnailer, #868705
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-18 05:19:09 UTC (rev 53599)
+++ data/CVE/list 2017-07-18 05:30:09 UTC (rev 53600)
@@ -1,3 +1,7 @@
+CVE-2017-XXXX [Thumbnail generation for MSI files executes arbitrary VBScript]
+ - gnome-exe-thumbnailer <unfixed> (bug #868705)
+ NOTE: http://news.dieweltistgarnichtso.net/posts/gnome-thumbnailer-msi-fail.html
+ NOTE: https://github.com/gnome-exe-thumbnailer/gnome-exe-thumbnailer/commit/1d8e3102dd8fd23431ae6127d14a236da6b4a4a5
CVE-2017-11399 (Integer overflow in the ape_decode_frame function in ...)
- ffmpeg <unfixed>
NOTE: https://github.com/FFmpeg/FFmpeg/commit/ba4beaf6149f7241c8bd85fe853318c2f6837ad0
More information about the Secure-testing-commits
mailing list