[Secure-testing-commits] r54023 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Jul 28 11:04:33 UTC 2017
Author: carnil
Date: 2017-07-28 11:04:33 +0000 (Fri, 28 Jul 2017)
New Revision: 54023
Modified:
data/CVE/list
Log:
Process NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-28 11:04:23 UTC (rev 54022)
+++ data/CVE/list 2017-07-28 11:04:33 UTC (rev 54023)
@@ -5,13 +5,13 @@
NOTE: https://github.com/FFmpeg/FFmpeg/commit/296debd213bd6dce7647cedd34eb64e5b94cdc92
TODO: check
CVE-2017-11718 (There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl ...)
- TODO: check
+ NOT-FOR-US: MetInfo
CVE-2017-11717 (MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 ...)
- TODO: check
+ NOT-FOR-US: MetInfo
CVE-2017-11716 (MetInfo through 5.3.17 allows stored XSS via HTML Edit Mode. ...)
- TODO: check
+ NOT-FOR-US: MetInfo
CVE-2017-11715 (job/uploadfile_save.php in MetInfo through 5.3.17 blocks the .php ...)
- TODO: check
+ NOT-FOR-US: MetInfo
CVE-2017-11714 (psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the ...)
- ghostscript <unfixed> (bug #869977)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698158
@@ -31,7 +31,7 @@
CVE-2017-11707
RESERVED
CVE-2017-11706 (The Boozt Fashion application before 2.3.4 for Android allows remote ...)
- TODO: check
+ NOT-FOR-US: Boozt Fashion application
CVE-2017-11705 (A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in ...)
TODO: check
CVE-2017-11704 (A heap-based buffer over-read was found in the function decompileIF in ...)
More information about the Secure-testing-commits
mailing list