[Secure-testing-commits] r54034 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Fri Jul 28 21:10:16 UTC 2017
Author: sectracker
Date: 2017-07-28 21:10:15 +0000 (Fri, 28 Jul 2017)
New Revision: 54034
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-28 21:07:03 UTC (rev 54033)
+++ data/CVE/list 2017-07-28 21:10:15 UTC (rev 54034)
@@ -1,5 +1,9 @@
-CVE-2017-11720
+CVE-2017-11722 (The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 ...)
+ TODO: check
+CVE-2017-11721
RESERVED
+CVE-2017-11720 (There is a division-by-zero vulnerability in LAME 3.99.5, caused by a ...)
+ TODO: check
CVE-2017-11719 (The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg ...)
- ffmpeg <unfixed>
NOTE: https://github.com/FFmpeg/FFmpeg/commit/296debd213bd6dce7647cedd34eb64e5b94cdc92
@@ -57,10 +61,10 @@
RESERVED
CVE-2017-11695
RESERVED
-CVE-2017-11694
- RESERVED
-CVE-2017-11693
- RESERVED
+CVE-2017-11694 (MEDHOST Document Management System contains hard-coded credentials that ...)
+ TODO: check
+CVE-2017-11693 (MEDHOST Document Management System contains hard-coded credentials that ...)
+ TODO: check
CVE-2017-11692
RESERVED
CVE-2016-10402 (Avira Antivirus engine versions before 8.3.36.60 allow remote code ...)
@@ -1790,6 +1794,7 @@
[wheezy] - ncurses <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464686
CVE-2017-11111 (In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers ...)
+ {DLA-1041-1}
- nasm <unfixed> (bug #867988)
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
@@ -2851,6 +2856,7 @@
[stretch] - libsass <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1466411
CVE-2017-10686 (In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after ...)
+ {DLA-1041-1}
- nasm <unfixed> (bug #867988)
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
@@ -7199,30 +7205,37 @@
[jessie] - faac <no-dsa> (Non-free not supported)
NOTE: https://www.exploit-db.com/exploits/42207/
CVE-2017-9128 (The quicktime_video_width function in lqt_quicktime.c in libquicktime ...)
+ {DLA-1042-1}
- libquicktime 2:1.2.4-11 (low; bug #864664)
[stretch] - libquicktime 2:1.2.4-10+deb9u1
[jessie] - libquicktime <no-dsa> (Minor issue)
CVE-2017-9127 (The quicktime_user_atoms_read_atom function in useratoms.c in ...)
+ {DLA-1042-1}
- libquicktime 2:1.2.4-11 (low; bug #864664)
[stretch] - libquicktime 2:1.2.4-10+deb9u1
[jessie] - libquicktime <no-dsa> (Minor issue)
CVE-2017-9126 (The quicktime_read_dref_table function in dref.c in libquicktime 1.2.4 ...)
+ {DLA-1042-1}
- libquicktime 2:1.2.4-11 (low; bug #864664)
[stretch] - libquicktime 2:1.2.4-10+deb9u1
[jessie] - libquicktime <no-dsa> (Minor issue)
CVE-2017-9125 (The lqt_frame_duration function in lqt_quicktime.c in libquicktime ...)
+ {DLA-1042-1}
- libquicktime 2:1.2.4-11 (low; bug #864664)
[stretch] - libquicktime 2:1.2.4-10+deb9u1
[jessie] - libquicktime <no-dsa> (Minor issue)
CVE-2017-9124 (The quicktime_match_32 function in util.c in libquicktime 1.2.4 allows ...)
+ {DLA-1042-1}
- libquicktime 2:1.2.4-11 (low; bug #864664)
[stretch] - libquicktime 2:1.2.4-10+deb9u1
[jessie] - libquicktime <no-dsa> (Minor issue)
CVE-2017-9123 (The lqt_frame_duration function in lqt_quicktime.c in libquicktime ...)
+ {DLA-1042-1}
- libquicktime 2:1.2.4-11 (low; bug #864664)
[stretch] - libquicktime 2:1.2.4-10+deb9u1
[jessie] - libquicktime <no-dsa> (Minor issue)
CVE-2017-9122 (The quicktime_read_moov function in moov.c in libquicktime 1.2.4 allows ...)
+ {DLA-1042-1}
- libquicktime 2:1.2.4-11 (low; bug #864664)
[stretch] - libquicktime 2:1.2.4-10+deb9u1
[jessie] - libquicktime <no-dsa> (Minor issue)
@@ -15818,10 +15831,9 @@
RESERVED
CVE-2017-6261
RESERVED
-CVE-2017-6260
- RESERVED
-CVE-2017-6259
- RESERVED
+CVE-2017-6260 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+ TODO: check
+CVE-2017-6259 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode ...)
- nvidia-graphics-drivers 375.82-1 (bug #869783)
[stretch] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -15829,25 +15841,24 @@
- nvidia-graphics-drivers-legacy-304xx <undetermined>
CVE-2017-6258
RESERVED
-CVE-2017-6257
- RESERVED
+CVE-2017-6257 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode ...)
- nvidia-graphics-drivers 375.82-1 (bug #869783)
[stretch] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
- nvidia-graphics-drivers-legacy-340xx <undetermined>
- nvidia-graphics-drivers-legacy-304xx <undetermined>
-CVE-2017-6256
- RESERVED
-CVE-2017-6255
- RESERVED
-CVE-2017-6254
- RESERVED
-CVE-2017-6253
- RESERVED
-CVE-2017-6252
- RESERVED
-CVE-2017-6251
- RESERVED
+CVE-2017-6256 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+ TODO: check
+CVE-2017-6255 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+ TODO: check
+CVE-2017-6254 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+ TODO: check
+CVE-2017-6253 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+ TODO: check
+CVE-2017-6252 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+ TODO: check
+CVE-2017-6251 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+ TODO: check
CVE-2017-6250 (NVIDIA GeForce Experience contains a vulnerability in NVIDIA Web ...)
NOT-FOR-US: NVIDIA GeForce Experience
CVE-2017-6249 (An elevation of privilege vulnerability in the NVIDIA sound driver ...)
@@ -23701,14 +23712,17 @@
RESERVED
CVE-2017-3653
RESERVED
+ {DSA-3922-1}
- mysql-5.7 <unfixed> (bug #868798)
- mysql-5.5 <removed> (bug #868788)
CVE-2017-3652
RESERVED
+ {DSA-3922-1}
- mysql-5.7 <unfixed> (bug #868798)
- mysql-5.5 <removed> (bug #868788)
CVE-2017-3651
RESERVED
+ {DSA-3922-1}
- mysql-5.7 <unfixed> (bug #868798)
- mysql-5.5 <removed> (bug #868788)
CVE-2017-3650
@@ -23721,6 +23735,7 @@
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
CVE-2017-3648
RESERVED
+ {DSA-3922-1}
- mysql-5.7 <unfixed> (bug #868798)
- mysql-5.5 <removed> (bug #868788)
CVE-2017-3647
@@ -23749,6 +23764,7 @@
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
CVE-2017-3641
RESERVED
+ {DSA-3922-1}
- mysql-5.7 <unfixed> (bug #868798)
- mysql-5.5 <removed> (bug #868788)
CVE-2017-3640
@@ -23769,10 +23785,12 @@
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
CVE-2017-3636
RESERVED
+ {DSA-3922-1}
- mysql-5.7 <not-affected> (Only affects MySQL 5.5 and 5.6)
- mysql-5.5 <removed> (bug #868788)
CVE-2017-3635
RESERVED
+ {DSA-3922-1}
- mysql-5.7 <unfixed> (bug #868798)
- mysql-5.5 <removed> (bug #868788)
CVE-2017-3634
More information about the Secure-testing-commits
mailing list