[Secure-testing-commits] r54034 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Fri Jul 28 21:10:16 UTC 2017 

Author: sectracker
Date: 2017-07-28 21:10:15 +0000 (Fri, 28 Jul 2017)
New Revision: 54034

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-28 21:07:03 UTC (rev 54033)
+++ data/CVE/list	2017-07-28 21:10:15 UTC (rev 54034)
@@ -1,5 +1,9 @@
-CVE-2017-11720
+CVE-2017-11722 (The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 ...)
+	TODO: check
+CVE-2017-11721
 	RESERVED
+CVE-2017-11720 (There is a division-by-zero vulnerability in LAME 3.99.5, caused by a ...)
+	TODO: check
 CVE-2017-11719 (The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg ...)
 	- ffmpeg <unfixed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/296debd213bd6dce7647cedd34eb64e5b94cdc92
@@ -57,10 +61,10 @@
 	RESERVED
 CVE-2017-11695
 	RESERVED
-CVE-2017-11694
-	RESERVED
-CVE-2017-11693
-	RESERVED
+CVE-2017-11694 (MEDHOST Document Management System contains hard-coded credentials that ...)
+	TODO: check
+CVE-2017-11693 (MEDHOST Document Management System contains hard-coded credentials that ...)
+	TODO: check
 CVE-2017-11692
 	RESERVED
 CVE-2016-10402 (Avira Antivirus engine versions before 8.3.36.60 allow remote code ...)
@@ -1790,6 +1794,7 @@
 	[wheezy] - ncurses <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464686
 CVE-2017-11111 (In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers ...)
+	{DLA-1041-1}
 	- nasm <unfixed> (bug #867988)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
@@ -2851,6 +2856,7 @@
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1466411
 CVE-2017-10686 (In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after ...)
+	{DLA-1041-1}
 	- nasm <unfixed> (bug #867988)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
@@ -7199,30 +7205,37 @@
 	[jessie] - faac <no-dsa> (Non-free not supported)
 	NOTE: https://www.exploit-db.com/exploits/42207/
 CVE-2017-9128 (The quicktime_video_width function in lqt_quicktime.c in libquicktime ...)
+	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
 CVE-2017-9127 (The quicktime_user_atoms_read_atom function in useratoms.c in ...)
+	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
 CVE-2017-9126 (The quicktime_read_dref_table function in dref.c in libquicktime 1.2.4 ...)
+	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
 CVE-2017-9125 (The lqt_frame_duration function in lqt_quicktime.c in libquicktime ...)
+	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
 CVE-2017-9124 (The quicktime_match_32 function in util.c in libquicktime 1.2.4 allows ...)
+	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
 CVE-2017-9123 (The lqt_frame_duration function in lqt_quicktime.c in libquicktime ...)
+	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
 CVE-2017-9122 (The quicktime_read_moov function in moov.c in libquicktime 1.2.4 allows ...)
+	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
@@ -15818,10 +15831,9 @@
 	RESERVED
 CVE-2017-6261
 	RESERVED
-CVE-2017-6260
-	RESERVED
-CVE-2017-6259
-	RESERVED
+CVE-2017-6260 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+	TODO: check
+CVE-2017-6259 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode ...)
 	- nvidia-graphics-drivers 375.82-1 (bug #869783)
 	[stretch] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -15829,25 +15841,24 @@
 	- nvidia-graphics-drivers-legacy-304xx <undetermined>
 CVE-2017-6258
 	RESERVED
-CVE-2017-6257
-	RESERVED
+CVE-2017-6257 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode ...)
 	- nvidia-graphics-drivers 375.82-1 (bug #869783)
 	[stretch] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <undetermined>
 	- nvidia-graphics-drivers-legacy-304xx <undetermined>
-CVE-2017-6256
-	RESERVED
-CVE-2017-6255
-	RESERVED
-CVE-2017-6254
-	RESERVED
-CVE-2017-6253
-	RESERVED
-CVE-2017-6252
-	RESERVED
-CVE-2017-6251
-	RESERVED
+CVE-2017-6256 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+	TODO: check
+CVE-2017-6255 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+	TODO: check
+CVE-2017-6254 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+	TODO: check
+CVE-2017-6253 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+	TODO: check
+CVE-2017-6252 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+	TODO: check
+CVE-2017-6251 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+	TODO: check
 CVE-2017-6250 (NVIDIA GeForce Experience contains a vulnerability in NVIDIA Web ...)
 	NOT-FOR-US: NVIDIA GeForce Experience
 CVE-2017-6249 (An elevation of privilege vulnerability in the NVIDIA sound driver ...)
@@ -23701,14 +23712,17 @@
 	RESERVED
 CVE-2017-3653
 	RESERVED
+	{DSA-3922-1}
 	- mysql-5.7 <unfixed> (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
 CVE-2017-3652
 	RESERVED
+	{DSA-3922-1}
 	- mysql-5.7 <unfixed> (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
 CVE-2017-3651
 	RESERVED
+	{DSA-3922-1}
 	- mysql-5.7 <unfixed> (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
 CVE-2017-3650
@@ -23721,6 +23735,7 @@
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 CVE-2017-3648
 	RESERVED
+	{DSA-3922-1}
 	- mysql-5.7 <unfixed> (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
 CVE-2017-3647
@@ -23749,6 +23764,7 @@
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 CVE-2017-3641
 	RESERVED
+	{DSA-3922-1}
 	- mysql-5.7 <unfixed> (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
 CVE-2017-3640
@@ -23769,10 +23785,12 @@
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 CVE-2017-3636
 	RESERVED
+	{DSA-3922-1}
 	- mysql-5.7 <not-affected> (Only affects MySQL 5.5 and 5.6)
 	- mysql-5.5 <removed> (bug #868788)
 CVE-2017-3635
 	RESERVED
+	{DSA-3922-1}
 	- mysql-5.7 <unfixed> (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
 CVE-2017-3634

More information about the Secure-testing-commits mailing list