[Secure-testing-commits] r52344 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jun 6 04:42:32 UTC 2017
Author: carnil
Date: 2017-06-06 04:42:32 +0000 (Tue, 06 Jun 2017)
New Revision: 52344
Modified:
data/CVE/list
Log:
Add CVE-2017-9438/yara
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-06 04:37:21 UTC (rev 52343)
+++ data/CVE/list 2017-06-06 04:42:32 UTC (rev 52344)
@@ -19,7 +19,9 @@
- imagemagick <unfixed> (low)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/460
CVE-2017-9438 (libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers ...)
- TODO: check
+ - yara <unfixed>
+ NOTE: https://github.com/VirusTotal/yara/issues/674
+ NOTE: Fixed by: https://github.com/VirusTotal/yara/commit/10e8bd3071677dd1fa76beeef4bc2fc427cea5e7
CVE-2017-9437 (Openbravo Business Suite 3.0 is affected by SQL injection. This ...)
NOT-FOR-US: Openbravo Business Suite
CVE-2017-9436 (TeamPass before 2.1.27.4 is vulnerable to a SQL injection in ...)
More information about the Secure-testing-commits
mailing list