[Secure-testing-commits] r52376 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Wed Jun 7 09:10:13 UTC 2017 

Author: sectracker
Date: 2017-06-07 09:10:13 +0000 (Wed, 07 Jun 2017)
New Revision: 52376

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-07 08:51:48 UTC (rev 52375)
+++ data/CVE/list	2017-06-07 09:10:13 UTC (rev 52376)
@@ -1,3 +1,75 @@
+CVE-2017-9498
+	RESERVED
+CVE-2017-9497
+	RESERVED
+CVE-2017-9496
+	RESERVED
+CVE-2017-9495
+	RESERVED
+CVE-2017-9494
+	RESERVED
+CVE-2017-9493
+	RESERVED
+CVE-2017-9492
+	RESERVED
+CVE-2017-9491
+	RESERVED
+CVE-2017-9490
+	RESERVED
+CVE-2017-9489
+	RESERVED
+CVE-2017-9488
+	RESERVED
+CVE-2017-9487
+	RESERVED
+CVE-2017-9486
+	RESERVED
+CVE-2017-9485
+	RESERVED
+CVE-2017-9484
+	RESERVED
+CVE-2017-9483
+	RESERVED
+CVE-2017-9482
+	RESERVED
+CVE-2017-9481
+	RESERVED
+CVE-2017-9480
+	RESERVED
+CVE-2017-9479
+	RESERVED
+CVE-2017-9478
+	RESERVED
+CVE-2017-9477
+	RESERVED
+CVE-2017-9476
+	RESERVED
+CVE-2017-9475
+	RESERVED
+CVE-2017-9474 (In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote ...)
+	TODO: check
+CVE-2017-9473 (In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote ...)
+	TODO: check
+CVE-2017-9472 (In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote ...)
+	TODO: check
+CVE-2017-9471 (In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote ...)
+	TODO: check
+CVE-2017-9470 (In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote ...)
+	TODO: check
+CVE-2017-9469 (In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC ...)
+	TODO: check
+CVE-2017-9468 (In Irssi before 1.0.3, when receiving a DCC message without source ...)
+	TODO: check
+CVE-2017-9467
+	RESERVED
+CVE-2017-9466
+	RESERVED
+CVE-2017-9465 (The yr_arena_write_data function in YARA 3.6.1 allows remote attackers ...)
+	TODO: check
+CVE-2017-9464
+	RESERVED
+CVE-2017-9463
+	RESERVED
 CVE-2017-9460
 	RESERVED
 CVE-2017-9459
@@ -24,11 +96,11 @@
 	NOT-FOR-US: BigTree CMS
 CVE-2017-9448 (Cross-site scripting (XSS) vulnerabilities in BigTree CMS through ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9462 [allows remote users unauthorized access to a hg serve --stdio instance]
+CVE-2017-9462 (In Mercurial before 4.1.3, "hg serve --stdio" allows remote ...)
 	- mercurial <unfixed> (bug #861243)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.1.3_.282017-4-18.29
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/77eaf9539499
-CVE-2017-9461 [infinite loop on bad-symlink resolution]
+CVE-2017-9461 (smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of ...)
 	- samba 2:4.5.6+dfsg-1 (bug #864291)
 	NOTE: https://git.samba.org/?p=samba.git;a=commitdiff;h=10c3e3923022485c720f322ca4f0aca5d7501310
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=12572
@@ -7262,6 +7334,7 @@
 	[jessie] - apng2gif <not-affected> (Vulnerable code introduced later with refactoring)
 	[wheezy] - apng2gif <not-affected> (Vulnerable code introduced later with refactoring)
 CVE-2017-6960 (An issue was discovered in apng2gif 1.7. There ...)
+	{DLA-981-1}
 	- apng2gif <unfixed> (bug #854367)
 	[stretch] - apng2gif <no-dsa> (Minor issue; can be fixed via point release)
 	[jessie] - apng2gif <no-dsa> (Minor issue; can be fixed via point release)
@@ -42403,7 +42476,8 @@
 	NOT-FOR-US: Apple
 CVE-2016-4620 (The Sandbox Profiles component in Apple iOS before 10 does not ...)
 	NOT-FOR-US: Apple
-CVE-2016-4619 (libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...)
+CVE-2016-4619
+	REJECTED
 	NOTE: To be REJECTED, Apple duplicate of CVE-2015-8317
 CVE-2016-4618 (Cross-site scripting (XSS) vulnerability in Safari Reader in Apple iOS ...)
 	NOT-FOR-US: Apple
@@ -42420,7 +42494,8 @@
 	NOTE: contacted Apple for more information, but no reply for quite a while
 CVE-2016-4613 (An issue was discovered in certain Apple products. Safari before ...)
 	NOT-FOR-US: Apple
-CVE-2016-4612 (libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...)
+CVE-2016-4612
+	REJECTED
 	NOTE: To be REJECTED, Apple duplicate of CVE-2016-1683
 CVE-2016-4611 (WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 ...)
 	NOT-FOR-US: Webkit as used by Apple

More information about the Secure-testing-commits mailing list