[Secure-testing-commits] r52454 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Jun 9 20:05:09 UTC 2017
Author: jmm
Date: 2017-06-09 20:05:09 +0000 (Fri, 09 Jun 2017)
New Revision: 52454
Modified:
data/CVE/list
Log:
yara bugs
lshell removal
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-09 20:03:38 UTC (rev 52453)
+++ data/CVE/list 2017-06-09 20:05:09 UTC (rev 52454)
@@ -153,7 +153,7 @@
CVE-2017-9466
RESERVED
CVE-2017-9465 (The yr_arena_write_data function in YARA 3.6.1 allows remote attackers ...)
- - yara <unfixed> (low)
+ - yara <unfixed> (low; bug #864517)
[stretch] - yara <no-dsa> (Minor issue)
[jessie] - yara <no-dsa> (Minor issue)
NOTE: https://github.com/VirusTotal/yara/issues/678
@@ -222,7 +222,7 @@
NOTE: https://github.com/ImageMagick/ImageMagick/issues/460
NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/6c6abed989ea4a3ef472db65ab487c1809a3a718
CVE-2017-9438 (libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers ...)
- - yara <unfixed>
+ - yara <unfixed> (low; bug #864518)
[stretch] - yara <no-dsa> (Minor issue)
[jessie] - yara <no-dsa> (Minor issue)
NOTE: https://github.com/VirusTotal/yara/issues/674
@@ -34433,6 +34433,7 @@
NOTE: Vulnerable code not present in any Libav version.
CVE-2016-6902 (lshell 0.9.16 allows remote authenticated users to break out of a ...)
- lshell <removed> (bug #834949)
+ [jessie] - lshell <no-dsa> (Scheduled for removal)
[wheezy] - lshell <not-affected> (Vulnerable code not present)
NOTE: https://github.com/ghantoos/lshell/issues/147
NOTE: http://www.openwall.com/lists/oss-security/2016/08/22/15
@@ -34441,6 +34442,7 @@
NOTE: about issues/147" and possibly a new/additional CVE assignment.
CVE-2016-6903 (lshell 0.9.16 allows remote authenticated users to break out of a ...)
- lshell <removed> (bug #834946)
+ [jessie] - lshell <no-dsa> (Scheduled for removal)
[wheezy] - lshell <not-affected> (Vulnerable code not present)
NOTE: https://github.com/ghantoos/lshell/issues/149
NOTE: http://www.openwall.com/lists/oss-security/2016/08/22/15
More information about the Secure-testing-commits
mailing list