[Secure-testing-commits] r52510 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Jun 12 16:06:46 UTC 2017
Author: jmm
Date: 2017-06-12 16:06:46 +0000 (Mon, 12 Jun 2017)
New Revision: 52510
Modified:
data/CVE/list
Log:
new libcroco issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-12 16:03:20 UTC (rev 52509)
+++ data/CVE/list 2017-06-12 16:06:46 UTC (rev 52510)
@@ -2055,7 +2055,9 @@
[wheezy] - libxml2 <no-dsa> (Minor issue)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775200
CVE-2017-8871 (The cr_parser_parse_selector_core function in cr-parser.c in libcroco ...)
- TODO: check
+ - libcroco <unfixed> (low)
+ [stretch] - libcroco <no-dsa> (Minor issue)
+ [jessie] - libcroco <no-dsa> (Minor issue)
CVE-2017-8870
RESERVED
CVE-2017-8869
@@ -2175,7 +2177,9 @@
[jessie] - lxterminal <no-dsa> (Minor issue)
NOTE: Fixed by: https://git.lxde.org/gitweb/?p=lxde/lxterminal.git;a=commit;h=f99163c6ff8b2f57c5f37b1ce5d62cf7450d4648
CVE-2017-8834 (The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 ...)
- TODO: check
+ - libcroco <unfixed> (low)
+ [stretch] - libcroco <no-dsa> (Minor issue)
+ [jessie] - libcroco <no-dsa> (Minor issue)
CVE-2017-8833 (Zen Cart 1.6.0 has XSS in the main_page parameter to index.php. NOTE: ...)
NOT-FOR-US: Zen Cart
CVE-2017-8832 (Allen Disk 1.6 has XSS in the id parameter to downfile.php. ...)
More information about the Secure-testing-commits
mailing list