[Secure-testing-commits] r52613 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Fri Jun 16 09:10:13 UTC 2017
Author: sectracker
Date: 2017-06-16 09:10:13 +0000 (Fri, 16 Jun 2017)
New Revision: 52613
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-16 08:11:22 UTC (rev 52612)
+++ data/CVE/list 2017-06-16 09:10:13 UTC (rev 52613)
@@ -1836,8 +1836,8 @@
NOTE: ImageMagick fix: https://github.com/ImageMagick/ImageMagick/commit/1c358ffe0049f768dd49a8a889c1cbf99ac9849b
NOTE: GraphicsMagick fix: http://hg.code.sf.net/p/graphicsmagick/code/diff/0a5b75e019b6/coders/rle.c
NOTE: https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html
-CVE-2017-9097
- RESERVED
+CVE-2017-9097 (In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through ...)
+ TODO: check
CVE-2017-9096
RESERVED
CVE-2017-9095
@@ -10931,11 +10931,11 @@
NOT-FOR-US: Moodle plugin
CVE-2017-5944 [Remote code execution in dashboard interface]
RESERVED
- {DSA-3882-1}
+ {DSA-3882-1 DLA-987-1}
- request-tracker4 4.4.1-4
CVE-2017-5943 [CSRF verification token information leak]
RESERVED
- {DSA-3882-1}
+ {DSA-3882-1 DLA-987-1}
- request-tracker4 4.4.1-4
CVE-2017-5942 (An issue was discovered in the WP Mail plugin before 1.2 for WordPress. ...)
NOT-FOR-US: Wordpress plugin
@@ -13208,7 +13208,7 @@
RESERVED
CVE-2017-5361 [Timing side-channel vulnerability in password verification]
RESERVED
- {DSA-3883-1 DSA-3882-1}
+ {DSA-3883-1 DSA-3882-1 DLA-988-1 DLA-987-1}
- request-tracker4 4.4.1-4
- rt-authen-externalauth <removed>
NOTE: https://github.com/bestpractical/rt-authen-externalauth/commit/436255c04b4881bb6d8eec9a57b8593033d863a9
@@ -38101,7 +38101,7 @@
NOTE: libtomcrypt, thus keep that source package as well for now associated.
CVE-2016-6127 [XSS in file uploads]
RESERVED
- {DSA-3882-1}
+ {DSA-3882-1 DLA-987-1}
- request-tracker4 4.4.1-4
CVE-2016-6126 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote ...)
NOT-FOR-US: IBM
More information about the Secure-testing-commits
mailing list