[Secure-testing-commits] r52670 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Sat Jun 17 21:10:13 UTC 2017
Author: sectracker
Date: 2017-06-17 21:10:13 +0000 (Sat, 17 Jun 2017)
New Revision: 52670
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-17 20:07:44 UTC (rev 52669)
+++ data/CVE/list 2017-06-17 21:10:13 UTC (rev 52670)
@@ -1,4 +1,4 @@
-CVE-2017-9736 [remote code execution]
+CVE-2017-9736 (SPIP 3.1.x before 3.1.6 and 3.2.x before Beta 3 does not remove shell ...)
- spip 3.1.4-3 (bug #864921)
[jessie] - spip <not-affected> (Vulnerable code not present)
[wheezy] - spip <not-affected> (Vulnerable code not present)
@@ -1224,8 +1224,7 @@
RESERVED
CVE-2014-9971
RESERVED
-CVE-2017-1000380 [infoleak due to a data race in ALSA timer]
- RESERVED
+CVE-2017-1000380 (sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a ...)
- linux <unfixed>
NOTE: Fixed by: https://git.kernel.org/linus/d11662f4f798b50d8c8743f433842c3e40fe3378 (v4.12-rc5)
NOTE: Fixed by: https://git.kernel.org/linus/ba3021b2c79b2fa9114f92790a99deb27a65b728 (v4.12-rc5)
@@ -45186,6 +45185,7 @@
NOTE: Introduced by: https://git.kernel.org/linus/fb09692e71f13af7298eb603a1975850b1c7a8d8 (v3.9-rc1)
CVE-2016-4000 [Unsafe deserialization leads to code execution]
RESERVED
+ {DLA-989-1}
- jython 2.5.3-17 (bug #864859)
NOTE: http://bugs.jython.org/issue2454
NOTE: https://hg.python.org/jython/rev/d06e29d100c0
More information about the Secure-testing-commits
mailing list