[Secure-testing-commits] r52704 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Jun 19 13:51:46 UTC 2017 

Author: jmm
Date: 2017-06-19 13:51:46 +0000 (Mon, 19 Jun 2017)
New Revision: 52704

Modified:
   data/CVE/list
Log:
new binutils issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-19 09:10:13 UTC (rev 52703)
+++ data/CVE/list	2017-06-19 13:51:46 UTC (rev 52704)
@@ -1,33 +1,63 @@
 CVE-2017-9756 (The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU ...)
-	TODO: check
+	- binutils <unfixed> (low)
+	[stretch] - binutils <no-dsa> (Minor issue)
+	[jessie] - binutils <no-dsa> (Minor issue)
 CVE-2017-9755 (opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of ...)
-	TODO: check
+	- binutils <unfixed> (low)
+	[stretch] - binutils <no-dsa> (Minor issue)
+	[jessie] - binutils <no-dsa> (Minor issue)
 CVE-2017-9754 (The process_otr function in bfd/versados.c in the Binary File ...)
-	TODO: check
+	- binutils <unfixed> (low)
+	[stretch] - binutils <no-dsa> (Minor issue)
+	[jessie] - binutils <no-dsa> (Minor issue)
 CVE-2017-9753 (The versados_mkobject function in bfd/versados.c in the Binary File ...)
-	TODO: check
+	- binutils <unfixed> (low)
+	[stretch] - binutils <no-dsa> (Minor issue)
+	[jessie] - binutils <no-dsa> (Minor issue)
 CVE-2017-9752 (bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka ...)
-	TODO: check
+	- binutils <unfixed> (low)
+	[stretch] - binutils <no-dsa> (Minor issue)
+	[jessie] - binutils <no-dsa> (Minor issue)
 CVE-2017-9751 (opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE ...)
-	TODO: check
+	- binutils <unfixed> (low)
+	[stretch] - binutils <no-dsa> (Minor issue)
+	[jessie] - binutils <no-dsa> (Minor issue)
 CVE-2017-9750 (opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for ...)
-	TODO: check
+	- binutils <unfixed> (low)
+	[stretch] - binutils <no-dsa> (Minor issue)
+	[jessie] - binutils <no-dsa> (Minor issue)
 CVE-2017-9749 (The *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow ...)
-	TODO: check
+	- binutils <unfixed> (low)
+	[stretch] - binutils <no-dsa> (Minor issue)
+	[jessie] - binutils <no-dsa> (Minor issue)
 CVE-2017-9748 (The ieee_object_p function in bfd/ieee.c in the Binary File Descriptor ...)
-	TODO: check
+	- binutils <unfixed> (low)
+	[stretch] - binutils <no-dsa> (Minor issue)
+	[jessie] - binutils <no-dsa> (Minor issue)
 CVE-2017-9747 (The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor ...)
-	TODO: check
+	- binutils <unfixed> (low)
+	[stretch] - binutils <no-dsa> (Minor issue)
+	[jessie] - binutils <no-dsa> (Minor issue)
 CVE-2017-9746 (The disassemble_bytes function in objdump.c in GNU Binutils 2.28 allows ...)
-	TODO: check
+	- binutils <unfixed> (low)
+	[stretch] - binutils <no-dsa> (Minor issue)
+	[jessie] - binutils <no-dsa> (Minor issue)
 CVE-2017-9745 (The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File ...)
-	TODO: check
+	- binutils <unfixed> (low)
+	[stretch] - binutils <no-dsa> (Minor issue)
+	[jessie] - binutils <no-dsa> (Minor issue)
 CVE-2017-9744 (The sh_elf_set_mach_from_flags function in bfd/elf32-sh.c in the Binary ...)
-	TODO: check
+	- binutils <unfixed> (low)
+	[stretch] - binutils <no-dsa> (Minor issue)
+	[jessie] - binutils <no-dsa> (Minor issue)
 CVE-2017-9743 (The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU ...)
-	TODO: check
+	- binutils <unfixed> (low)
+	[stretch] - binutils <no-dsa> (Minor issue)
+	[jessie] - binutils <no-dsa> (Minor issue)
 CVE-2017-9742 (The score_opcodes function in opcodes/score7-dis.c in GNU Binutils 2.28 ...)
-	TODO: check
+	- binutils <unfixed> (low)
+	[stretch] - binutils <no-dsa> (Minor issue)
+	[jessie] - binutils <no-dsa> (Minor issue)
 CVE-2017-9741 (install/make-config.php in ProjectSend r754 allows remote attackers to ...)
 	TODO: check
 CVE-2017-9740
@@ -2065,43 +2095,43 @@
 CVE-2017-9045 (The Google I/O 2017 application before 5.1.4 for Android downloads ...)
 	NOT-FOR-US: Google I/O 2017 application
 CVE-2017-9044 (The print_symbol_for_build_attribute function in readelf.c in GNU ...)
-	- binutils <unfixed>
+	- binutils <unfixed> (low)
 	[stretch] - binutils <no-dsa> (Minor issue)
 	[jessie] - binutils <no-dsa> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 CVE-2017-9043 (readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large ...)
-	- binutils <unfixed> (bug #863674)
+	- binutils <unfixed> (low; bug #863674)
 	[stretch] - binutils <no-dsa> (Minor issue)
 	[jessie] - binutils <no-dsa> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ddef72cdc10d82ba011a7ff81cafbbd3466acf54
 CVE-2017-9042 (readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in ...)
-	- binutils <unfixed> (bug #863674)
+	- binutils <unfixed> (low; bug #863674)
 	[stretch] - binutils <no-dsa> (Minor issue)
 	[jessie] - binutils <no-dsa> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7296a62a2a237f6b1ad8db8c38b090e9f592c8cf
 CVE-2017-9041 (GNU Binutils 2.28 allows remote attackers to cause a denial of service ...)
-	- binutils 2.28-6 (bug #863674)
+	- binutils 2.28-6 (low; bug #863674)
 	[stretch] - binutils <no-dsa> (Minor issue)
 	[jessie] - binutils <no-dsa> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75ec1fdbb797a389e4fe4aaf2e15358a070dcc19
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c4ab9505b53cdc899506ed421fddb7e1f8faf7a3
 CVE-2017-9040 (GNU Binutils 2017-04-03 allows remote attackers to cause a denial of ...)
-	- binutils <unfixed> (bug #863674)
+	- binutils <unfixed> (low; bug #863674)
 	[stretch] - binutils <no-dsa> (Minor issue)
 	[jessie] - binutils <no-dsa> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7296a62a2a237f6b1ad8db8c38b090e9f592c8cf
 CVE-2017-9039 (GNU Binutils 2.28 allows remote attackers to cause a denial of service ...)
-	- binutils 2.28-6 (bug #863674)
+	- binutils 2.28-6 (low; bug #863674)
 	[stretch] - binutils <no-dsa> (Minor issue)
 	[jessie] - binutils <no-dsa> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=82156ab704b08b124d319c0decdbd48b3ca2dac5
 CVE-2017-9038 (GNU Binutils 2.28 allows remote attackers to cause a denial of service ...)
-	- binutils 2.28-6 (bug #863674)
+	- binutils 2.28-6 (low; bug #863674)
 	[stretch] - binutils <no-dsa> (Minor issue)
 	[jessie] - binutils <no-dsa> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)

More information about the Secure-testing-commits mailing list