[Secure-testing-commits] r52733 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Jun 20 09:36:36 UTC 2017


Author: jmm
Date: 2017-06-20 09:36:36 +0000 (Tue, 20 Jun 2017)
New Revision: 52733

Modified:
   data/CVE/list
Log:
more radare issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-20 09:25:26 UTC (rev 52732)
+++ data/CVE/list	2017-06-20 09:36:36 UTC (rev 52733)
@@ -7,10 +7,18 @@
 	- redare2 <unfixed>
 	NOTE: https://github.com/radare/radare2/commit/65000a7fd9eea62359e6d6714f17b94a99a82edd
 	NOTE: https://github.com/radare/radare2/issues/7723
+	NOTE: Not a security issue for Grub
 CVE-2017-9762 (The cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows ...)
-	TODO: check
+	- radare2 <unfixed> (low)
+	[stretch] - radare2 <no-dsa> (Minor issue)
+	[jessie] - radare2 <no-dsa> (Minor issue)
+	NOTE: https://github.com/radare/radare2/issues/7726
 CVE-2017-9761 (The find_eoq function in libr/core/cmd.c in radare2 1.5.0 allows remote ...)
-	TODO: check
+	- radare2 <unfixed> (low)
+	[stretch] - radare2 <no-dsa> (Minor issue)
+	[jessie] - radare2 <no-dsa> (Minor issue)
+	NOTE: https://github.com/radare/radare2/commit/00e8f205475332d7842d0f0d1481eeab4e83017c
+	NOTE: https://github.com/radare/radare2/issues/7727
 CVE-2017-9760
 	RESERVED
 CVE-2017-9759 (SQL Injection exists in admin/index.php in Zenbership 1.0.8 via the ...)
@@ -650,7 +658,9 @@
 CVE-2017-9521
 	RESERVED
 CVE-2017-9520 (The r_config_set function in libr/config/config.c in radare2 1.5.0 ...)
-	- radare2 <unfixed> (bug #864533)
+	- radare2 <unfixed> (low; bug #864533)
+	[stretch] - radare2 <no-dsa> (Minor issue)
+	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/f85bc674b2a2256a364fe796351bc1971e106005
 	NOTE: https://github.com/radare/radare2/issues/7698




More information about the Secure-testing-commits mailing list