[Secure-testing-commits] r52976 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Wed Jun 28 09:10:16 UTC 2017 

Author: sectracker
Date: 2017-06-28 09:10:14 +0000 (Wed, 28 Jun 2017)
New Revision: 52976

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-28 08:59:34 UTC (rev 52975)
+++ data/CVE/list	2017-06-28 09:10:14 UTC (rev 52976)
@@ -1,3 +1,29 @@
+CVE-2017-9996 (The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x ...)
+	TODO: check
+CVE-2017-9995 (libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validate ...)
+	TODO: check
+CVE-2017-9994 (libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x ...)
+	TODO: check
+CVE-2017-9993 (FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, ...)
+	TODO: check
+CVE-2017-9992 (Heap-based buffer overflow in the decode_dds1 function in ...)
+	TODO: check
+CVE-2017-9991 (Heap-based buffer overflow in the xwd_decode_frame function in ...)
+	TODO: check
+CVE-2017-9990 (Stack-based buffer overflow in the color_string_to_rgba function in ...)
+	TODO: check
+CVE-2017-9989 (util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A ...)
+	TODO: check
+CVE-2017-9988 (The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles ...)
+	TODO: check
+CVE-2017-9987 (There is a heap-based buffer overflow in the function hpel_motion in ...)
+	TODO: check
+CVE-2017-9986 (The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel ...)
+	TODO: check
+CVE-2017-9985 (The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in ...)
+	TODO: check
+CVE-2017-9984 (The snd_msnd_interrupt function in sound/isa/msnd/msnd_pinnacle.c in ...)
+	TODO: check
 CVE-2017-9983
 	RESERVED
 CVE-2017-9982 (TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of ...)
@@ -2654,8 +2680,7 @@
 	RESERVED
 CVE-2017-9446
 	RESERVED
-CVE-2017-9445 [Out-of-bounds write in systemd-resolved with crafted TCP payload]
-	RESERVED
+CVE-2017-9445 (In systemd through 233, certain sizes passed to dns_packet_new in ...)
 	- systemd <unfixed> (bug #866147)
 	[stretch] - systemd <no-dsa> (Minor issue, systemd-resolved not enabled by default)
 	[jessie] - systemd <not-affected> (Vulnerable code not present)

More information about the Secure-testing-commits mailing list