[Secure-testing-commits] r50076 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sun Mar 26 21:10:13 UTC 2017 

Author: sectracker
Date: 2017-03-26 21:10:13 +0000 (Sun, 26 Mar 2017)
New Revision: 50076

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-26 20:17:57 UTC (rev 50075)
+++ data/CVE/list	2017-03-26 21:10:13 UTC (rev 50076)
@@ -1,3 +1,5 @@
+CVE-2017-7269
+	RESERVED
 CVE-2017-7268
 	RESERVED
 CVE-2017-7267
@@ -7,6 +9,7 @@
 CVE-2017-7265
 	RESERVED
 CVE-2017-7264 (Use-after-free vulnerability in the fz_subsample_pixmap function in ...)
+	{DSA-3797-1}
 	- mupdf 1.9a+ds1-3 (bug #854734)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697515
@@ -4461,8 +4464,8 @@
 	NOT-FOR-US: OxygenOS
 CVE-2017-5623 (An issue was discovered in OxygenOS before 4.1.0 on OnePlus 3 and 3T ...)
 	NOT-FOR-US: OxygenOS
-CVE-2017-5622
-	RESERVED
+CVE-2017-5622 (With OxygenOS before 4.0.3, when a charger is connected to a ...)
+	TODO: check
 CVE-2017-5621 (An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and ...)
 	- zammad <itp> (bug #841355)
 CVE-2017-5620 (An XSS issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, ...)
@@ -12774,25 +12777,21 @@
 CVE-2017-2646
 	RESERVED
 	NOT-FOR-US: Keycloak
-CVE-2017-2645
-	RESERVED
+CVE-2017-2645 (In Moodle 3.x, XSS can occur via attachments to evidence of prior ...)
 	- moodle <not-affected> (Only affects 3.2 to 3.2.1 and 3.1 to 3.1.4)
 	NOTE: https://tracker.moodle.org/browse/MDL-57597
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-57597
-CVE-2017-2644
-	RESERVED
+CVE-2017-2644 (In Moodle 3.x, XSS can occur via evidence of prior learning. ...)
 	- moodle <not-affected> (Only affects 3.2 to 3.2.1 and 3.1 to 3.1.4)
 	NOTE: https://tracker.moodle.org/browse/MDL-57596
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-57596
-CVE-2017-2643
-	RESERVED
+CVE-2017-2643 (In Moodle 3.2.x, global search displays user names for unauthenticated ...)
 	- moodle <not-affected> (Only affects 3.2 to 3.2.1)
 	NOTE: https://tracker.moodle.org/browse/MDL-56526
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-56526
 CVE-2017-2642
 	RESERVED
-CVE-2017-2641
-	RESERVED
+CVE-2017-2641 (In Moodle 2.x and 3.x, SQL injection can occur via user preferences. ...)
 	- moodle 2.7.19+dfsg-1
 	NOTE: https://tracker.moodle.org/browse/MDL-58010
 	NOTE: https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-58010

More information about the Secure-testing-commits mailing list