[Secure-testing-commits] r50214 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Mar 31 06:50:33 UTC 2017
Author: jmm
Date: 2017-03-31 06:50:33 +0000 (Fri, 31 Mar 2017)
New Revision: 50214
Modified:
data/CVE/list
Log:
slurm-llnl, phpmailer no-dsa
one tiff issue unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-31 06:50:06 UTC (rev 50213)
+++ data/CVE/list 2017-03-31 06:50:33 UTC (rev 50214)
@@ -402,12 +402,13 @@
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2604
CVE-2016-10268 (tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a ...)
{DLA-877-1}
- - tiff 4.0.7-2
- - tiff3 <removed>
+ - tiff 4.0.7-2 (unimportant)
+ - tiff3 <removed> (unimportant)
[wheezy] - tiff3 <not-affected> (issue in tiffcp that is not shipped by the source package)
NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/
NOTE: https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2598
+ NOTE: Crash in CLI tool not treated as a security issue
CVE-2016-10267 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...)
{DLA-877-1}
- tiff 4.0.7-2
@@ -6383,6 +6384,7 @@
CVE-2017-5223 (An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML ...)
{DLA-817-1}
- libphp-phpmailer 5.2.14+dfsg-2.3 (bug #853232)
+ [jessie] - libphp-phpmailer <no-dsa> (Minor issue)
NOTE: Fixed by: https://github.com/PHPMailer/PHPMailer/commit/ad4cb09682682da2217799a0c521d4cdc6753402 (v5.2.22)
NOTE: http://kalilinux.co/2017/01/12/phpmailer-cve-2017-5223-local-information-disclosure-vulnerability-analysis/
CVE-2017-5222
@@ -9539,6 +9541,7 @@
NOT-FOR-US: WampServer
CVE-2016-10030 (The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, ...)
- slurm-llnl 16.05.8-1 (bug #850491)
+ [jessie] - slurm-llnl <no-dsa> (Minor issue)
NOTE: https://www.schedmd.com/news.php?id=178
NOTE: https://github.com/SchedMD/slurm/commit/92362a92fffe60187df61f99ab11c249d44120ee
CVE-2017-3894
More information about the Secure-testing-commits
mailing list