[Secure-testing-commits] r50214 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Mar 31 06:50:33 UTC 2017 

Author: jmm
Date: 2017-03-31 06:50:33 +0000 (Fri, 31 Mar 2017)
New Revision: 50214

Modified:
   data/CVE/list
Log:
slurm-llnl, phpmailer no-dsa
one tiff issue unimportant


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-31 06:50:06 UTC (rev 50213)
+++ data/CVE/list	2017-03-31 06:50:33 UTC (rev 50214)
@@ -402,12 +402,13 @@
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2604
 CVE-2016-10268 (tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a ...)
 	{DLA-877-1}
-	- tiff 4.0.7-2
-	- tiff3 <removed>
+	- tiff 4.0.7-2 (unimportant)
+	- tiff3 <removed> (unimportant)
 	[wheezy] - tiff3 <not-affected> (issue in tiffcp that is not shipped by the source package)
 	NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/
 	NOTE: https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2598
+	NOTE: Crash in CLI tool not treated as a security issue
 CVE-2016-10267 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...)
 	{DLA-877-1}
 	- tiff 4.0.7-2
@@ -6383,6 +6384,7 @@
 CVE-2017-5223 (An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML ...)
 	{DLA-817-1}
 	- libphp-phpmailer 5.2.14+dfsg-2.3 (bug #853232)
+	[jessie] - libphp-phpmailer <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/PHPMailer/PHPMailer/commit/ad4cb09682682da2217799a0c521d4cdc6753402 (v5.2.22)
 	NOTE: http://kalilinux.co/2017/01/12/phpmailer-cve-2017-5223-local-information-disclosure-vulnerability-analysis/
 CVE-2017-5222
@@ -9539,6 +9541,7 @@
 	NOT-FOR-US: WampServer
 CVE-2016-10030 (The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, ...)
 	- slurm-llnl 16.05.8-1 (bug #850491)
+	[jessie] - slurm-llnl <no-dsa> (Minor issue)
 	NOTE:  https://www.schedmd.com/news.php?id=178
 	NOTE: https://github.com/SchedMD/slurm/commit/92362a92fffe60187df61f99ab11c249d44120ee
 CVE-2017-3894

More information about the Secure-testing-commits mailing list