[Secure-testing-commits] r51569 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Fri May 12 09:10:21 UTC 2017 

Author: sectracker
Date: 2017-05-12 09:10:21 +0000 (Fri, 12 May 2017)
New Revision: 51569

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-05-12 08:24:49 UTC (rev 51568)
+++ data/CVE/list	2017-05-12 09:10:21 UTC (rev 51569)
@@ -1,3 +1,21 @@
+CVE-2017-8915
+	RESERVED
+CVE-2017-8914
+	RESERVED
+CVE-2017-8913
+	RESERVED
+CVE-2017-8912 (** DISPUTED ** CMS Made Simple (CMSMS) 2.1.6 allows remote ...)
+	TODO: check
+CVE-2017-8911 (An integer underflow has been identified in the unicode_to_utf8() ...)
+	TODO: check
+CVE-2017-8910
+	RESERVED
+CVE-2017-8909
+	RESERVED
+CVE-2017-8908 (The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 ...)
+	TODO: check
+CVE-2017-8907
+	RESERVED
 CVE-2017-8906 (An integer underflow vulnerability exists in pixel-a.asm, the x86 ...)
 	- x265 <unfixed>
 CVE-2017-8902
@@ -4,8 +22,8 @@
 	RESERVED
 CVE-2017-8901
 	RESERVED
-CVE-2017-8900
-	RESERVED
+CVE-2017-8900 (LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, ...)
+	TODO: check
 CVE-2017-8899 (Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has ...)
 	NOT-FOR-US: Invision Power Services
 CVE-2017-8898 (Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has ...)
@@ -1069,6 +1087,7 @@
 	RESERVED
 CVE-2017-8422
 	RESERVED
+	{DSA-3849-1}
 	- kauth 5.28.0-2
 	- kde4libs 4:4.14.26-2
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/10/3
@@ -1319,8 +1338,8 @@
 	NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-flac_buffer_copy-flac-c/
 	NOTE: https://github.com/erikd/libsndfile/issues/232
 	NOTE: https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
-CVE-2017-8360
-	RESERVED
+CVE-2017-8360 (Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ...)
+	TODO: check
 CVE-2017-8359 (Google gRPC before 2017-03-29 has an out-of-bounds write caused by a ...)
 	- grpc <unfixed>
 	NOTE: https://github.com/grpc/grpc/pull/10353
@@ -7072,6 +7091,7 @@
 CVE-2017-6411 (Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 ...)
 	NOT-FOR-US: D-Link
 CVE-2017-6410 (kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls ...)
+	{DSA-3849-1}
 	- kio 5.28.0-2 (bug #856889)
 	- kde4libs 4:4.14.26-2 (bug #856890)
 	NOTE: https://www.kde.org/info/security/advisory-20170228-1.txt

More information about the Secure-testing-commits mailing list