[Secure-testing-commits] r51920 - data/CVE

Wed May 24 09:10:13 UTC 2017

Author: sectracker
Date: 2017-05-24 09:10:13 +0000 (Wed, 24 May 2017)
New Revision: 51920

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-05-24 08:15:18 UTC (rev 51919)
+++ data/CVE/list	2017-05-24 09:10:13 UTC (rev 51920)
@@ -1,3 +1,7 @@
+CVE-2017-9217 (systemd-resolved through 233 allows remote attackers to cause a denial ...)
+	TODO: check
+CVE-2017-9216 (libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and ...)
+	TODO: check
 CVE-2017-XXXX [kodi: directory traversal in ZipManager]
 	- kodi <unfixed> (bug #863230)
 	- xbmc <undetermined>
@@ -2251,16 +2255,16 @@
 	RESERVED
 CVE-2017-8315
 	RESERVED
-CVE-2017-8314
-	RESERVED
-CVE-2017-8313
-	RESERVED
-CVE-2017-8312
-	RESERVED
-CVE-2017-8311
-	RESERVED
-CVE-2017-8310
-	RESERVED
+CVE-2017-8314 (Directory Traversal in Zip Extraction built-in function in Kodi 17.1 ...)
+	TODO: check
+CVE-2017-8313 (Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to ...)
+	TODO: check
+CVE-2017-8312 (Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing ...)
+	TODO: check
+CVE-2017-8311 (Potential heap based buffer overflow in ParseJSS in VideoLAN VLC ...)
+	TODO: check
+CVE-2017-8310 (Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due ...)
+	TODO: check
 CVE-2017-8309 (Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows ...)
 	- qemu 1:2.8+dfsg-5 (bug #862280)
 	[jessie] - qemu <no-dsa> (Minor issue)
@@ -4511,6 +4515,7 @@
 	NOTE: Fixed by: https://git.kernel.org/linus/06bd3c36a733ac27962fea7d6f47168841376824
 CVE-2017-7494
 	RESERVED
+	{DSA-3860-1 DLA-951-1}
 	- samba <unfixed>
 	NOTE: https://www.samba.org/samba/security/CVE-2017-7494.html
 CVE-2017-7493 (Quick Emulator (Qemu) built with the VirtFS, host directory sharing ...)


