[Secure-testing-commits] r57701 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Nov 17 09:21:32 UTC 2017
Author: jmm
Date: 2017-11-17 09:21:32 +0000 (Fri, 17 Nov 2017)
New Revision: 57701
Modified:
data/CVE/list
Log:
new optipng issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-17 09:20:46 UTC (rev 57700)
+++ data/CVE/list 2017-11-17 09:21:32 UTC (rev 57701)
@@ -40,7 +40,8 @@
- ldns <unfixed>
NOTE: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1256
CVE-2017-1000229 (Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 ...)
- TODO: check
+ - optipng <unfixed>
+ NOTE: https://sourceforge.net/p/optipng/bugs/65/
CVE-2017-1000228 (nodejs ejs versions older than 2.5.3 is vulnerable to remote code ...)
NOT-FOR-US: nodejs ejs
CVE-2017-1000226 (Stop User Enumeration 1.3.8 allows user enumeration via the REST API ...)
More information about the Secure-testing-commits
mailing list