[Secure-testing-commits] r57780 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Nov 18 13:05:57 UTC 2017
Author: carnil
Date: 2017-11-18 13:05:57 +0000 (Sat, 18 Nov 2017)
New Revision: 57780
Modified:
data/CVE/list
Log:
Add CVE-2017-1000190/simple-xml
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-18 13:05:45 UTC (rev 57779)
+++ data/CVE/list 2017-11-18 13:05:57 UTC (rev 57780)
@@ -9,7 +9,8 @@
CVE-2017-1000217 (Opencast 2.3.2 and older versions are vulnerable to script injections ...)
TODO: check
CVE-2017-1000190 (SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability ...)
- TODO: check
+ - simple-xml <unfixed>
+ NOTE: https://github.com/ngallagher/simplexml/issues/18
CVE-2017-1000163 (The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through ...)
TODO: check
CVE-2017-1000128 (Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser ...)
More information about the Secure-testing-commits
mailing list