[Secure-testing-commits] r57906 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Nov 21 20:42:12 UTC 2017
Author: carnil
Date: 2017-11-21 20:42:12 +0000 (Tue, 21 Nov 2017)
New Revision: 57906
Modified:
data/CVE/list
Log:
Add TODOs for three libxls related issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-21 20:42:00 UTC (rev 57905)
+++ data/CVE/list 2017-11-21 20:42:12 UTC (rev 57906)
@@ -14139,9 +14139,9 @@
CVE-2017-12112
RESERVED
CVE-2017-12111 (An exploitable out-of-bounds vulnerability exists in the xls_addCell ...)
- TODO: check
+ TODO: check, libxls is not packaged in Debian, but embedded in r-cran-readxl
CVE-2017-12110 (An exploitable integer overflow vulnerability exists in the ...)
- TODO: check
+ TODO: check, libxls is not packaged in Debian, but embedded in r-cran-readxl
CVE-2017-12109
RESERVED
CVE-2017-12108
@@ -42413,7 +42413,7 @@
CVE-2017-2897 (An exploitable out-of-bounds write vulnerability exists in the ...)
TODO: check
CVE-2017-2896 (An exploitable out-of-bounds write vulnerability exists in the ...)
- TODO: check
+ TODO: check, libxls is not packaged in Debian, but embedded in r-cran-readxl
CVE-2017-2895 (An exploitable arbitrary memory read vulnerability exists in the MQTT ...)
NOT-FOR-US: Cesanta Mongoose
TODO: check smplayer, embeds it
More information about the Secure-testing-commits
mailing list