[Secure-testing-commits] r57923 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Wed Nov 22 09:10:22 UTC 2017 

Author: sectracker
Date: 2017-11-22 09:10:22 +0000 (Wed, 22 Nov 2017)
New Revision: 57923

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-22 08:33:10 UTC (rev 57922)
+++ data/CVE/list	2017-11-22 09:10:22 UTC (rev 57923)
@@ -1,3 +1,5 @@
+CVE-2017-16926 (Ohcount 3.0.0 is prone to a command injection via specially crafted ...)
+	TODO: check
 CVE-2017-XXXX [Command injection through file names]
 	- ohcount <unfixed> (bug #882372)
 CVE-2017-16925
@@ -18241,6 +18243,7 @@
 CVE-2017-10700 (In the medialibrary component in QNAP NAS 4.3.3.0229, an ...)
 	NOT-FOR-US: QNAP
 CVE-2017-10699 (avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before ...)
+	{DSA-4045-1}
 	- vlc 2.2.6-3
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
 	NOTE: http://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=6cc73bcad19da2cd2e95671173f2e0d203a57e9b
@@ -22395,6 +22398,7 @@
 	- vlc 2.2.5.1-1
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
 CVE-2017-9300 (plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 ...)
+	{DSA-4045-1}
 	- vlc 2.2.6-3
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commit;h=55a82442cfea9dab8b853f3a4610f2880c5fadf3
@@ -23757,16 +23761,16 @@
 	RESERVED
 CVE-2017-8865
 	RESERVED
-CVE-2017-8864
-	RESERVED
-CVE-2017-8863
-	RESERVED
-CVE-2017-8862
-	RESERVED
-CVE-2017-8861
-	RESERVED
-CVE-2017-8860
-	RESERVED
+CVE-2017-8864 (Client-side enforcement using JavaScript of server-side security ...)
+	TODO: check
+CVE-2017-8863 (Information disclosure of .esp source code on the Cohu 3960 allows an ...)
+	TODO: check
+CVE-2017-8862 (The webupgrade function on the Cohu 3960HD does not verify the firmware ...)
+	TODO: check
+CVE-2017-8861 (Missing authentication for the remote configuration port 1236/tcp on ...)
+	TODO: check
+CVE-2017-8860 (Information disclosure through directory listing on the Cohu 3960HD ...)
+	TODO: check
 CVE-2017-8859 (In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users ...)
 	NOT-FOR-US: Veritas NetBackup
 CVE-2017-8858 (In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and ...)

More information about the Secure-testing-commits mailing list