[Secure-testing-commits] r57938 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Nov 22 20:57:18 UTC 2017
Author: carnil
Date: 2017-11-22 20:57:18 +0000 (Wed, 22 Nov 2017)
New Revision: 57938
Modified:
data/CVE/list
Log:
Expand todo for two CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-22 20:57:06 UTC (rev 57937)
+++ data/CVE/list 2017-11-22 20:57:18 UTC (rev 57938)
@@ -42415,7 +42415,7 @@
CVE-2017-2920 (An memory corruption vulnerability exists in the .SVG parsing ...)
NOT-FOR-US: Computerinsel Photoline
CVE-2017-2919 (An exploitable stack based buffer overflow vulnerability exists in the ...)
- TODO: check
+ TODO: check, libxls is not packaged in Debian, but embedded in r-cran-readxl
CVE-2017-2918
RESERVED
CVE-2017-2917 (An exploitable vulnerability exists in the notifications functionality ...)
@@ -42460,7 +42460,7 @@
CVE-2017-2898 (An exploitable vulnerability exists in the signature verification of ...)
NOT-FOR-US: Circle with Disney
CVE-2017-2897 (An exploitable out-of-bounds write vulnerability exists in the ...)
- TODO: check
+ TODO: check, libxls is not packaged in Debian, but embedded in r-cran-readxl
CVE-2017-2896 (An exploitable out-of-bounds write vulnerability exists in the ...)
TODO: check, libxls is not packaged in Debian, but embedded in r-cran-readxl
CVE-2017-2895 (An exploitable arbitrary memory read vulnerability exists in the MQTT ...)
More information about the Secure-testing-commits
mailing list