[Secure-testing-commits] r58105 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Wed Nov 29 09:10:23 UTC 2017 

Author: sectracker
Date: 2017-11-29 09:10:23 +0000 (Wed, 29 Nov 2017)
New Revision: 58105

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-29 08:37:04 UTC (rev 58104)
+++ data/CVE/list	2017-11-29 09:10:23 UTC (rev 58105)
@@ -1,10 +1,32 @@
-CVE-2017-17053 [x86/mm: Fix use-after-free of ldt_struct]
+CVE-2017-17058 (The WooCommerce plugin through 3.x for WordPress has a Directory ...)
+	TODO: check
+CVE-2017-17057
+	RESERVED
+CVE-2017-17056
+	RESERVED
+CVE-2017-17055
+	RESERVED
+CVE-2017-17054 (In aubio 0.4.6, a divide-by-zero error exists in the function ...)
+	TODO: check
+CVE-2017-17051
+	RESERVED
+CVE-2017-17050 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a ...)
+	TODO: check
+CVE-2017-17049 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a ...)
+	TODO: check
+CVE-2017-17048
+	RESERVED
+CVE-2017-17047
+	RESERVED
+CVE-2017-17043 (The Emag Marketplace Connector plugin 1.0.0 for WordPress has reflected ...)
+	TODO: check
+CVE-2017-17053 (The init_new_context function in arch/x86/include/asm/mmu_context.h in ...)
 	- linux 4.12.12-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/ccd5b3235180eef3cfec337df1c8554ab151b5cc
-CVE-2017-17052 [fork: fix incorrect fput of ->exe_file causing use-after-free]
+CVE-2017-17052 (The mm_init function in kernel/fork.c in the Linux kernel before ...)
 	- linux 4.12.12-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -93,13 +115,16 @@
 	RESERVED
 CVE-2017-17027
 	RESERVED
-CVE-2017-17045 [XSA-247: Missing p2m error checking in PoD code]
+CVE-2017-17045 (An issue was discovered in Xen through 4.9.x allowing HVM guest OS ...)
+	{DSA-4050-1}
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-247.html
-CVE-2017-17044 [XSA-246: x86: infinite loop due to missing PoD error checking]
+CVE-2017-17044 (An issue was discovered in Xen through 4.9.x allowing HVM guest OS ...)
+	{DSA-4050-1}
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-246.html
-CVE-2017-17046 [XSA-245: ARM: Some memory not scrubbed at boot]
+CVE-2017-17046 (An issue was discovered in Xen through 4.9.x on the ARM platform ...)
+	{DSA-4050-1}
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-245.html
 CVE-2018-0705

More information about the Secure-testing-commits mailing list