[Secure-testing-commits] r58106 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Nov 29 09:42:39 UTC 2017
Author: carnil
Date: 2017-11-29 09:42:39 +0000 (Wed, 29 Nov 2017)
New Revision: 58106
Modified:
data/CVE/list
Log:
Add new curl issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-29 09:10:23 UTC (rev 58105)
+++ data/CVE/list 2017-11-29 09:42:39 UTC (rev 58106)
@@ -25622,12 +25622,21 @@
RESERVED
CVE-2017-8819
RESERVED
-CVE-2017-8818
+CVE-2017-8818 [SSL out of buffer access]
RESERVED
-CVE-2017-8817
+ - curl <unfixed>
+ [stretch] - curl <not-affected> (Vulnerable code not present)
+ [jessie] - curl <not-affected> (Vulnerable code not present)
+ [wheezy] - curl <not-affected> (Vulnerable code not present)
+ NOTE: https://curl.haxx.se/docs/adv_2017-af0a.html
+CVE-2017-8817 [FTP wildcard out of bounds read]
RESERVED
-CVE-2017-8816
+ - curl <unfixed>
+ NOTE: https://curl.haxx.se/docs/adv_2017-ae72.html
+CVE-2017-8816 [NTLM buffer overflow via integer overflow]
RESERVED
+ - curl <unfixed>
+ NOTE: https://curl.haxx.se/docs/adv_2017-11e7.html
CVE-2017-8815 (The language converter in MediaWiki before 1.27.4, 1.28.x before ...)
{DSA-4036-1}
- mediawiki 1:1.27.4-1
More information about the Secure-testing-commits
mailing list