[Secure-testing-commits] r56410 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Oct 4 19:19:18 UTC 2017


Author: carnil
Date: 2017-10-04 19:19:18 +0000 (Wed, 04 Oct 2017)
New Revision: 56410

Modified:
   data/CVE/list
Log:
Add two new xorg-server issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-04 19:15:58 UTC (rev 56409)
+++ data/CVE/list	2017-10-04 19:19:18 UTC (rev 56410)
@@ -3624,14 +3624,18 @@
 	- tcpdump 4.9.2-1
 CVE-2017-13724 (On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site ...)
 	NOT-FOR-US: Axesstel MU553S MU55XS-V1.14
-CVE-2017-13723
+CVE-2017-13723 [Handle xkb formated string output safely]
 	RESERVED
+	- xorg-server <unfixed>
+	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=94f11ca5cf011ef123bd222cabeaef6f424d76ac
 CVE-2017-13722 [pcfGetProperties: Check string boundaries]
 	RESERVED
 	- libxfont <unfixed>
 	NOTE: Fixed by: https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=672bb944311392e2415b39c0d63b1e1902905bcd
-CVE-2017-13721
+CVE-2017-13721 [Xext/shm: Validate shmseg resource id]
 	RESERVED
+	- xorg-server <unfixed>
+	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=b95f25af141d33a65f6f821ea9c003f66a01e1f1
 CVE-2017-13720 [Check for end of string in PatternMatch]
 	RESERVED
 	- libxfont <unfixed>




More information about the Secure-testing-commits mailing list