[Secure-testing-commits] r55450 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Sep 4 21:37:31 UTC 2017
Author: jmm
Date: 2017-09-04 21:37:31 +0000 (Mon, 04 Sep 2017)
New Revision: 55450
Modified:
data/CVE/list
Log:
new libraw issue
NFU
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-04 21:34:48 UTC (rev 55449)
+++ data/CVE/list 2017-09-04 21:37:31 UTC (rev 55450)
@@ -1000,7 +1000,8 @@
- graphicsmagick <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484192
CVE-2017-13735 (There is a floating point exception in the kodak_radc_load_raw function ...)
- TODO: check
+ - libraw <unfixed> (low)
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1483988
CVE-2017-13734 (There is an illegal address access in the _nc_safe_strcat function in ...)
- ncurses 6.0+20170827-1 (bug #873723)
[stretch] - ncurses <no-dsa> (Minor issue)
@@ -9226,7 +9227,7 @@
[wheezy] - graphicsmagick <not-affected> (vulnerable code not present)
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/a20bee0a0ad2
CVE-2017-10793 (The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589, NVG599, and ...)
- TODO: check
+ NOT-FOR-US: Arris
CVE-2017-10792 (There is a NULL Pointer Dereference in the function ll_insert() of the ...)
- pspp 1.0.0-1 (unimportant; bug #866890)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1467005
More information about the Secure-testing-commits
mailing list