[Secure-testing-commits] r55456 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Tue Sep 5 09:10:20 UTC 2017
Author: sectracker
Date: 2017-09-05 09:10:20 +0000 (Tue, 05 Sep 2017)
New Revision: 55456
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-05 06:55:42 UTC (rev 55455)
+++ data/CVE/list 2017-09-05 09:10:20 UTC (rev 55456)
@@ -1,3 +1,39 @@
+CVE-2017-14150
+ RESERVED
+CVE-2017-14149 (GoAhead 3.4.0 through 3.6.5 has a NULL Pointer Dereference in the ...)
+ TODO: check
+CVE-2017-14148
+ RESERVED
+CVE-2017-14147
+ RESERVED
+CVE-2017-14146 (HelpDEZk 1.1.1 allows remote authenticated users to execute arbitrary ...)
+ TODO: check
+CVE-2017-14145 (HelpDEZk 1.1.1 has SQL Injection in ...)
+ TODO: check
+CVE-2017-14144
+ RESERVED
+CVE-2017-14143
+ RESERVED
+CVE-2017-14142
+ RESERVED
+CVE-2017-14141
+ RESERVED
+CVE-2017-14140 (The move_pages system call in mm/migrate.c in the Linux kernel before ...)
+ TODO: check
+CVE-2017-14139 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in ...)
+ TODO: check
+CVE-2017-14138 (ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in ...)
+ TODO: check
+CVE-2017-14137 (ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has a issue where ...)
+ TODO: check
+CVE-2017-14136 (OpenCV (Open Source Computer Vision Library) 3.3 has an out-of-bounds ...)
+ TODO: check
+CVE-2017-14135 (enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py in the ...)
+ TODO: check
+CVE-2017-14134
+ RESERVED
+CVE-2017-14133
+ RESERVED
CVE-2017-14132 (JasPer 2.0.13 allows remote attackers to cause a denial of service ...)
- jasper <removed> (low)
[jessie] - jasper <ignored> (Minor issue)
@@ -74,8 +110,8 @@
NOT-FOR-US: tcmu-runner
CVE-2017-14109
RESERVED
-CVE-2017-14108
- RESERVED
+CVE-2017-14108 (libgedit.a in GNOME gedit through 3.22.1 allows remote attackers to ...)
+ TODO: check
CVE-2017-14107 (The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 ...)
- libzip <unfixed> (low; bug #874010)
[stretch] - libzip <no-dsa> (Minor issue)
@@ -153,9 +189,11 @@
[wheezy] - asterisk <not-affected> (Vulnerable code not present; issue introduced in 13.15)
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27152
CVE-2017-14100 (In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before ...)
+ {DSA-3964-1}
- asterisk 1:13.17.1~dfsg-1 (bug #873908)
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27103
CVE-2017-14099 (In res/res_rtp_asterisk.c in Asterisk 11.x before 11.25.2, 13.x before ...)
+ {DSA-3964-1}
- asterisk 1:13.17.1~dfsg-1 (bug #873907)
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27013
CVE-2017-14077
@@ -7872,8 +7910,7 @@
NOT-FOR-US: Adobe Acrobat Reader
CVE-2017-11209 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ...)
NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-1000083 [Evince command injection vulnerability in CBT handler]
- RESERVED
+CVE-2017-1000083 (backend/comics/comics-document.c (aka the comic book backend) in GNOME ...)
{DSA-3916-1 DSA-3911-1 DLA-1031-1}
- evince 3.22.1-4
- atril 1.16.1-2.1 (bug #868500)
More information about the Secure-testing-commits
mailing list