[Secure-testing-commits] r55653 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Sep 11 16:31:53 UTC 2017
Author: jmm
Date: 2017-09-11 16:31:53 +0000 (Mon, 11 Sep 2017)
New Revision: 55653
Modified:
data/CVE/list
Log:
libjpeg NFU
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-11 13:30:40 UTC (rev 55652)
+++ data/CVE/list 2017-09-11 16:31:53 UTC (rev 55653)
@@ -12843,9 +12843,8 @@
CVE-2017-9615 (Password exposure in Cognito Software Moneyworks 8.0.3 and earlier ...)
NOT-FOR-US: Cognito Software Moneyworks
CVE-2017-9614 (The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 ...)
- - libjpeg-turbo <undetermined> (bug #869927)
+ NOT-FOR-US: Not a bug in libjpeg itself, but incorrect API usage
NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/167
- NOTE: Not reproducible by upstream, might be an error in the application using libjpeg
CVE-2017-9613 (Stored Cross-site scripting (XSS) vulnerability in SAP SuccessFactors ...)
NOT-FOR-US: SAP SuccessFactors
CVE-2017-9612 (The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS ...)
More information about the Secure-testing-commits
mailing list