[Secure-testing-commits] r55924 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Wed Sep 20 09:10:15 UTC 2017 

Author: sectracker
Date: 2017-09-20 09:10:14 +0000 (Wed, 20 Sep 2017)
New Revision: 55924

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-09-20 08:47:17 UTC (rev 55923)
+++ data/CVE/list	2017-09-20 09:10:14 UTC (rev 55924)
@@ -1,3 +1,9 @@
+CVE-2017-14604 (GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by ...)
+	TODO: check
+CVE-2017-14603
+	RESERVED
+CVE-2017-14602
+	RESERVED
 CVE-2017-14601 (Pragyan CMS v3.0 is vulnerable to a Boolean-based SQL injection in ...)
 	NOT-FOR-US: Pragyan CMS
 CVE-2017-14600 (Pragyan CMS v3.0 is vulnerable to an Error-Based SQL injection in ...)
@@ -524,7 +530,7 @@
 	NOT-FOR-US: Razer Synapse
 CVE-2017-14397 (AnyDesk before 3.6.1 on Windows has a DLL injection vulnerability. ...)
 	NOT-FOR-US: AnyDesk
-CVE-2017-14396 (In osTicket 1.10, SQL injection is possible by constructing an array ...)
+CVE-2017-14396 (In osTicket before 1.10.1, SQL injection is possible by constructing ...)
 	NOT-FOR-US: osTicket
 CVE-2017-14395
 	RESERVED
@@ -6678,14 +6684,13 @@
 CVE-2017-12171
 	RESERVED
 CVE-2017-12170 [Ignoring existing configuration after update due to packaging error]
+	RESERVED
 	- pure-ftpd <not-affected> (Fedora specific packaging error)
-	RESERVED
 CVE-2017-12169
 	RESERVED
-CVE-2017-12168 [kvm: ARM64: assert failure when accessing PMCCNTR register]
+CVE-2017-12168 (The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the ...)
 	- linux 4.8.11-1
 	NOTE: https://git.kernel.org/linus/9e3f7a29694049edd728e2400ab57ad7553e5aa9 (4.9-rc6)
-	RESERVED
 CVE-2017-12167
 	RESERVED
 	TODO: check, possibly Red Hat specific issue
@@ -34676,7 +34681,7 @@
 CVE-2017-2863 (An out-of-bounds write vulnerability exists in the PDF parsing ...)
 	NOT-FOR-US: Iceni Infix
 CVE-2017-2862 (An exploitable heap overflow vulnerability exists in the ...)
-	{DSA-3978-1}
+	{DSA-3978-1 DLA-1100-1}
 	- gdk-pixbuf 2.36.10-1 (bug #874552)
 	NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=c2a40a92fe3df4111ed9da51fe3368c079b86926
 	NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=6dd89e126a277460faafc1f679db44ccf78446fb

More information about the Secure-testing-commits mailing list