[Secure-testing-commits] r56127 - data/CVE
Guido Guenther
agx at moszumanska.debian.org
Mon Sep 25 12:23:01 UTC 2017
Author: agx
Date: 2017-09-25 12:23:01 +0000 (Mon, 25 Sep 2017)
New Revision: 56127
Modified:
data/CVE/list
Log:
sam2p: the upstream bug matches 6 CVEs, add a mapping
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-25 11:45:59 UTC (rev 56126)
+++ data/CVE/list 2017-09-25 12:23:01 UTC (rev 56127)
@@ -205,10 +205,10 @@
NOT-FOR-US: Bento4
CVE-2017-14637 (In sam2p 0.49.3, there is an invalid read of size 2 in the parse_rgb ...)
- sam2p <removed>
- NOTE: https://github.com/pts/sam2p/issues/14
+ NOTE: https://github.com/pts/sam2p/issues/14 (bug 5)
CVE-2017-14636 (Because of an integer overflow in sam2p 0.49.3, a loop executes ...)
- sam2p <removed>
- NOTE: https://github.com/pts/sam2p/issues/14
+ NOTE: https://github.com/pts/sam2p/issues/14 (bug 4)
CVE-2017-14635 (In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before ...)
- otrs2 <unfixed> (bug #876462)
NOTE: Commit 5.x: https://github.com/OTRS/otrs/commit/a4093dc404fcbd87b235b31c72913141672f2a85
@@ -232,16 +232,16 @@
NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2328
CVE-2017-14631 (In sam2p 0.49.3, the pcxLoadRaster function in in_pcx.cpp has an ...)
- sam2p <removed>
- NOTE: https://github.com/pts/sam2p/issues/14
+ NOTE: https://github.com/pts/sam2p/issues/14 (bug 1)
CVE-2017-14630 (In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 ...)
- sam2p <removed>
- NOTE: https://github.com/pts/sam2p/issues/14
+ NOTE: https://github.com/pts/sam2p/issues/14 (bug 6)
CVE-2017-14629 (In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an ...)
- sam2p <removed>
- NOTE: https://github.com/pts/sam2p/issues/14
+ NOTE: https://github.com/pts/sam2p/issues/14 (bug 3)
CVE-2017-14628 (In sam2p 0.49.3, a heap-based buffer overflow exists in the ...)
- sam2p <removed>
- NOTE: https://github.com/pts/sam2p/issues/14
+ NOTE: https://github.com/pts/sam2p/issues/14 (bug 2)
CVE-2017-14627 (Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote ...)
NOT-FOR-US: CyberLink LabelPrint
CVE-2017-14626 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in ...)
More information about the Secure-testing-commits
mailing list