[Secure-testing-commits] r56174 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Sep 26 20:53:08 UTC 2017 

Author: jmm
Date: 2017-09-26 20:53:08 +0000 (Tue, 26 Sep 2017)
New Revision: 56174

Modified:
   data/CVE/list
Log:
various no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-09-26 20:40:53 UTC (rev 56173)
+++ data/CVE/list	2017-09-26 20:53:08 UTC (rev 56174)
@@ -321,7 +321,8 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/722
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/9ff805077fd5297dc41dc989f9dba59877e12f97
 CVE-2017-14623 (In the ldap.v2 (aka go-ldap) package through 2.5.0 for Go, an attacker ...)
-	- golang-github-go-ldap-ldap <unfixed> (bug #876404)
+	- golang-github-go-ldap-ldap <unfixed> (low; bug #876404)
+	[stretch] - golang-github-go-ldap-ldap <no-dsa> (Minor issue)
 	NOTE: https://github.com/go-ldap/ldap/pull/126
 	NOTE: https://github.com/go-ldap/ldap/commit/95ede1266b237bf8e9aa5dce0b3250e51bfefe66
 CVE-2017-14622
@@ -354,6 +355,8 @@
 	RESERVED
 CVE-2017-14610 (bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 ...)
 	- bareos <unfixed>
+	[stretch] - bareos <no-dsa> (Minor issue)
+	[jessie] - bareos <no-dsa> (Minor issue)
 	NOTE: https://bugs.bareos.org/view.php?id=847
 CVE-2017-14609 (The server daemons in Kannel 1.5.0 and earlier create a PID file after ...)
 	- kannel <unfixed> (low)
@@ -1300,10 +1303,14 @@
 CVE-2017-14247 (SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2017-14246 (An out of bounds read in the function d2ulaw_array() in ulaw.c of ...)
-	- libsndfile <unfixed> (bug #876682)
+	- libsndfile <unfixed> (low; bug #876682)
+	[stretch] - libsndfile <no-dsa> (Minor issue)
+	[jessie] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/317
 CVE-2017-14245 (An out of bounds read in the function d2alaw_array() in alaw.c of ...)
-	- libsndfile <unfixed> (bug #876682)
+	- libsndfile <unfixed> (low; bug #876682)
+	[stretch] - libsndfile <no-dsa> (Minor issue)
+	[jessie] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/317
 CVE-2017-14244 (An authentication bypass vulnerability on iBall Baton ADSL2+ Home ...)
 	NOT-FOR-US: iBall
@@ -1311,18 +1318,28 @@
 	NOT-FOR-US: UTStar
 CVE-2017-14242 (SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 ...)
 	- dolibarr <unfixed>
+	[stretch] - dolibarr <no-dsa> (Minor issue)
+	[jessie] - dolibarr <no-dsa> (Minor issue)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/33e2179b65331d9d9179b59d746817c5be1fecdb
 CVE-2017-14241 (Cross-site scripting (XSS) vulnerability in Dolibarr ERP/CRM 6.0.0 ...)
 	- dolibarr <unfixed>
+	[stretch] - dolibarr <no-dsa> (Minor issue)
+	[jessie] - dolibarr <no-dsa> (Minor issue)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/d26b2a694de30f95e46ea54ea72cc54f0d38e548
 CVE-2017-14240 (There is a sensitive information disclosure vulnerability in ...)
 	- dolibarr <unfixed>
+	[stretch] - dolibarr <no-dsa> (Minor issue)
+	[jessie] - dolibarr <no-dsa> (Minor issue)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/d26b2a694de30f95e46ea54ea72cc54f0d38e548
 CVE-2017-14239 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM ...)
 	- dolibarr <unfixed>
+	[stretch] - dolibarr <no-dsa> (Minor issue)
+	[jessie] - dolibarr <no-dsa> (Minor issue)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/d26b2a694de30f95e46ea54ea72cc54f0d38e548
 CVE-2017-14238 (SQL injection vulnerability in admin/menus/edit.php in Dolibarr ERP/CRM ...)
 	- dolibarr <unfixed>
+	[stretch] - dolibarr <no-dsa> (Minor issue)
+	[jessie] - dolibarr <no-dsa> (Minor issue)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/d26b2a694de30f95e46ea54ea72cc54f0d38e548
 CVE-2017-14237
 	RESERVED
@@ -35295,6 +35312,8 @@
 	NOT-FOR-US: PowerISO
 CVE-2017-2816 (An exploitable buffer overflow vulnerability exists in the tag parsing ...)
 	- libofx 1:0.9.11-4 (bug #875801)
+	[stretch] - libofx <no-dsa> (Minor issue)
+	[jessie] - libofx <no-dsa> (Minor issue)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0317
 	NOTE: https://github.com/libofx/libofx/commit/a70934eea95c76a7737b83773bffe8738935082d
 	NOTE: https://github.com/libofx/libofx/issues/9

More information about the Secure-testing-commits mailing list