[Git][security-tracker-team/security-tracker][master] Add CVE-2017-2908/blender
Salvatore Bonaccorso
carnil at debian.org
Fri Apr 27 05:28:54 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bc51efa8 by Salvatore Bonaccorso at 2018-04-27T06:27:49+02:00
Add CVE-2017-2908/blender
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -72173,7 +72173,9 @@ CVE-2017-2909 (An infinite loop programming error exists in the DNS server ...)
[jessie] - smplayer <not-affected> (Vulnerable code not present)
[wheezy] - smplayer <not-affected> (Vulnerable code not present)
CVE-2017-2908 (An exploitable integer overflow exists in the thumbnail functionality ...)
- TODO: check
+ - blender 2.79.a+dfsg0-1
+ NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/07aed404cfb2759f97c60b9f64d8a9392dabaf1a
+ NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0415
CVE-2017-2907 (An exploitable integer overflow exists in the animation playing ...)
TODO: check
CVE-2017-2906 (An exploitable integer overflow exists in the animation playing ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bc51efa8641ed371c9319ebddab84bfe616dc7b6
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bc51efa8641ed371c9319ebddab84bfe616dc7b6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180427/733a7452/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list