[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add wayland to CVE-2017-16612

Salvatore Bonaccorso carnil at debian.org
Mon Feb 5 19:43:56 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
33707340 by Salvatore Bonaccorso at 2018-02-05T20:41:52+01:00
Add wayland to CVE-2017-16612

This is confirmed/double checked with MITRE, that the CVE should/can be
used as well for wayland (MITRE will update the CVE-2017-16612
references to mention the wayland fix)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -18895,9 +18895,14 @@ CVE-2017-16613 (An issue was discovered in middleware.py in OpenStack Swauth thr
 CVE-2017-16612 (libXcursor before 1.1.15 has various integer overflows that could lead ...)
 	{DSA-4059-1 DLA-1201-1}
 	- libxcursor 1:1.1.14-3.1 (bug #883792)
+	- wayland <unfixed>
+	[stretch] - wayland <no-dsa> (Minor issue)
+	[jessie] - wayland <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/11/28/6
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXcursor/commit/?id=4794b5dd34688158fb51a2943032569d3780c4b8
 	NOTE: https://marc.info/?l=freedesktop-xorg-announce&m=151188036018262&w=2
+	NOTE: Wayland: https://bugs.freedesktop.org/show_bug.cgi?id=103961
+	NOTE: Wayland: https://cgit.freedesktop.org/wayland/wayland/commit/?id=5d201df72f3d4f4cb8b8f75f980169b03507da38
 CVE-2017-16611 (In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker ...)
 	- libxfont <unfixed> (low; bug #883929)
 	[stretch] - libxfont <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/337073409337e7b8be7edb185546af1cf1a44c62

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/337073409337e7b8be7edb185546af1cf1a44c62
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180205/c90f16b5/attachment.html>

More information about the Secure-testing-commits mailing list