[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: NFU
Raphael Geissert
geissert at debian.org
Mon Jan 1 20:48:39 UTC 2018
Raphael Geissert pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3e19fa1a by Raphael Geissert at 2018-01-01T21:43:34+01:00
NFU
- - - - -
abfe56f4 by Raphael Geissert at 2018-01-01T21:46:23+01:00
One issue possibly affecting ffmpeg, or x265
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -17770,7 +17770,7 @@ CVE-2017-14591 (Atlassian Fisheye and Crucible versions less than 4.4.3 and vers
CVE-2017-14590 (Bamboo did not check that the name of a branch in a Mercurial ...)
NOT-FOR-US: Atlassian Bamboo
CVE-2017-14589 (It was possible for double OGNL evaluation in FreeMarker templates ...)
- TODO: check
+ NOT-FOR-US: Atlassian Bamboo
CVE-2017-14588 (Various resources in Atlassian FishEye and Crucible before version ...)
NOT-FOR-US: Atlassian
CVE-2017-14587 (The administration user deletion resource in Atlassian FishEye and ...)
@@ -19444,6 +19444,8 @@ CVE-2017-14051 (An integer overflow in the qla2x00_sysfs_write_optrom_ctl functi
NOTE: https://patchwork.kernel.org/patch/9929625/
NOTE: Non issue, only "exploitable" with root access
CVE-2017-14034 (The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used ...)
+ - ffmpeg <unfixed>
+ - x265 <unfixed>
TODO: check
CVE-2017-14033 (The decode method in the OpenSSL::ASN1 module in Ruby before 2.2.8, ...)
{DSA-4031-1 DLA-1114-1}
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c6a1f79366362f8c4dfc916200bb0721c344f063...abfe56f491e0985a647375049f38f9321d19988a
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c6a1f79366362f8c4dfc916200bb0721c344f063...abfe56f491e0985a647375049f38f9321d19988a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180101/721af820/attachment.html>
More information about the Secure-testing-commits
mailing list