[Git][security-tracker-team/security-tracker][master] Six CVEs for libytnef fixed in unstable

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
63dce85f by Salvatore Bonaccorso at 2018-10-22T03:08:29Z
Six CVEs for libytnef fixed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -65906,7 +65906,7 @@ CVE-2017-12145 (In libquicktime 1.2.4, an allocation failure was found in the fu
 	- libquicktime <unfixed> (unimportant)
 	NOTE: Negligable security impact
 CVE-2017-12144 (In ytnef 1.9.2, an allocation failure was found in the function ...)
-	- libytnef <unfixed> (bug #870817)
+	- libytnef 1.9.3-1 (bug #870817)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
@@ -65916,14 +65916,14 @@ CVE-2017-12143 (In libquicktime 1.2.4, an allocation failure was found in the fu
 	- libquicktime <unfixed> (unimportant)
 	NOTE: Negligable security impact
 CVE-2017-12142 (In ytnef 1.9.2, an invalid memory read vulnerability was found in the ...)
-	- libytnef <unfixed> (low; bug #870816)
+	- libytnef 1.9.3-1 (low; bug #870816)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/49
 	NOTE: https://github.com/Yeraze/ytnef/commit/35dc50190aac54947bafb3d84ab7727e940c6236
 CVE-2017-12141 (In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found in ...)
-	- libytnef <unfixed> (low; bug #870815)
+	- libytnef 1.9.3-1 (low; bug #870815)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
@@ -73661,7 +73661,7 @@ CVE-2017-9476 (The Comcast firmware on Cisco DPC3939 (firmware version ...)
 CVE-2017-9475 (Comcast XFINITY WiFi Home Hotspot devices allow remote attackers to ...)
 	NOT-FOR-US: Comcast XFINITY WiFi Home Hotspot devices
 CVE-2017-9474 (In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote ...)
-	- libytnef <unfixed> (low; bug #870192)
+	- libytnef 1.9.3-1 (low; bug #870192)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
@@ -73682,14 +73682,14 @@ CVE-2017-9472 (In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remo
 	NOTE: https://github.com/Yeraze/ytnef/issues/41
 	NOTE: https://blogs.gentoo.org/ago/2017/05/24/ytnef-heap-based-buffer-overflow-in-swapdword-ytnef-c/
 CVE-2017-9471 (In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote ...)
-	- libytnef <unfixed> (low; bug #870194)
+	- libytnef 1.9.3-1 (low; bug #870194)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/39
 	NOTE: https://blogs.gentoo.org/ago/2017/05/24/ytnef-heap-based-buffer-overflow-in-swapword-ytnef-c/
 CVE-2017-9470 (In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote ...)
-	- libytnef <unfixed> (low; bug #870196)
+	- libytnef 1.9.3-1 (low; bug #870196)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/63dce85fb51f99d203eaec6a1c1be2ae5e6357b1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/63dce85fb51f99d203eaec6a1c1be2ae5e6357b1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181022/692b833f/attachment.html>