[Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entries for libplist which will get an update
Dylan Aïssi
daissi at debian.org
Wed Apr 1 23:33:56 BST 2020
Dylan Aïssi pushed to branch master at Debian Security Tracker / security-tracker
Commits:
76deedc8 by Dylan Aïssi at 2020-04-02T00:33:33+02:00
Remove no-dsa tagged entries for libplist which will get an update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -166206,7 +166206,6 @@ CVE-2017-7983 (In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), mail sent using
NOT-FOR-US: Joomla!
CVE-2017-7982 (Integer overflow in the plist_from_bin function in bplist.c in libimob ...)
- libplist 1.12+git+1+e37ca00-0.3 (bug #860945)
- [jessie] - libplist <no-dsa> (Minor issue)
[wheezy] - libplist <no-dsa> (Minor issue)
NOTE: Fixed by: https://github.com/libimobiledevice/libplist/commit/fdebf8b319b9280cd0e9b4382f2c7cbf26ef9325
NOTE: https://github.com/libimobiledevice/libplist/issues/103
@@ -171487,7 +171486,6 @@ CVE-2017-6440 (The parse_data_node function in bplist.c in libimobiledevice libp
CVE-2017-6439 (Heap-based buffer overflow in the parse_string_node function in bplist ...)
{DLA-870-1}
- libplist 1.12+git+1+e37ca00-0.1
- [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/95
NOTE: https://github.com/libimobiledevice/libplist/commit/32ee5213fe64f1e10ec76c1ee861ee6f233120dd
CVE-2017-6438 (Heap-based buffer overflow in the parse_unicode_node function in bplis ...)
@@ -171505,13 +171503,11 @@ CVE-2017-6437 (The base64encode function in base64.c in libimobiledevice libplis
CVE-2017-6436 (The parse_string_node function in bplist.c in libimobiledevice libplis ...)
{DLA-870-1}
- libplist 1.12+git+1+e37ca00-0.1
- [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/94
NOTE: https://github.com/libimobiledevice/libplist/commit/32ee5213fe64f1e10ec76c1ee861ee6f233120dd
CVE-2017-6435 (The parse_string_node function in bplist.c in libimobiledevice libplis ...)
{DLA-870-1}
- libplist 1.12+git+1+e37ca00-0.1
- [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/93
NOTE: https://github.com/libimobiledevice/libplist/commit/fbd8494d5e4e46bf2e90cb6116903e404374fb56
CVE-2017-6434
@@ -173476,13 +173472,11 @@ CVE-2017-5836 (The plist_free_data function in plist.c in libplist allows attack
CVE-2017-5835 (libplist allows attackers to cause a denial of service (large memory a ...)
{DLA-840-1}
- libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
- [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/88
NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
CVE-2017-5834 (The parse_dict_node function in bplist.c in libplist allows attackers ...)
{DLA-840-1}
- libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
- [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/89
NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
CVE-2017-5829 (An access restriction bypass vulnerability in HPE Aruba ClearPass Poli ...)
@@ -174637,7 +174631,6 @@ CVE-2017-5553 (Cross-site scripting (XSS) vulnerability in plugins/markdown_plug
CVE-2017-5545 (The main function in plistutil.c in libimobiledevice libplist through ...)
{DLA-811-1}
- libplist 1.12+git+1+e37ca00-0.1 (low; bug #852385)
- [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/87
NOTE: Fixed by: https://github.com/libimobiledevice/libplist/commit/7391a506352c009fe044dead7baad9e22dd279ee
CVE-2017-5544 (An issue was discovered on FiberHome Fengine S5800 switches V210R240. ...)
@@ -175864,7 +175857,6 @@ CVE-2017-5210 (Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by:
CVE-2017-5209 (The base64decode function in base64.c in libimobiledevice libplist thr ...)
{DLA-811-1}
- libplist 1.12+git+1+e37ca00-0.1 (low; bug #851196)
- [jessie] - libplist <no-dsa> (Minor issue)
NOTE: Upstream bug: https://github.com/libimobiledevice/libplist/issues/84
NOTE: https://github.com/libimobiledevice/libplist/commit/3a55ddd3c4c11ce75a86afbefd085d8d397ff957
CVE-2017-5205 (The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in pri ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76deedc8824aa5f5b6f77cb01044fa4422cefadc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76deedc8824aa5f5b6f77cb01044fa4422cefadc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200401/56311d9c/attachment.html>
More information about the debian-security-tracker-commits
mailing list