László Böszörményi pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d94f1c42 by Laszlo Boszormenyi (GCS) at 2018-04-15T19:18:27+00:00
Add CVE-2017-{11614,17095},CVE-2018-7456/tiff fixed version in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -6544,7 +6544,7 @@ CVE-2018-7458
 CVE-2018-7457
        RESERVED
 CVE-2018-7456 (A NULL Pointer Dereference occurs in the function 
TIFFPrintDirectory in ...)
-       - tiff <unfixed> (bug #891288)
+       - tiff 4.0.9-5 (bug #891288)
        [stretch] - tiff <postponed> (Can be fixed along in a future DSA)
        [jessie] - tiff <postponed> (Can be fixed along in a future DSA)
        - tiff3 <removed>
@@ -25647,7 +25647,7 @@ CVE-2017-17092 (wp-includes/functions.php in WordPress 
before 4.9.1 does not req
        NOTE: 
https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509
        NOTE: 
https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
 CVE-2017-17095 (tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote 
attackers to ...)
-       - tiff <unfixed> (unimportant; bug #883320)
+       - tiff 4.0.9-5 (unimportant; bug #883320)
        - tiff3 <removed> (unimportant)
        NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2750
        NOTE: Crash in CLI tool not treated as a security issue
@@ -43740,7 +43740,7 @@ CVE-2017-11615 (A sandbox escape in the Lua interface 
in Wube Factorio before 0.
 CVE-2017-11614 (MEDHOST Connex contains hard-coded credentials that are used 
for ...)
        NOT-FOR-US: MEDHOST Connex
 CVE-2017-11613 (In LibTIFF 4.0.8, there is a denial of service vulnerability 
in the ...)
-       - tiff <unfixed> (low; bug #869823)
+       - tiff 4.0.9-5 (low; bug #869823)
        [stretch] - tiff <postponed> (Minor issue, revisit once fixed upstream)
        [jessie] - tiff <postponed> (Minor issue, revisit once fixed upstream)
        [wheezy] - tiff <postponed> (Minor issue, revisit once fixed upstream)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d94f1c4244d1251ccd64f3e001d407028948e7c2

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d94f1c4244d1251ccd64f3e001d407028948e7c2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to