Markus Koschany pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
593135ab by Markus Koschany at 2018-09-28T11:49:55Z
Triage jasperreports for Jessie.
Ignore open issues. No detailed information were publicly disclosed.
Jasperreports is mainly used as a build-dependency for Spring.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -54682,6 +54682,7 @@ CVE-2017-14942 (Intelbras WRN 150 devices allow remote
attackers to read the ...
NOT-FOR-US: Intelbras WRN 150 devices
CVE-2017-14941 (Jaspersoft JasperReports 4.7 suffers from a saved credential
disclosure ...)
- jasperreports <undetermined> (bug #880467; bug #884131)
+ [jessie] - jasperreports <ignored> (no detailed information available,
only needed as build-dependency for Spring)
[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack
of information)
NOTE:
https://github.com/binary1985/VulnerabilityDisclosure/blob/master/JasperSoft%20JasperReports%20-%204.7%20-%20CVE-2017-14941
CVE-2017-14940 (scan_unit_for_symbols in dwarf2.c in the Binary File
Descriptor (BFD) ...)
@@ -83827,10 +83828,12 @@ CVE-2017-5534 (The tibbr user profiles components of
tibbr Community, and tibbr
NOT-FOR-US: tibbr
CVE-2017-5533 (A vulnerability in the server content cache of TIBCO
JasperReports ...)
- jasperreports <undetermined> (bug #884131)
+ [jessie] - jasperreports <ignored> (no detailed information available,
only needed as build-dependency for Spring)
[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack
of information)
NOTE:
http://www.tibco.com/support/advisories/2017/11/tibco-security-advisory-november-15-2017-tibco-jasperreports-server-2017
CVE-2017-5532 (A vulnerability in the report renderer component of TIBCO ...)
- jasperreports <undetermined> (bug #884131)
+ [jessie] - jasperreports <ignored> (no detailed information available,
only needed as build-dependency for Spring)
[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack
of information)
NOTE:
https://www.tibco.com/support/advisories/2017/11/tibco-security-advisory-november-15-2017-tibco-jasperreports-2017-5532
CVE-2017-5531 (Deployments of TIBCO Managed File Transfer Command Center
versions ...)
@@ -83839,10 +83842,12 @@ CVE-2017-5530 (The tibbr web server components of
tibbr Community, and tibbr ...
NOT-FOR-US: tibbr
CVE-2017-5529 (JasperReports library components contain an information
disclosure ...)
- jasperreports <undetermined> (bug #880467)
+ [jessie] - jasperreports <ignored> (no detailed information available,
only needed as build-dependency for Spring)
[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack
of information)
NOTE:
https://www.tibco.com/support/advisories/2017/06/tibco-security-advisory-june-28-2017-tibco-jasperreports-server-2017-0
CVE-2017-5528 (Multiple JasperReports Server components contain
vulnerabilities ...)
- jasperreports <undetermined> (bug #880467)
+ [jessie] - jasperreports <ignored> (no detailed information available,
only needed as build-dependency for Spring)
[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack
of information)
NOTE:
https://www.tibco.com/support/advisories/2017/06/tibco-security-advisory-june-28-2017-tibco-jasperreports-server-2017
CVE-2017-5527 (TIBCO Spotfire Server 7.0.X before 7.0.2, 7.5.x before 7.5.1,
7.6.x ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/593135ab051af44ec4652acf806ddbc4e44b8893
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/593135ab051af44ec4652acf806ddbc4e44b8893
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
