Dylan Aïssi pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
76deedc8 by Dylan Aïssi at 2020-04-02T00:33:33+02:00
Remove no-dsa tagged entries for libplist which will get an update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -166206,7 +166206,6 @@ CVE-2017-7983 (In Joomla! 1.5.0 through 3.6.5 (fixed
in 3.7.0), mail sent using
NOT-FOR-US: Joomla!
CVE-2017-7982 (Integer overflow in the plist_from_bin function in bplist.c in
libimob ...)
- libplist 1.12+git+1+e37ca00-0.3 (bug #860945)
- [jessie] - libplist <no-dsa> (Minor issue)
[wheezy] - libplist <no-dsa> (Minor issue)
NOTE: Fixed by:
https://github.com/libimobiledevice/libplist/commit/fdebf8b319b9280cd0e9b4382f2c7cbf26ef9325
NOTE: https://github.com/libimobiledevice/libplist/issues/103
@@ -171487,7 +171486,6 @@ CVE-2017-6440 (The parse_data_node function in
bplist.c in libimobiledevice libp
CVE-2017-6439 (Heap-based buffer overflow in the parse_string_node function in
bplist ...)
{DLA-870-1}
- libplist 1.12+git+1+e37ca00-0.1
- [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/95
NOTE:
https://github.com/libimobiledevice/libplist/commit/32ee5213fe64f1e10ec76c1ee861ee6f233120dd
CVE-2017-6438 (Heap-based buffer overflow in the parse_unicode_node function
in bplis ...)
@@ -171505,13 +171503,11 @@ CVE-2017-6437 (The base64encode function in
base64.c in libimobiledevice libplis
CVE-2017-6436 (The parse_string_node function in bplist.c in libimobiledevice
libplis ...)
{DLA-870-1}
- libplist 1.12+git+1+e37ca00-0.1
- [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/94
NOTE:
https://github.com/libimobiledevice/libplist/commit/32ee5213fe64f1e10ec76c1ee861ee6f233120dd
CVE-2017-6435 (The parse_string_node function in bplist.c in libimobiledevice
libplis ...)
{DLA-870-1}
- libplist 1.12+git+1+e37ca00-0.1
- [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/93
NOTE:
https://github.com/libimobiledevice/libplist/commit/fbd8494d5e4e46bf2e90cb6116903e404374fb56
CVE-2017-6434
@@ -173476,13 +173472,11 @@ CVE-2017-5836 (The plist_free_data function in
plist.c in libplist allows attack
CVE-2017-5835 (libplist allows attackers to cause a denial of service (large
memory a ...)
{DLA-840-1}
- libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
- [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/88
NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
CVE-2017-5834 (The parse_dict_node function in bplist.c in libplist allows
attackers ...)
{DLA-840-1}
- libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
- [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/89
NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
CVE-2017-5829 (An access restriction bypass vulnerability in HPE Aruba
ClearPass Poli ...)
@@ -174637,7 +174631,6 @@ CVE-2017-5553 (Cross-site scripting (XSS)
vulnerability in plugins/markdown_plug
CVE-2017-5545 (The main function in plistutil.c in libimobiledevice libplist
through ...)
{DLA-811-1}
- libplist 1.12+git+1+e37ca00-0.1 (low; bug #852385)
- [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/87
NOTE: Fixed by:
https://github.com/libimobiledevice/libplist/commit/7391a506352c009fe044dead7baad9e22dd279ee
CVE-2017-5544 (An issue was discovered on FiberHome Fengine S5800 switches
V210R240. ...)
@@ -175864,7 +175857,6 @@ CVE-2017-5210 (Open-Xchange GmbH OX App Suite 7.8.3
and earlier is affected by:
CVE-2017-5209 (The base64decode function in base64.c in libimobiledevice
libplist thr ...)
{DLA-811-1}
- libplist 1.12+git+1+e37ca00-0.1 (low; bug #851196)
- [jessie] - libplist <no-dsa> (Minor issue)
NOTE: Upstream bug:
https://github.com/libimobiledevice/libplist/issues/84
NOTE:
https://github.com/libimobiledevice/libplist/commit/3a55ddd3c4c11ce75a86afbefd085d8d397ff957
CVE-2017-5205 (The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow
in pri ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76deedc8824aa5f5b6f77cb01044fa4422cefadc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76deedc8824aa5f5b6f77cb01044fa4422cefadc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
