Author: fgeek-guest Date: 2017-08-02 13:19:45 +0000 (Wed, 02 Aug 2017) New Revision: 54201
Modified: data/CVE/list Log: CVE-2017-12067/potrace Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-08-02 12:31:57 UTC (rev 54200) +++ data/CVE/list 2017-08-02 13:19:45 UTC (rev 54201) @@ -284,6 +284,7 @@ CVE-2017-12067 (Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic ...) - potrace <unfixed> (unimportant; bug #870356) NOTE: https://github.com/hackerlib/hackerlib-vul/tree/master/potrace/heap-buffer-overflow-mkbitmap + NOTE: Upstream bug report https://sourceforge.net/p/potrace/bugs/22/ NOTE: Crash only in CLI tool mkbitmap, negligible security impact CVE-2017-12066 (Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in ...) - cacti <unfixed> (bug #870354) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits