[Secure-testing-commits] r54436 - data/CVE

Tue, 08 Aug 2017 07:17:41 -0700 

Author: carnil
Date: 2017-08-08 14:17:00 +0000 (Tue, 08 Aug 2017)
New Revision: 54436

Modified:
   data/CVE/list
Log:
Add note for unimportant swftools, feedback from upstream

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-08-08 14:16:50 UTC (rev 54435)
+++ data/CVE/list       2017-08-08 14:17:00 UTC (rev 54436)
@@ -5580,15 +5580,19 @@
 CVE-2017-9927 (In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote 
attackers ...)
        - swftools <unfixed> (unimportant)
        NOTE: No actionable information, just a crash report against a four 
year old release
+       NOTE: https://github.com/matthiaskramm/swftools/issues/41
 CVE-2017-9926 (In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote 
attackers ...)
        - swftools <unfixed> (unimportant)
        NOTE: No actionable information, just a crash report against a four 
year old release
+       NOTE: https://github.com/matthiaskramm/swftools/issues/41
 CVE-2017-9925 (In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote 
attackers ...)
        - swftools <unfixed> (unimportant)
        NOTE: No actionable information, just a crash report against a four 
year old release
+       NOTE: https://github.com/matthiaskramm/swftools/issues/41
 CVE-2017-9924 (In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote 
attackers ...)
        - swftools <unfixed> (unimportant)
        NOTE: No actionable information, just a crash report against a four 
year old release
+       NOTE: https://github.com/matthiaskramm/swftools/issues/41
 CVE-2017-9923 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might 
allow ...)
        NOT-FOR-US: IrfanView
 CVE-2017-9922 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might 
allow ...)
@@ -11348,6 +11352,7 @@
 CVE-2017-8420 (SWFTools 2013-04-09-1007 on Windows has a &quot;Data from 
Faulting Address ...)
        - swftools <unfixed> (unimportant)
        NOTE: No actionable information, just a crash report against a four 
year old release
+       NOTE: https://github.com/matthiaskramm/swftools/issues/41
 CVE-2017-8419 (LAME through 3.99.5 relies on the signed integer data type for 
values ...)
        - lame 3.99.5+repack1-7
        [wheezy] - lame 3.99.5+repack1-3+deb7u1


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to