Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 064fef0c by Moritz Muehlenhoff at 2018-04-12T20:50:40+02:00 new r-cran-readxl issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -42226,9 +42226,11 @@ CVE-2017-12113 (An exploitable improper authorization vulnerability exists in .. CVE-2017-12112 (An exploitable improper authorization vulnerability exists in ...) - cpp-ethereum <itp> (bug #860434) CVE-2017-12111 (An exploitable out-of-bounds vulnerability exists in the xls_addCell ...) - TODO: check, libxls is not packaged in Debian, but embedded in r-cran-readxl + - r-cran-readxl <unfixed> (bug #895564) + NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0463 CVE-2017-12110 (An exploitable integer overflow vulnerability exists in the ...) - TODO: check, libxls is not packaged in Debian, but embedded in r-cran-readxl + - r-cran-readxl <unfixed> (bug #895564) + NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0462 CVE-2017-12109 RESERVED CVE-2017-12108 @@ -70790,7 +70792,8 @@ CVE-2017-2921 (An exploitable memory corruption vulnerability exists in the Webs CVE-2017-2920 (An memory corruption vulnerability exists in the .SVG parsing ...) NOT-FOR-US: Computerinsel Photoline CVE-2017-2919 (An exploitable stack based buffer overflow vulnerability exists in the ...) - TODO: check, libxls is not packaged in Debian, but embedded in r-cran-readxl + - r-cran-readxl <unfixed> (bug #895564) + NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0426 CVE-2017-2918 RESERVED CVE-2017-2917 (An exploitable vulnerability exists in the notifications functionality ...) @@ -70835,9 +70838,11 @@ CVE-2017-2899 CVE-2017-2898 (An exploitable vulnerability exists in the signature verification of ...) NOT-FOR-US: Circle with Disney CVE-2017-2897 (An exploitable out-of-bounds write vulnerability exists in the ...) - TODO: check, libxls is not packaged in Debian, but embedded in r-cran-readxl + - r-cran-readxl <unfixed> (bug #895564) + NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0404 CVE-2017-2896 (An exploitable out-of-bounds write vulnerability exists in the ...) - TODO: check, libxls is not packaged in Debian, but embedded in r-cran-readxl + - r-cran-readxl <unfixed> (bug #895564) + NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0403 CVE-2017-2895 (An exploitable arbitrary memory read vulnerability exists in the MQTT ...) NOT-FOR-US: Cesanta Mongoose TODO: check smplayer, embeds it View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/064fef0cae91a3ce8d0ce4d5d15af8216b0ab562 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/064fef0cae91a3ce8d0ce4d5d15af8216b0ab562 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits