Author: sectracker Date: 2017-07-17 09:10:13 +0000 (Mon, 17 Jul 2017) New Revision: 53565
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-07-17 08:37:47 UTC (rev 53564) +++ data/CVE/list 2017-07-17 09:10:13 UTC (rev 53565) @@ -1,7 +1,43 @@ -CVE-2017-11353 [race condition allows access to ssh and pgp keys] +CVE-2017-11363 + RESERVED +CVE-2017-11362 (In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ...) + TODO: check +CVE-2017-11361 + RESERVED +CVE-2017-11360 (The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a ...) + TODO: check +CVE-2017-11359 + RESERVED +CVE-2017-11358 + RESERVED +CVE-2017-11357 + RESERVED +CVE-2017-11356 + RESERVED +CVE-2017-11355 + RESERVED +CVE-2017-11354 (Fiyo CMS v2.0.7 has an SQL injection vulnerability in ...) + TODO: check +CVE-2017-11351 + RESERVED +CVE-2017-11350 + RESERVED +CVE-2017-11349 (dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs ...) + TODO: check +CVE-2017-11348 (In Octopus Deploy 3.x before 3.15.4, an authenticated user with ...) + TODO: check +CVE-2017-11347 (Authenticated Code Execution Vulnerability in MetInfo 5.3.17 allows a ...) + TODO: check +CVE-2017-11346 (Zoho ManageEngine Desktop Central before build 100092 allows remote ...) + TODO: check +CVE-2017-11345 (Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS ...) + TODO: check +CVE-2017-11344 (Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ...) + TODO: check +CVE-2017-11353 (yadm (yet another dotfile manager) 1.10.0 has a race condition ...) - yadm <unfixed> (bug #868300) NOTE: https://github.com/TheLocehiliosan/yadm/issues/74 -CVE-2017-11343 [algorithmic complexity attack in hash tables] +CVE-2017-11343 (Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN ...) - chicken <unfixed> NOTE: http://lists.nongnu.org/archive/html/chicken-announce/2017-07/msg00000.html CVE-2017-11342 (There is an illegal address access in ast.cpp of LibSass 3.4.5. A ...) @@ -2151,8 +2187,8 @@ NOTE: again. Around that commit upstream source though does not build. CVE-2017-9952 RESERVED -CVE-2017-9951 - RESERVED +CVE-2017-9951 (The try_read_command function in memcached.c in memcached before 1.4.39 ...) + TODO: check CVE-2017-9950 RESERVED CVE-2017-9949 (The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 ...) @@ -2554,6 +2590,7 @@ - apache2 <not-affected> (Only affected 2.4.26) NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27 CVE-2017-9788 (In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value ...) + {DLA-1028-1} - apache2 2.4.27-1 (bug #868467) NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27 NOTE: Fixed by (2.4.x): https://svn.apache.org/r1800955 @@ -5881,7 +5918,7 @@ NOTE: https://github.com/Yeraze/ytnef/issues/47 CVE-2017-9145 (TikiFilter.php in Tiki Wiki CMS Groupware 12.x through 16.x does not ...) - tikiwiki <removed> -CVE-2017-11352 [Incomplete fix for CVE-2017-9144] +CVE-2017-11352 (In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash ...) - imagemagick 8:6.9.7.4+dfsg-12 (bug #868469) NOTE: https://github.com/ImageMagick/ImageMagick/issues/502 CVE-2017-9144 (In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits