Author: carnil
Date: 2017-08-06 17:31:35 +0000 (Sun, 06 Aug 2017)
New Revision: 54364
Modified:
data/CVE/list
Log:
mark swftools as unimportant
We trated the other CLI crashes as unimportant, since hardly a security
impact (or at most for services using swftools exposed). If you disagree
let me know and we can revisit those two updates. Still filling a bug
for the maintainer for CVE-2017-11099 since verified.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-06 15:45:52 UTC (rev 54363)
+++ data/CVE/list 2017-08-06 17:31:35 UTC (rev 54364)
@@ -3909,10 +3909,10 @@
- swftools <unfixed> (unimportant)
NOTE: https://github.com/matthiaskramm/swftools/issues/27
CVE-2017-11099 (When SWFTools 0.9.2 processes a crafted file in wav2swf, it
can lead to ...)
- - swftools <unfixed>
+ - swftools <unfixed> (unimportant)
NOTE: https://github.com/matthiaskramm/swftools/issues/31
CVE-2017-11098 (When SWFTools 0.9.2 processes a crafted file in png2swf, it
can lead to ...)
- - swftools <unfixed>
+ - swftools <unfixed> (unimportant)
NOTE: https://github.com/matthiaskramm/swftools/issues/32
CVE-2017-11097 (When SWFTools 0.9.2 processes a crafted file in swfc, it can
lead to a ...)
- swftools <unfixed> (unimportant)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
