Source: cairo
Version: 1.14.0-1
Severity: important
Tags: upstream security
Forwarded: https://bugs.freedesktop.org/show_bug.cgi?id=101547
Hi,
the following vulnerability was published for cairo.
CVE-2017-9814[0]:
| cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote
| attackers
Source: libsass
Severity: important
Tags: security
Please see
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11341
Cheers,
Moritz
___
Secure-testing-team mailing list
Source: ruby-mixlib-archive
Version: 0.2.0-1
Severity: important
Tags: upstream patch security fixed-upstream
Forwarded: https://github.com/chef/mixlib-archive/pull/6
Hi,
the following vulnerability was published for ruby-mixlib-archive.
CVE-2017-126[0]:
| Chef Software's mixlib-archive
Package: exiv2
Version: 0.25-3.1
Severity: important
Tags: security
Please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11335
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11336
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11337
Source: fedmsg
Version: 0.9.3-1
Severity: important
Tags: upstream security
Hi,
the following vulnerability was published for fedmsg.
CVE-2017-101[0]:
| FedMsg 0.18.1 and older is vulnerable to a message validation flaw
| resulting in message validation not being enabled if configured to be
Source: tiff
Version: 4.0.3-12.3
Severity: important
Tags: upstream security patch fixed-upstream
Forwarded: http://bugzilla.maptools.org/show_bug.cgi?id=2715
Hi,
the following vulnerability was published for tiff.
CVE-2017-11335[0]:
| There is a heap based buffer overflow in tools/tiff2pdf.c
Source: atril
Version: 1.16.1-2
Severity: grave
Tags: security
Justification: user security hole
Hi,
the following vulnerability was published for atril.
CVE-2017-183[0]:
Evince command injection vulnerability in CBT handler
If you fix the vulnerability please also make sure to include the
7 matches
Mail list logo