Author: jmm
Date: 2017-07-08 21:39:07 +0000 (Sat, 08 Jul 2017)
New Revision: 53307
Modified:
data/CVE/list
Log:
vim no-dsa
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-08 21:34:27 UTC (rev 53306)
+++ data/CVE/list 2017-07-08 21:39:07 UTC (rev 53307)
@@ -12,6 +12,8 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1468471
CVE-2017-11109 (Vim 8.0 allows attackers to cause a denial of service (invalid
free) or ...)
- vim <unfixed>
+ [stretch] - vim <no-dsa> (Minor issue)
+ [jessie] - vim <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1468492
CVE-2017-11108 (tcpdump 4.9.0 allows remote attackers to cause a denial of
service ...)
- tcpdump <unfixed> (bug #867718)
@@ -5942,7 +5944,7 @@
CVE-2017-8827 (forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which
might ...)
NOT-FOR-US: GenixCMS
CVE-2017-8826 (FastStone Image Viewer 6.2 has a "User Mode Write AV"
issue, possibly ...)
- TODO: check
+ NOT-FOR-US: FastStone Image Viewer
CVE-2017-8825 (A null dereference vulnerability has been found in the MIME
handling ...)
- libetpan 1.6-3 (bug #862151)
[jessie] - libetpan <no-dsa> (Minor issue)
@@ -6089,7 +6091,7 @@
NOTE:
https://blogs.gentoo.org/ago/2017/04/29/libpcre-heap-based-buffer-overflow-write-in-pcre2test-c/
NOTE:
https://vcs.pcre.org/pcre2/code/trunk/src/pcre2test.c?r1=692&r2=697
CVE-2017-8785 (FastStone Image Viewer 6.2 has a "Data from Faulting
Address may be ...)
- TODO: check
+ NOT-FOR-US: FastStone Image Viewer
CVE-2017-8784
REJECTED
CVE-2017-8783
@@ -6794,7 +6796,7 @@
CVE-2017-8443 (In Kibana X-Pack security versions prior to 5.4.3 if a Kibana
user ...)
NOT-FOR-US: Kibana X-Pack Security
CVE-2017-8442 (Elasticsearch X-Pack Security versions 5.0.0 to 5.4.3, when
enabled, ...)
- TODO: check
+ NOT-FOR-US: Elastic X-Pack Security
CVE-2017-8441 (Elastic X-Pack Security versions prior to 5.4.1 and 5.3.3 did
not ...)
NOT-FOR-US: Elastic X-Pack Security
CVE-2017-8440 (Starting in version 5.3.0, Kibana had a cross-site scripting
(XSS) ...)
@@ -7062,7 +7064,7 @@
CVE-2017-8369 (IrfanView version 4.44 (32bit) has a "Data from Faulting
Address ...)
NOT-FOR-US: IrfanView
CVE-2017-8368 (Sublime Text 3 Build 3126 might allow user-assisted attackers
to ...)
- TODO: check
+ NOT-FOR-US: Sublime
CVE-2017-8367 (Buffer overflow in Ether Software Easy MOV Converter 1.4.24,
Easy DVD ...)
NOT-FOR-US: Ether Software
CVE-2017-8366 (The strescape function in ec_strings.c in Ettercap 0.8.2 allows
remote ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
