Author: carnil
Date: 2017-08-01 08:17:32 +0000 (Tue, 01 Aug 2017)
New Revision: 54160
Modified:
data/CVE/list
Log:
Add reference for CVE-2017-11331
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-01 08:03:04 UTC (rev 54159)
+++ data/CVE/list 2017-08-01 08:17:32 UTC (rev 54160)
@@ -1301,6 +1301,7 @@
- vorbis-tools <unfixed>
NOTE: The issue is "covered" by the fix applied in
0016-oggenc-validate-count-of-channels-in-the-header-CVE-.patch
NOTE: still the return of malloc is not checked.
+ NOTE: http://seclists.org/fulldisclosure/2017/Jul/80
CVE-2017-11330 (The DivFixppCore::avi_header_fix function in DivFix++Core.cpp
in ...)
NOT-FOR-US: DivFix++
CVE-2017-11329 (GLPI before 9.1.5 allows SQL injection via an
ajax/getDropdownValue.php ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
