Author: carnil Date: 2017-11-21 20:42:12 +0000 (Tue, 21 Nov 2017) New Revision: 57906
Modified: data/CVE/list Log: Add TODOs for three libxls related issues Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-21 20:42:00 UTC (rev 57905) +++ data/CVE/list 2017-11-21 20:42:12 UTC (rev 57906) @@ -14139,9 +14139,9 @@ CVE-2017-12112 RESERVED CVE-2017-12111 (An exploitable out-of-bounds vulnerability exists in the xls_addCell ...) - TODO: check + TODO: check, libxls is not packaged in Debian, but embedded in r-cran-readxl CVE-2017-12110 (An exploitable integer overflow vulnerability exists in the ...) - TODO: check + TODO: check, libxls is not packaged in Debian, but embedded in r-cran-readxl CVE-2017-12109 RESERVED CVE-2017-12108 @@ -42413,7 +42413,7 @@ CVE-2017-2897 (An exploitable out-of-bounds write vulnerability exists in the ...) TODO: check CVE-2017-2896 (An exploitable out-of-bounds write vulnerability exists in the ...) - TODO: check + TODO: check, libxls is not packaged in Debian, but embedded in r-cran-readxl CVE-2017-2895 (An exploitable arbitrary memory read vulnerability exists in the MQTT ...) NOT-FOR-US: Cesanta Mongoose TODO: check smplayer, embeds it _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits