Author: carnil
Date: 2017-12-21 12:53:21 +0000 (Thu, 21 Dec 2017)
New Revision: 58794
Modified:
data/CVE/list
Log:
Update information on CVE-2017-17529
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-21 12:52:08 UTC (rev 58793)
+++ data/CVE/list 2017-12-21 12:53:21 UTC (rev 58794)
@@ -5262,7 +5262,11 @@
NOTE:
https://sources.debian.org/src/geomview/1.9.5-1/src/bin/geomview/common/help.c/?hl=51#L83
CVE-2017-17529 (af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate
strings ...)
- abiword <unfixed>
+ [stretch] - abiword <no-dsa> (Minor issue)
+ [jessie] - abiword <no-dsa> (Minor issue)
NOTE:
https://sources.debian.org/src/abiword/3.0.2-5/src/af/util/xp/ut_go_file.cpp/#L1717
+ NOTE: Issue can be mitigated by compiling abiword in future with
--with-gnomevfs so that
+ NOTE: abiword does not use the problematic fallback_open_uri.
CVE-2017-17528 (backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does
not ...)
- scummvm <unfixed> (unimportant)
[wheezy] - scummvm <not-affected> (Vulnerable code not there)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
