[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: NFU

Mon, 01 Jan 2018 12:49:03 -0800 

Raphael Geissert pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3e19fa1a by Raphael Geissert at 2018-01-01T21:43:34+01:00
NFU

- - - - -
abfe56f4 by Raphael Geissert at 2018-01-01T21:46:23+01:00
One issue possibly affecting ffmpeg, or x265

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -17770,7 +17770,7 @@ CVE-2017-14591 (Atlassian Fisheye and Crucible versions 
less than 4.4.3 and vers
 CVE-2017-14590 (Bamboo did not check that the name of a branch in a Mercurial 
...)
        NOT-FOR-US: Atlassian Bamboo
 CVE-2017-14589 (It was possible for double OGNL evaluation in FreeMarker 
templates ...)
-       TODO: check
+       NOT-FOR-US: Atlassian Bamboo
 CVE-2017-14588 (Various resources in Atlassian FishEye and Crucible before 
version ...)
        NOT-FOR-US: Atlassian
 CVE-2017-14587 (The administration user deletion resource in Atlassian FishEye 
and ...)
@@ -19444,6 +19444,8 @@ CVE-2017-14051 (An integer overflow in the 
qla2x00_sysfs_write_optrom_ctl functi
        NOTE: https://patchwork.kernel.org/patch/9929625/
        NOTE: Non issue, only "exploitable" with root access
 CVE-2017-14034 (The restore_tqb_pixels function in hevc_filter.c in 
libavcodec, as used ...)
+       - ffmpeg <unfixed>
+       - x265 <unfixed>
        TODO: check
 CVE-2017-14033 (The decode method in the OpenSSL::ASN1 module in Ruby before 
2.2.8, ...)
        {DSA-4031-1 DLA-1114-1}



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/c6a1f79366362f8c4dfc916200bb0721c344f063...abfe56f491e0985a647375049f38f9321d19988a

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/c6a1f79366362f8c4dfc916200bb0721c344f063...abfe56f491e0985a647375049f38f9321d19988a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to