secure-testing-team  

Messages by Thread

• [Secure-testing-team] Bug#884735: libsndfile: CVE-2017-17456 CVE-2017-17457 Salvatore Bonaccorso
• [Secure-testing-team] Bug#884693: ruby-net-ldap: CVE-2017-17718: missing certificate validation Salvatore Bonaccorso
• [Secure-testing-team] Bug#884615: src:glibc: CVE-2017-16997: incorrect RPATH/RUNPATH handling for SUID binaries Aurelien Jarno
• [Secure-testing-team] Bug#884525: mobyle: Mobyle javascript includes Google analytics beacon tomás zerolo
• [Secure-testing-team] Bug#884463: passenger: CVE-2017-16355: arbitrary file read Salvatore Bonaccorso
• [Secure-testing-team] Bug#884437: ruby2.5: CVE-2017-17405: Command injection vulnerability in Net::FTP Salvatore Bonaccorso
• [Secure-testing-team] Bug#884365: hdf5: CVE-2017-17505 CVE-2017-17506 CVE-2017-17507 CVE-2017-17508 CVE-2017-17509 Salvatore Bonaccorso
• [Secure-testing-team] Bug#884345: asterisk: CVE-2017-17664: Remote Crash Vulnerability in RTCP Stack Salvatore Bonaccorso
• [Secure-testing-team] Bug#884241: bouncycastle: CVE-2017-13098 Salvatore Bonaccorso
• [Secure-testing-team] Bug#884237: aubio: CVE-2017-17554 Salvatore Bonaccorso
• [Secure-testing-team] Bug#884235: wolfssl: CVE-2017-13099 Salvatore Bonaccorso
• [Secure-testing-team] Bug#884232: ffmpeg: CVE-2017-17555 Salvatore Bonaccorso
• [Secure-testing-team] Cession Entreprise de maintenance et plomberie - rénovation en plomberie JM GESLIN - Redressement Judiciaire
• [Secure-testing-team] Bug#884136: lilypond: CVE-2017-17523 Salvatore Bonaccorso
• [Secure-testing-team] Bug#884133: glibc: CVE-2017-1000409 Salvatore Bonaccorso
• [Secure-testing-team] Bug#884132: glibc: CVE-2017-1000408 Salvatore Bonaccorso
• [Secure-testing-team] Bug#884131: jasperreports: CVE-2017-14941, CVE-2017-5533, CVE-2017-5532 Markus Koschany
• [Secure-testing-team] Bug#884065: mariadb-10.2: CVE-2017-10378 CVE-2017-10268 CVE-2017-15365 Salvatore Bonaccorso
• [Secure-testing-team] Bug#883929: libxfont: CVE-2017-16611: User can trigger reads on special files as root allowing for DoS Salvatore Bonaccorso
• [Secure-testing-team] Bug#883923: CVE-2017-10203 / CVE-2017-10277 Moritz Muehlenhoff
• [Secure-testing-team] Bug#883792: libxcursor: CVE-2017-16612: heap overflows when parsing malicious files Salvatore Bonaccorso
• [Secure-testing-team] Bug#883790: libxm2: CVE-2017-15412: use-after-free in xmlXPathCompOpEvalPositionalPredicate Salvatore Bonaccorso
• [Secure-testing-team] Bug#883774: otrs2: CVE-2017-16921: Remote code execution Salvatore Bonaccorso
• [Secure-testing-team] Bug#883729: glibc: CVE-2017-17426: malloc returns pointer from tcache_get when should return NULL Salvatore Bonaccorso
• [Secure-testing-team] Bug#883667: rsync: CVE-2017-17433 Salvatore Bonaccorso
• [Secure-testing-team] Bug#883665: rsync: CVE-2017-17434 Salvatore Bonaccorso
• [Secure-testing-team] Bug#883629: netcat6: Please remove from Debian. Witold Baryluk
• [Secure-testing-team] Bug#883625: qemu: CVE-2017-17381: virtio: divide by zero exception while updating rings Salvatore Bonaccorso
• [Secure-testing-team] Bug#883621: nova: CVE-2017-17051: Nova FilterScheduler doubles resource allocations during rebuild with new image Salvatore Bonaccorso
• [Secure-testing-team] Cession Groupe d'Hôtellerie Grand Luxe JM GESLIN - Redressement Judiciaire
• [Secure-testing-team] Bug#883528: libextractor: CVE-2017-15600 and CVE-2017-15602 are not completely fixed Markus Koschany
• [Secure-testing-team] Bug#883406: qemu: CVE-2017-15118: stack buffer overflow in NBD server triggered via long export name Salvatore Bonaccorso
• [Secure-testing-team] Bug#883399: qemu: CVE-2017-15119: DoS via large option request Salvatore Bonaccorso
• [Secure-testing-team] Bug#883355: aubio: CVE-2017-17054: divide by zero in function new_aubio_source_wavread() Salvatore Bonaccorso
• [Secure-testing-team] Bug#883342: asterisk: CVE-2017-17090: DOS Vulnerability in Asterisk chan_skinny Salvatore Bonaccorso
• [Secure-testing-team] Bug#883320: tiff: CVE-2017-17095: heap-based buffer overflow in pal2rgb tool Salvatore Bonaccorso
• [Secure-testing-team] Bug#883314: wordpress: CVE-2017-17091 CVE-2017-17092 CVE-2017-17093 CVE-2017-17094 Salvatore Bonaccorso
• [Secure-testing-team] Bug#883247: CVE-2017-16933: icinga2: root privilege escalation via prepare-dirs Henri Salo
• [Secure-testing-team] Bug#883238: spice-vdagent: CVE-2017-15108: Improper validation of xfers->save_dir in vdagent_file_xfers_data() Salvatore Bonaccorso
• [Secure-testing-team] Bug#883200: ffmpeg2theora: null pointer dereference while running ffmpege2theora Joonun Jang
• [Secure-testing-team] Bug#883198: bs1770gain: use after free while running bs1770gain with "poc output" option Joonun Jang
• [Secure-testing-team] Bug#883081: CVE-2017-1234 Guido Günther
• [Secure-testing-team] Bug#883082: CVE-2017-1234 Guido Günther
• [Secure-testing-team] Bug#882671: exim4: handles BDAT data incorrectly and leads to crash Salvatore Bonaccorso
• Re: [Secure-testing-team] Bug#882620: [CVE-2017-16879] ncurses: Stack-based buffer overflow Sven Joachim
  • Re: [Secure-testing-team] Bug#882620: [CVE-2017-16879] ncurses: Stack-based buffer overflow Salvatore Bonaccorso
  • Re: [Secure-testing-team] Bug#882620: [CVE-2017-16879] ncurses: Stack-based buffer overflow Sven Joachim
• [Secure-testing-team] Bug#882613: libxml2: CVE-2017-16932: Infinite recursion in parameter entities Salvatore Bonaccorso
• [Secure-testing-team] Bug#882545: redmine: CVE-2017-15569 Salvatore Bonaccorso
• [Secure-testing-team] Bug#882548: redmine: CVE-2017-15571 Salvatore Bonaccorso
• [Secure-testing-team] Bug#882547: redmine: CVE-2017-15570 Salvatore Bonaccorso
• [Secure-testing-team] Bug#882544: redmine: CVE-2017-15568 Salvatore Bonaccorso
• [Secure-testing-team] Bug#882543: tt-rss: CVE-2017-16896: SQL injection in classes/handler/public.php in the forgotpass component via login parameter Salvatore Bonaccorso
• [Secure-testing-team] Bug#882463: xrdp: CVE-2017-16927: Buffer-overflow in scp_v0s_accept function in session manager Salvatore Bonaccorso
• [Secure-testing-team] Bug#882372: ohcount: Command injection through file names Jonathan Neuschäfer
• [Secure-testing-team] Bug#882370: otrs2: CVE-2017-16664: OSA-2017-07: privilege escalation Salvatore Bonaccorso
• [Secure-testing-team] Bug#882314: swauth: Swift object/proxy server writing swauth Auth Token to log file (CVE-2017-16613) Ondřej Nový
• [Secure-testing-team] Bug#882258: busybox: CVE-2017-16544: lineedit: do not tab-complete any strings which have control characters Salvatore Bonaccorso
• [Secure-testing-team] Bug#882222: Document security problems with system.3 and popen.3 (argument injection) Bastien ROUCARIES
• [Secure-testing-team] Bug#882144: sox: CVE-2017-15642: Use-after-free in lsx_aiffstartread Salvatore Bonaccorso
• [Secure-testing-team] Bug#882136: qemu: CVE-2017-16845: ps2: information leakage via post_load routine Salvatore Bonaccorso
• [Secure-testing-team] Bug#882134: radare2: CVE-2017-16805 Salvatore Bonaccorso
• [Secure-testing-team] Bug#882041: upx-ucl: CVE-2017-16869 Salvatore Bonaccorso
• [Secure-testing-team] Bug#882034: ruby-redis-store: CVE-2017-1000248 Salvatore Bonaccorso
• [Secure-testing-team] Bug#882032: optipng: CVE-2017-1000229: Integer Overflow Bug while parsing TIFF input file Salvatore Bonaccorso
• [Secure-testing-team] Bug#882015: ldns: CVE-2017-1000231: Memory corruption in ldns_rr_new_frm_fp_l (double free) Salvatore Bonaccorso
• [Secure-testing-team] Bug#882014: ldns: CVE-2017-1000232: Memory corruption in ldns_str2rdf_long_str (double free) Salvatore Bonaccorso
• [Secure-testing-team] Bug#882012: python-pysaml2: CVE-2017-1000246: Reuse of AES initialization vector in AESCipher / UsernamePasswordMako / Server Salvatore Bonaccorso
• [Secure-testing-team] Bug#881862: tcpdump: CVE-2017-16808: heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c Salvatore Bonaccorso
• [Secure-testing-team] Bug#881856: opensaml2: Dynamic MetadataProvider fails to install security filters (CPPOST-105) Salvatore Bonaccorso
• [Secure-testing-team] Bug#881808: varnish: CVE-2017-8807: Data leak - '-sfile' Stevedore transient objects Salvatore Bonaccorso
• [Secure-testing-team] Bug#881767: sensible-utils: Argument injection in sensible-browser Gabriel Corona
• [Secure-testing-team] Bug#881757: collectd: snmp plugin: double free or heap corruption Salvatore Bonaccorso
• [Secure-testing-team] Bug#881538: php7.0: CVE-2017-8923: Overflowing the length of string causes crash Salvatore Bonaccorso
• [Secure-testing-team] Bug#881524: graphicsmagick: CVE-2017-13134 Salvatore Bonaccorso
• [Secure-testing-team] Bug#881445: ruby-ox: CVE-2017-15928: Segmentation fault in the parse_obj Salvatore Bonaccorso
• [Secure-testing-team] Bug#881392: imagemagick: CVE-2017-16546 Salvatore Bonaccorso
• [Secure-testing-team] Bug#881391: graphicsmagick: CVE-2017-16669: Heap buffer over-write in AcquireCacheNexus function in magick/pixel_cache.c Salvatore Bonaccorso
• [Secure-testing-team] Bug#881257: asterisk: CVE-2017-16671: AST-2017-010: Buffer overflow in CDR's set user Salvatore Bonaccorso
• [Secure-testing-team] Bug#881256: asterisk: CVE-2017-16672: AST-2017-011: Memory/File Descriptor/RTP leak in pjsip session resource Salvatore Bonaccorso
• [Secure-testing-team] Bug#881205: backintime: CVE-2017-16667: shell injection in notify-send Salvatore Bonaccorso
• [Secure-testing-team] Bug#881145: sox: null pointer dereference while running play Joonun Jang
• [Secure-testing-team] Bug#881144: fig2dev: out of bound read while running fig2dev with -L pic option Joonun Jang
• [Secure-testing-team] Bug#881143: fig2dev: out of bound read while running fig2dev with -L tikz Joonun Jang
• [Secure-testing-team] Bug#881141: gifsicle: out of bound read while running gifsicle Joonun Jang
• [Secure-testing-team] Bug#881139: ffmpeg2theora: heap buffer overflow while running ffmpeg2theora Joonun Jang
• [Secure-testing-team] Bug#881138: ffmpeg2theora: use uninitialized stack value as a pointer while running ffmpeg2theora Joonun Jang
• [Secure-testing-team] Bug#881133: x264: out of bound read while running x264 Joonun Jang
• [Secure-testing-team] Bug#881132: bs1770gain: stack buffer overflow while running bs1770gain Joonun Jang
• [Secure-testing-team] Bug#881130: vorbis-tools: use uninitialized local value as a pointer running oggenc Joonun Jang
• [Secure-testing-team] Bug#881131: bs1770gain: divide by zero while running bs1770gain Joonun Jang
• [Secure-testing-team] Bug#881123: ffmpeg2theora: null pointer dereference while running ffmpeg2theora Joonun Jang
• [Secure-testing-team] Bug#881122: ffmpeg2theora: null pointer dereference while running ffmpeg2theora Joonun Jang
• [Secure-testing-team] Bug#881121: sox: null pointer dereference while running sox Joonun Jang
• [Secure-testing-team] Bug#881120: gifsicle: use after free while running gifsicle Joonun Jang
• [Secure-testing-team] Bug#881119: gifsicle: double free while running gifsicle Joonun Jang
• [Secure-testing-team] Bug#881110: cacti: CVE-2017-16641: arbitrary execution of os commands via path_rrdtool parameter in an action=save request Salvatore Bonaccorso
• [Secure-testing-team] Bug#881097: libnet-ping-external-perl: long-standing command injection via crafted arguments Simon McVittie
• [Secure-testing-team] Bug#881019: ffmpeg2theora: null pointer dereference while running ffmpeg2theora with "poc" option Joonun Jang
• [Secure-testing-team] Bug#880954: rsync: CVE-2017-16548: receive_xattr heap overread with non null terminated name Salvatore Bonaccorso
• [Secure-testing-team] Bug#880868: wordpress: CVE-2012-6707 Salvatore Bonaccorso
• [Secure-testing-team] Bug#880836: qemu: CVE-2017-15268: I/O: potential memory exhaustion via websock connection to VNC Salvatore Bonaccorso
• [Secure-testing-team] Bug#880832: qemu: CVE-2017-15289: cirrus: OOB access issue in mode4and5 write functions Salvatore Bonaccorso
• [Secure-testing-team] Bug#880691: ruby-yajl: CVE-2017-16516 Salvatore Bonaccorso
• [Secure-testing-team] Bug#880621: liblouis: CVE-2014-8184: stack-based buffer overflow in findTable() Salvatore Bonaccorso
• [Secure-testing-team] Bug#880620: radare2: CVE-2017-16357 Salvatore Bonaccorso
• [Secure-testing-team] Bug#880619: radare2: CVE-2017-16358 Salvatore Bonaccorso
• [Secure-testing-team] Bug#880616: radare2: CVE-2017-16359 Salvatore Bonaccorso
• [Secure-testing-team] Bug#880530: slurm-llnl: CVE-2017-15566 Salvatore Bonaccorso
• [Secure-testing-team] Bug#880528: wordpress: Unsafe queries with wpdb->prepare Craig Small
• [Secure-testing-team] Bug#880458: libcatalyst-plugin-static-simple-perl: leaks files without extention, inadvertently Damyan Ivanov
• [Secure-testing-team] Bug#880451: flatpak: older flatpak-dbus-proxy versions allowed legacy D-Bus eavesdropping Simon McVittie
• [Secure-testing-team] Website Designs that Perfectly Fit Your Business (IN) Teresa Cook
• [Secure-testing-team] Bug#880116: CVE-2017-15953 / CVE-2017-15954 / CVE-2017-15955 Moritz Muehlenhoff
• [Secure-testing-team] Bug#880027: exiv2: CVE-2017-14861: stack-overflow vulnerability in Exiv2::Internal::stringFormat[abi:cxx11] (in image.cpp:975) Salvatore Bonaccorso
• [Secure-testing-team] Bug#880026: systemd: CVE-2017-15908 Salvatore Bonaccorso
• [Secure-testing-team] Bug#880017: glusterfs: CVE-2017-15096: Null pointer dereference Salvatore Bonaccorso
• [Secure-testing-team] Bug#880015: exiv2: CVE-2017-14866 Salvatore Bonaccorso
• [Secure-testing-team] Bug#879999: graphicsmagick: CVE-2017-15930: Null pointer dereference while transferring JPEG scanlines Salvatore Bonaccorso
• [Secure-testing-team] Professional Ballet Costumes Benefiss Ballet Costumes
• [Secure-testing-team] Bug#879955: glibc: CVE-2017-15804 Salvatore Bonaccorso
• [Secure-testing-team] Bug#879954: spip: CVE-2017-15736 Salvatore Bonaccorso
• [Secure-testing-team] Bug#879732: CVE-2017-15874 / CVE-2017-15873 Moritz Muehlenhoff
• [Secure-testing-team] Bug#879708: CVE-2017-12613 CVE-2017-12618 Moritz Muehlenhoff
• [Secure-testing-team] Bug#879521: irssi: multiple vulnerabilities fixed in irssi 1.0.5 Yves-Alexis Perez
• [Secure-testing-team] Bug#879501: CVE-2017-15670 Moritz Muehlenhoff
• [Secure-testing-team] Bug#879500: CVE-2017-15671 Moritz Muehlenhoff
• [Secure-testing-team] Bug#879231: ruby2.3: CVE-2017-0903: Unsafe object deserialization through YAML formatted gem specifications Salvatore Bonaccorso
• [Secure-testing-team] demandes de devis irene.brill...@devis-seniors.fr
• [Secure-testing-team] Bug#879155: thunderbird: Please package 52.4 Eric Valette
• [Secure-testing-team] Bug#879119: radare2: CVE-2017-15385 Salvatore Bonaccorso
• [Secure-testing-team] Bug#879098: mistune: CVE-2017-15612: cross-site scripting vulnerablity Salvatore Bonaccorso
• [Secure-testing-team] Bug#879090: salt: CVE-2017-14696: Remote DoS via crated authentication request Salvatore Bonaccorso
• [Secure-testing-team] Bug#879089: salt: CVE-2017-14695: Directory traversal in minion id validation Salvatore Bonaccorso
• [Secure-testing-team] Bug#879066: poppler: CVE-2017-15565: NULL pointer dereference vulnerability in GfxState.cc Salvatore Bonaccorso
• [Secure-testing-team] Bug#879055: mupdf: CVE-2017-15587 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878840: icu: CVE-2017-14952: Double free in i18n/zonemeta.cpp Salvatore Bonaccorso
• [Secure-testing-team] Bug#878810: sox: CVE-2017-15370: heap-buffer-overflow src/ima_rw.c:126 in ImaExpandS Salvatore Bonaccorso
• [Secure-testing-team] Bug#878809: sox: CVE-2017-15371 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878808: sox: CVE-2017-15372: stack-buffer-overflow src/adpcm.c:126 in lsx_ms_adpcm_block_expand_i Salvatore Bonaccorso
• [Secure-testing-team] Bug#878807: wpasupplicant: Please port the security fixes to 2.6 also Eric Valette
• [Secure-testing-team] Bug#878799: CVE-2017-1000256/LSN-2017-0002: TLS certificate verification disabled for clients Guido Günther
• [Secure-testing-team] Bug#878767: radare2: CVE-2017-15368: Stack buffer overflow in r_hex_bin2str() Salvatore Bonaccorso
• [Secure-testing-team] Bug#878680: sqlite3: CVE-2017-15286: NULL pointer dereference in tableColumnList Salvatore Bonaccorso
• [Secure-testing-team] Bug#878579: imagemagick: CVE-2017-15281 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878578: imagemagick: CVE-2017-15277 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878567: libjpeg-turbo: CVE-2017-15232 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878562: imagemagick: CVE-2017-14989 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878555: imagemagick: CVE-2017-15015 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878554: imagemagick: CVE-2017-15017 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878551: openexr: CVE-2017-14988 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878548: imagemagick: CVE-2017-14741 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878547: imagemagick: CVE-2017-14739 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878546: imagemagick: CVE-2017-14400 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878545: imagemagick: CVE-2017-14505 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878544: imagemagick: CVE-2017-14528 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878541: imagemagick: CVE-2017-14532 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878527: imagemagick: CVE-2017-14607 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878524: imagemagick: CVE-2017-14626 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878511: graphicsmagick: CVE-2017-13737 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878508: imagemagick: CVE-2017-13758 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878507: imagemagick: CVE-2017-13769 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878506: imagemagick: CVE-2017-14060 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878314: libextractor: CVE-2017-15266 CVE-2017-15267 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878304: cacti: CVE-2017-15194 Salvatore Bonaccorso
• [Secure-testing-team] Bug#878303: genrsa manpage suggests using 1024 bit keys Toni Mueller
• [Secure-testing-team] Bug#878266: libsdl2-image: CVE-2017-2887: Incorrect XCF property handling Salvatore Bonaccorso
• [Secure-testing-team] Bug#878264: libsdl2: CVE-2017-2888: Integer overflow while creating a new RGB surface Salvatore Bonaccorso
• [Secure-testing-team] Private Placement Thomas Phaahla
• [Secure-testing-team] Bug#878138: muttprint: still vulnerable to symlink attack (race condition) Vincent Lefevre
• [Secure-testing-team] Bug#878076: redis: CVE-2017-15047: Insufficient input validation in the clusterLoadConfig function Salvatore Bonaccorso
• [Secure-testing-team] Bug#877957: poppler: CVE-2017-14975: NULL pointer dereference in FoFiType1C::convertToType0 Salvatore Bonaccorso
• [Secure-testing-team] Bug#877954: poppler: CVE-2017-14976: heap overflow in FoFiType1C::convertToType0 Salvatore Bonaccorso
• [Secure-testing-team] Bug#877952: poppler: CVE-2017-14977: NULL pointer dereference in FoFiTrueType::getCFFBlock Salvatore Bonaccorso
• [Secure-testing-team] Bug#877921: koji: CVE-2017-1002153: Possible to bypass allowed_scm blacklist Salvatore Bonaccorso
• [Secure-testing-team] Santander - Mais seguranca para voce! 06/10/2017 10:21:02 secure-testing-team
• [Secure-testing-team] Bug#877903: CVE-2017-15037 Moritz Muehlenhoff
• [Secure-testing-team] Bug#877890: qemu: CVE-2017-15038: 9p: virtfs: information disclosure when reading extended attributes Salvatore Bonaccorso
• [Secure-testing-team] Bug#877885: sssd: CVE-2017-12173: unsanitized input when searching in local cache database Salvatore Bonaccorso
• [Secure-testing-team] 【10/28 紅魔鬼萬聖趴】最葡萄酒的萬聖趴 ─ 盲飲、調配樣樣來，不喝酒就搗蛋！ 【iCheers 電子報】
• [Secure-testing-team] Bug#877671: curl: CVE-2017-1000254: FTP PWD response parser out of bounds read Salvatore Bonaccorso
• [Secure-testing-team] Bug#877660: CVE-2017-15010 Moritz Muehlenhoff
• [Secure-testing-team] Bug#877656: kodi: supports insecure download of non-free addons Jonas Smedegaard
• [Secure-testing-team] Bug#877629: wordpress: CVE-2017-14990 Salvatore Bonaccorso
• [Secure-testing-team] Bug#877543: CVE-2017-14970 Moritz Muehlenhoff
• [Secure-testing-team] Bug#877442: libofx: CVE-2017-14731 Salvatore Bonaccorso
• [Secure-testing-team] Bug#877436: botan1.10: CVE-2017-14737:A cryptographic cache-based side channel in the RSA implementation allows local attacker to recover information about RSA secret keys Salvatore Bonaccorso
• [Secure-testing-team] Société de conseil en E.R.P. Jean-Michel Geslin
• [Secure-testing-team] Bug#877379: CVE-2017-14685 / CVE-2017-14686 / CVE-2017-14687 Moritz Muehlenhoff
• [Secure-testing-team] Bug#877363: CVE-2017-14102 Moritz Muehlenhoff
• [Secure-testing-team] Bug#877361: CVE-2017-14609 Moritz Muehlenhoff
• [Secure-testing-team] Bug#877355: imagemagick: CVE-2017-14625: NULL pointer dereference flaw in sixel_output_create in coders/sixel.c Salvatore Bonaccorso
• [Secure-testing-team] Bug#877354: imagemagick: CVE-2017-14624: NULL pointer dereference flaw in PostscriptDelegateMessage in coders/ps.c Salvatore Bonaccorso
• [Secure-testing-team] Bug#877352: openexr:CVE-2017-12596 Salvatore Bonaccorso
• [Secure-testing-team] Bug#877334: CVE-2017-14610 Moritz Muehlenhoff
• [Secure-testing-team] Bug#877239: poppler: CVE-2017-14926 Salvatore Bonaccorso
• [Secure-testing-team] Bug#877237: poppler: CVE-2017-14927 Salvatore Bonaccorso
• [Secure-testing-team] Bug#877231: poppler: CVE-2017-14928 Salvatore Bonaccorso
• [Secure-testing-team] Bug#877222: poppler: CVE-2017-14929 Salvatore Bonaccorso
• [Secure-testing-team] Bug#877102: dnsmasq: CVE-2017-13704: Size parameter overflow via large DNS query Salvatore Bonaccorso

• Earlier messages
• Later messages