From 32995bf1cd92f2de16e9d8588142f2dca5a4b18f Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Sun, 10 Jan 2021 23:41:26 +0100 Subject: bullseye triage --- data/CVE/2017.list | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (limited to 'data/CVE/2017.list') diff --git a/data/CVE/2017.list b/data/CVE/2017.list index 61d30bcc2c..3b5b817a49 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -1667,6 +1667,7 @@ CVE-2017-18227 (TitanHQ WebTitan Gateway has incorrect certificate validation fo NOT-FOR-US: TitanHQ WebTitan Gateway CVE-2017-18226 (The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of ...) - jabberd2 (low; bug #902783) + [bullseye] - jabberd2 (Minor issue, default init system not affected) [buster] - jabberd2 (Minor issue, default init system not affected) [stretch] - jabberd2 (Minor issue, default init system not affected) NOTE: https://bugs.gentoo.org/631068 @@ -4117,15 +4118,12 @@ CVE-2017-17508 (In HDF5 1.10.1, there is a divide-by-zero vulnerability in the f NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md NOTE: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/0a7128c0d5bd035288be7b02ca9cf9bba321aadd CVE-2017-17507 (In HDF5 1.10.1, there is an out of bounds read vulnerability in the fu ...) - - hdf5 (low; bug #915807) - [buster] - hdf5 (Minor issue, requires ABI change) - [stretch] - hdf5 (Minor issue) - [jessie] - hdf5 (Minor issue) - [wheezy] - hdf5 (Minor issue) + - hdf5 (unimportant; bug #915807) NOTE: POC: https://github.com/xiaoqx/pocs/blob/master/hdf5/3-hdf5-outbound-read-H5T_conv_struct_opt NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md NOTE: Fixing the bug requires an ABI changes thus upstream will only include a fix NOTE: on a major version bump. + NOTE: Negligible security impact CVE-2017-17506 (In HDF5 1.10.1, there is an out of bounds read vulnerability in the fu ...) - hdf5 1.10.4+repack-1 (bug #884365) [stretch] - hdf5 (Minor issue) -- cgit v1.2.3