CVE Status

  • CVE-2016-9016 – was fixed in 0.9.44
  • CVE-2016-10117 – was fixed in 0.9.38
  • CVE-2016-10118 – was fixed in 0.9.44.2 and 0.9.38.6
  • CVE-2016-10119 – was fixed in 0.9.38
  • CVE-2016-10120 – was fixed in 0.9.38
  • CVE-2016-10121 – was fixed in 0.9.38
  • CVE-2016-10122 – was fixed in 0.9.44.2
  • CVE-2016-10123 – was fixed in 0.9.38
  • CVE-2017-5180 – was fixed twice (there were two different ways to exploit this): originally in 0.9.38.8 and 0.9.44.4, and then later in 0.9.38.10 and 0.9.44.6 (see CVE-2017-5940 below).
  • CVE-2017-5206 – was fixed in 0.9.44.4
  • CVE-2017-5207 – was fixed in 0.9.44.4
  • CVE-2017-5940 – was fixed in 0.9.38.10 and 0.9.44.6; this is a new CVE for the incomplete fix in CVE-2017-5180.
Advertisements