[Secure-testing-commits] r33454 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu Apr 9 09:10:16 UTC 2015
Author: sectracker
Date: 2015-04-09 09:10:16 +0000 (Thu, 09 Apr 2015)
New Revision: 33454
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-04-09 09:01:28 UTC (rev 33453)
+++ data/CVE/list 2015-04-09 09:10:16 UTC (rev 33454)
@@ -1,3 +1,133 @@
+CVE-2015-3007
+ RESERVED
+CVE-2015-3006
+ RESERVED
+CVE-2015-3005
+ RESERVED
+CVE-2015-3004
+ RESERVED
+CVE-2015-3003
+ RESERVED
+CVE-2015-3002
+ RESERVED
+CVE-2015-3001
+ RESERVED
+CVE-2015-3000
+ RESERVED
+CVE-2015-2999
+ RESERVED
+CVE-2015-2998
+ RESERVED
+CVE-2015-2997
+ RESERVED
+CVE-2015-2996
+ RESERVED
+CVE-2015-2995
+ RESERVED
+CVE-2015-2994
+ RESERVED
+CVE-2015-2993
+ RESERVED
+CVE-2015-2992
+ RESERVED
+CVE-2015-2991
+ RESERVED
+CVE-2015-2990
+ RESERVED
+CVE-2015-2989
+ RESERVED
+CVE-2015-2988
+ RESERVED
+CVE-2015-2987
+ RESERVED
+CVE-2015-2986
+ RESERVED
+CVE-2015-2985
+ RESERVED
+CVE-2015-2984
+ RESERVED
+CVE-2015-2983
+ RESERVED
+CVE-2015-2982
+ RESERVED
+CVE-2015-2981
+ RESERVED
+CVE-2015-2980
+ RESERVED
+CVE-2015-2979
+ RESERVED
+CVE-2015-2978
+ RESERVED
+CVE-2015-2977
+ RESERVED
+CVE-2015-2976
+ RESERVED
+CVE-2015-2975
+ RESERVED
+CVE-2015-2974
+ RESERVED
+CVE-2015-2973
+ RESERVED
+CVE-2015-2972
+ RESERVED
+CVE-2015-2971
+ RESERVED
+CVE-2015-2970
+ RESERVED
+CVE-2015-2969
+ RESERVED
+CVE-2015-2968
+ RESERVED
+CVE-2015-2967
+ RESERVED
+CVE-2015-2966
+ RESERVED
+CVE-2015-2965
+ RESERVED
+CVE-2015-2964
+ RESERVED
+CVE-2015-2963
+ RESERVED
+CVE-2015-2962
+ RESERVED
+CVE-2015-2961
+ RESERVED
+CVE-2015-2960
+ RESERVED
+CVE-2015-2959
+ RESERVED
+CVE-2015-2958
+ RESERVED
+CVE-2015-2957
+ RESERVED
+CVE-2015-2956
+ RESERVED
+CVE-2015-2955
+ RESERVED
+CVE-2015-2954
+ RESERVED
+CVE-2015-2953
+ RESERVED
+CVE-2015-2952
+ RESERVED
+CVE-2015-2951
+ RESERVED
+CVE-2015-2950
+ RESERVED
+CVE-2015-2949
+ RESERVED
+CVE-2015-2948
+ RESERVED
+CVE-2015-2947
+ RESERVED
+CVE-2015-2946
+ RESERVED
+CVE-2015-2945
+ RESERVED
+CVE-2015-2944
+ RESERVED
+CVE-2015-2943
+ RESERVED
CVE-2015-3026 [denial of service vulnerability]
- icecast2 <unfixed> (bug #782120)
NOTE: https://trac.xiph.org/ticket/2191
@@ -278,10 +408,10 @@
NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6fd99094de2b83d1d4c8457f2c83483b2828e75a
CVE-2015-2829
RESERVED
-CVE-2015-2828
- RESERVED
-CVE-2015-2827
- RESERVED
+CVE-2015-2828 (CA Spectrum 9.2.x and 9.3.x before 9.3 H02 does not properly validate ...)
+ TODO: check
+CVE-2015-2827 (Cross-site scripting (XSS) vulnerability in CA Spectrum 9.2.x and ...)
+ TODO: check
CVE-2015-2826
RESERVED
NOT-FOR-US: WordPress plugin simple-ads-manager
@@ -3007,13 +3137,11 @@
RESERVED
CVE-2015-1800
RESERVED
-CVE-2015-1799 [Authentication doesn't protect symmetric associations against DoS attacks]
- RESERVED
+CVE-2015-1799 (The symmetric-key feature in the receive function in ntp_proto.c in ...)
- ntp <unfixed> (bug #782095)
NOTE: http://bugs.ntp.org/show_bug.cgi?id=2781
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#Authentication_doesn_t_protect_s
-CVE-2015-1798 [ntpd accepts unauthenticated packets with symmetric key crypto]
- RESERVED
+CVE-2015-1798 (The symmetric-key feature in the receive function in ntp_proto.c in ...)
- ntp <unfixed> (bug #782095)
NOTE: http://bugs.ntp.org/show_bug.cgi?id=2779
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#ntpd_accepts_unauthenticated_pac
@@ -3089,8 +3217,8 @@
RESERVED
CVE-2015-1774
RESERVED
-CVE-2015-1773
- RESERVED
+CVE-2015-1773 (Cross-site scripting (XSS) vulnerability in asdoc/templates/index.html ...)
+ TODO: check
CVE-2015-1772
RESERVED
CVE-2015-1771
@@ -4222,8 +4350,7 @@
- linux-2.6 <not-affected> (Introduced in 3.16)
NOTE: Upstream patch: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df4d92549f23e1c037e83323aff58a21b3de7fe0 (v3.19-rc7)
NOTE: http://www.openwall.com/lists/oss-security/2015/02/02/2
-CVE-2015-1473 [silly hairsplitting ID related to CVE-2015-1472]
- RESERVED
+CVE-2015-1473 (The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka ...)
{DSA-3169-1 DLA-165-1}
- glibc 2.19-15 (bug #777197)
- eglibc <removed>
@@ -4232,8 +4359,7 @@
NOTE: Fix: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06
NOTE: This was introduced by https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=3f8cc204fdd0 (2.15),
NOTE: the patch was backported into wheezy (patches/any/cvs-vfscanf.diff), but not squeeze
-CVE-2015-1472 [incorrect second argument to realloc leads to a buffer overflow]
- RESERVED
+CVE-2015-1472 (The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka ...)
{DSA-3169-1 DLA-165-1}
- glibc 2.19-15 (bug #777197)
- eglibc <removed>
@@ -6097,8 +6223,7 @@
RESERVED
CVE-2015-0906
RESERVED
-CVE-2015-0905
- RESERVED
+CVE-2015-0905 (Cross-site request forgery (CSRF) vulnerability in bBlog allows remote ...)
NOT-FOR-US: bBlog
CVE-2015-0904
RESERVED
@@ -6413,12 +6538,10 @@
CVE-2015-0800 (The PRNG implementation in the DNS resolver in Mozilla Firefox (aka ...)
- iceweasel <not-affected> (Only affects 37.x; only on Android)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-41/
-CVE-2015-0799 [Certificate verification bypass through the HTTP/2 Alt-Svc header]
- RESERVED
+CVE-2015-0799 (The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 ...)
- iceweasel <not-affected> (Only affects Firefox 37.x)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-44/
-CVE-2015-0798 [Loading privileged content through Reader mode]
- RESERVED
+CVE-2015-0798 (The Reader mode feature in Mozilla Firefox before 37.0.1 on Android, ...)
- iceweasel <not-affected> (Only affects Firefox on Android)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-43/
CVE-2015-0797
More information about the Secure-testing-commits
mailing list