[Secure-testing-commits] r35977 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Tue Aug 11 09:10:15 UTC 2015 

Author: sectracker
Date: 2015-08-11 09:10:15 +0000 (Tue, 11 Aug 2015)
New Revision: 35977

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-08-11 08:58:25 UTC (rev 35976)
+++ data/CVE/list	2015-08-11 09:10:15 UTC (rev 35977)
@@ -1,3 +1,13 @@
+CVE-2015-5964
+	RESERVED
+CVE-2015-5963
+	RESERVED
+CVE-2015-5962 (Integer signedness error in the ...)
+	TODO: check
+CVE-2015-5961 (The COPPA error page in the Accounts setup dialog in Mozilla Firefox ...)
+	TODO: check
+CVE-2015-5960 (Mozilla Firefox OS before 2.2 allows physically proximate attackers to ...)
+	TODO: check
 CVE-2015-XXXX [allows access to a connected USB printer via all configured network addresses]
 	- ippusbxd <unfixed> (bug #795162)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/11/1
@@ -451,6 +461,7 @@
 CVE-2015-5738
 	RESERVED
 CVE-2015-5959
+	RESERVED
 	- froxlor <itp> (bug #581792)
 CVE-2015-5957
 	RESERVED
@@ -3528,15 +3539,14 @@
 	RESERVED
 CVE-2015-4496
 	RESERVED
-CVE-2015-4495 [Same origin violation and local file stealing via PDF reader]
-	RESERVED
+CVE-2015-4495 (The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x ...)
 	- iceweasel 38.1.1esr-1
 	[jessie] - iceweasel <not-affected> (Only affects 38.x ESR and 39)
 	[wheezy] - iceweasel <not-affected> (Only affects 38.x ESR and 39)
 	[squeeze] - iceweasel <not-affected> (Only affects 38.x ESR and 39)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/
-CVE-2015-4494
-	RESERVED
+CVE-2015-4494 (Mozilla Firefox OS before 2.2 does not require the wifi-manage ...)
+	TODO: check
 CVE-2015-4493
 	RESERVED
 CVE-2015-4492
@@ -7922,8 +7932,8 @@
 	RESERVED
 CVE-2015-2981
 	RESERVED
-CVE-2015-2980
-	RESERVED
+CVE-2015-2980 (The Yodobashi application 1.2.1.0 and earlier for Android allows ...)
+	TODO: check
 CVE-2015-2979 (Webservice-DIC yoyaku_v41 allows remote attackers to execute arbitrary ...)
 	TODO: check
 CVE-2015-2978 (Webservice-DIC yoyaku_v41 allows remote attackers to bypass ...)
@@ -8119,8 +8129,8 @@
 	RESERVED
 CVE-2015-2898
 	RESERVED
-CVE-2015-2897
-	RESERVED
+CVE-2015-2897 (Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices ...)
+	TODO: check
 CVE-2015-2896
 	RESERVED
 CVE-2015-2895
@@ -8632,10 +8642,10 @@
 	NOTE: http://www.erlang.org/news/85
 	NOTE: CVE about "ssl: ... added padding check for TLS-1.0 due to the Poodle vulnerability."
 	NOTE: https://github.com/erlang/otp/commit/e53c55dd0ab69982bc511396ccf8655d27c6d38c
-CVE-2015-2745
-	RESERVED
-CVE-2015-2744
-	RESERVED
+CVE-2015-2745 (Multiple cross-site scripting (XSS) vulnerabilities in the Search app ...)
+	TODO: check
+CVE-2015-2744 (Cross-site scripting (XSS) vulnerability in the Search app in Gaia in ...)
+	TODO: check
 CVE-2015-2743 (PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 ...)
 	{DSA-3300-1}
 	- iceweasel 38.1.0esr-1
@@ -11484,8 +11494,7 @@
 	RESERVED
 	- jenkins <unfixed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
-CVE-2015-1805 [pipe: iovec overrun leading to memory corruption]
-	RESERVED
+CVE-2015-1805 (The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in ...)
 	{DSA-3290-1 DLA-246-1}
 	- linux 3.16.2-2
 	- linux-2.6 <removed>

More information about the Secure-testing-commits mailing list