[Secure-testing-commits] r38347 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Wed Dec 16 09:10:12 UTC 2015
Author: sectracker
Date: 2015-12-16 09:10:12 +0000 (Wed, 16 Dec 2015)
New Revision: 38347
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-16 08:35:44 UTC (rev 38346)
+++ data/CVE/list 2015-12-16 09:10:12 UTC (rev 38347)
@@ -1,3 +1,29 @@
+CVE-2015-8566
+ RESERVED
+CVE-2015-8565
+ RESERVED
+CVE-2015-8564
+ RESERVED
+CVE-2015-8563
+ RESERVED
+CVE-2015-8562
+ RESERVED
+CVE-2015-8561 (The F1BookView ActiveX control in F1 Bookview in Schneider Electric ...)
+ TODO: check
+CVE-2015-8555
+ RESERVED
+CVE-2015-8554
+ RESERVED
+CVE-2015-8553
+ RESERVED
+CVE-2015-8552
+ RESERVED
+CVE-2015-8551
+ RESERVED
+CVE-2015-8550
+ RESERVED
+CVE-2015-8549
+ RESERVED
CVE-2015-8569 [information leak from getsockname]
- linux <unfixed>
- linux-2.6 <removed>
@@ -18,11 +44,13 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/12/15/4
TODO: check
CVE-2015-8559 [knife bootstrap leaks validator privkey into system logs]
+ RESERVED
- chef <unfixed>
NOTE: https://github.com/chef/chef/issues/3871
NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/10
TODO: check
CVE-2015-8558 [usb: infinite loop in ehci_advance_state results in DoS]
+ RESERVED
- qemu <unfixed>
[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
- qemu-kvm <removed>
@@ -31,12 +59,14 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/9
TODO: check
CVE-2015-8557 [Shell Injection in Pygments FontManager._get_nix_font_path]
+ RESERVED
{DLA-369-1}
- pygments <unfixed> (bug #802828)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1276321
NOTE: https://bitbucket.org/birkenfeld/pygments-main/commits/0036ab1c99e256298094505e5e92f
NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/6
CVE-2015-8548 (Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as ...)
+ {DSA-3418-1}
- chromium-browser 47.0.2526.80-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
@@ -49,6 +79,7 @@
CVE-2015-8542
RESERVED
CVE-2015-8556 [Local Privilege Escalation in QEMU virtfs-proxy-helper]
+ RESERVED
- qemu <not-affected> (Issue specific to virtfs-proxy-helper in Gentoo installed suid)
NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/5
CVE-2015-XXXX [fuse: possible denial of service in fuse_fill_write_pages()]
@@ -61,6 +92,7 @@
NOTE: https://github.com/eventmachine/eventmachine/issues/501#issuecomment-37307556
TODO: check
CVE-2015-8560 [code execution via improper escaping of ; in foomatic-rip]
+ RESERVED
{DSA-3419-1}
- cups-filters 1.4.0-1 (bug #807930)
[wheezy] - cups-filters <not-affected> (Vulnerable code not present; introduced in 1.0.42)
@@ -3234,8 +3266,8 @@
RESERVED
CVE-2015-7919
RESERVED
-CVE-2015-7918
- RESERVED
+CVE-2015-7918 (Multiple buffer overflows in the F1BookView ActiveX control in F1 ...)
+ TODO: check
CVE-2015-7917
RESERVED
CVE-2015-7916
@@ -7251,8 +7283,8 @@
TODO: check
CVE-2015-6421
RESERVED
-CVE-2015-6420
- RESERVED
+CVE-2015-6420 (Serialized-object interfaces in certain Cisco Collaboration and Social ...)
+ TODO: check
CVE-2015-6419 (Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, ...)
TODO: check
CVE-2015-6418 (The random-number generator on Cisco Small Business RV routers 4.x and ...)
@@ -7269,8 +7301,8 @@
TODO: check
CVE-2015-6412
RESERVED
-CVE-2015-6411
- RESERVED
+CVE-2015-6411 (Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides ...)
+ TODO: check
CVE-2015-6410 (The Mobile and Remote Access (MRA) services implementation in Cisco ...)
TODO: check
CVE-2015-6409
@@ -7283,18 +7315,18 @@
TODO: check
CVE-2015-6405 (Cross-site request forgery (CSRF) vulnerability in Cisco Emergency ...)
TODO: check
-CVE-2015-6404
- RESERVED
-CVE-2015-6403
- RESERVED
+CVE-2015-6404 (Cisco Hosted Collaboration Mediation Fulfillment 10.6(3) does not use ...)
+ TODO: check
+CVE-2015-6403 (The TFTP implementation on Cisco Small Business SPA30x, SPA50x, SPA51x ...)
+ TODO: check
CVE-2015-6402 (Cross-site scripting (XSS) vulnerability in the management interface ...)
TODO: check
CVE-2015-6401 (Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote ...)
TODO: check
CVE-2015-6400 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency ...)
TODO: check
-CVE-2015-6399
- RESERVED
+CVE-2015-6399 (The Supervisor 1.0.0.0 and 1.0.0.1 in Cisco Integrated Management ...)
+ TODO: check
CVE-2015-6398
RESERVED
CVE-2015-6397
@@ -7380,8 +7412,8 @@
NOTE: Fixup: https://github.com/cisco/libsrtp/commit/be06686c8e98cc7bd934e10abb6f5e971d03f8ee
NOTE: https://github.com/cisco/libsrtp/commit/cdc69f2acde796a4152a250f869271298abc233f
TODO: check
-CVE-2015-6359
- RESERVED
+CVE-2015-6359 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
+ TODO: check
CVE-2015-6358
RESERVED
CVE-2015-6357 (The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 ...)
@@ -10348,7 +10380,7 @@
CVE-2015-5281 (The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL) ...)
TODO: check
CVE-2015-5280
- RESERVED
+ REJECTED
CVE-2015-5279 (Heap-based buffer overflow in the ne2000_receive function in ...)
{DSA-3362-1 DSA-3361-1}
- qemu 1:2.4+dfsg-3 (bug #799074)
@@ -11212,8 +11244,8 @@
TODO: check
CVE-2015-5005 (CSPOC in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 allows remote ...)
NOT-FOR-US: IBM
-CVE-2015-5004
- RESERVED
+CVE-2015-5004 (The Edge Component Caching Proxy in IBM WebSphere Application Server ...)
+ TODO: check
CVE-2015-5003
RESERVED
CVE-2015-5002
@@ -13294,8 +13326,8 @@
NOT-FOR-US: Cisco
CVE-2015-4207 (Cisco WebEx Meeting Center places a meeting's access number in a URL, ...)
NOT-FOR-US: Cisco
-CVE-2015-4206
- RESERVED
+CVE-2015-4206 (Cisco Unified Communications Manager (UCM) 8.0 through 8.6 allows ...)
+ TODO: check
CVE-2015-4205 (Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to ...)
NOT-FOR-US: Cisco
CVE-2015-4204 (Memory leak in Cisco IOS 12.2 in the Performance Routing Engine (PRE) ...)
More information about the Secure-testing-commits
mailing list