[Secure-testing-commits] r38401 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu Dec 17 21:10:14 UTC 2015
Author: sectracker
Date: 2015-12-17 21:10:14 +0000 (Thu, 17 Dec 2015)
New Revision: 38401
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-17 21:04:37 UTC (rev 38400)
+++ data/CVE/list 2015-12-17 21:10:14 UTC (rev 38401)
@@ -1,3 +1,399 @@
+CVE-2016-0880
+ RESERVED
+CVE-2016-0879
+ RESERVED
+CVE-2016-0878
+ RESERVED
+CVE-2016-0877
+ RESERVED
+CVE-2016-0876
+ RESERVED
+CVE-2016-0875
+ RESERVED
+CVE-2016-0874
+ RESERVED
+CVE-2016-0873
+ RESERVED
+CVE-2016-0872
+ RESERVED
+CVE-2016-0871
+ RESERVED
+CVE-2016-0870
+ RESERVED
+CVE-2016-0869
+ RESERVED
+CVE-2016-0868
+ RESERVED
+CVE-2016-0867
+ RESERVED
+CVE-2016-0866
+ RESERVED
+CVE-2016-0865
+ RESERVED
+CVE-2016-0864
+ RESERVED
+CVE-2016-0863
+ RESERVED
+CVE-2016-0862
+ RESERVED
+CVE-2016-0861
+ RESERVED
+CVE-2016-0860
+ RESERVED
+CVE-2016-0859
+ RESERVED
+CVE-2016-0858
+ RESERVED
+CVE-2016-0857
+ RESERVED
+CVE-2016-0856
+ RESERVED
+CVE-2016-0855
+ RESERVED
+CVE-2016-0854
+ RESERVED
+CVE-2016-0853
+ RESERVED
+CVE-2016-0852
+ RESERVED
+CVE-2016-0851
+ RESERVED
+CVE-2016-0850
+ RESERVED
+CVE-2016-0849
+ RESERVED
+CVE-2016-0848
+ RESERVED
+CVE-2016-0847
+ RESERVED
+CVE-2016-0846
+ RESERVED
+CVE-2016-0845
+ RESERVED
+CVE-2016-0844
+ RESERVED
+CVE-2016-0843
+ RESERVED
+CVE-2016-0842
+ RESERVED
+CVE-2016-0841
+ RESERVED
+CVE-2016-0840
+ RESERVED
+CVE-2016-0839
+ RESERVED
+CVE-2016-0838
+ RESERVED
+CVE-2016-0837
+ RESERVED
+CVE-2016-0836
+ RESERVED
+CVE-2016-0835
+ RESERVED
+CVE-2016-0834
+ RESERVED
+CVE-2016-0833
+ RESERVED
+CVE-2016-0832
+ RESERVED
+CVE-2016-0831
+ RESERVED
+CVE-2016-0830
+ RESERVED
+CVE-2016-0829
+ RESERVED
+CVE-2016-0828
+ RESERVED
+CVE-2016-0827
+ RESERVED
+CVE-2016-0826
+ RESERVED
+CVE-2016-0825
+ RESERVED
+CVE-2016-0824
+ RESERVED
+CVE-2016-0823
+ RESERVED
+CVE-2016-0822
+ RESERVED
+CVE-2016-0821
+ RESERVED
+CVE-2016-0820
+ RESERVED
+CVE-2016-0819
+ RESERVED
+CVE-2016-0818
+ RESERVED
+CVE-2016-0817
+ RESERVED
+CVE-2016-0816
+ RESERVED
+CVE-2016-0815
+ RESERVED
+CVE-2016-0814
+ RESERVED
+CVE-2016-0813
+ RESERVED
+CVE-2016-0812
+ RESERVED
+CVE-2016-0811
+ RESERVED
+CVE-2016-0810
+ RESERVED
+CVE-2016-0809
+ RESERVED
+CVE-2016-0808
+ RESERVED
+CVE-2016-0807
+ RESERVED
+CVE-2016-0806
+ RESERVED
+CVE-2016-0805
+ RESERVED
+CVE-2016-0804
+ RESERVED
+CVE-2016-0803
+ RESERVED
+CVE-2016-0802
+ RESERVED
+CVE-2016-0801
+ RESERVED
+CVE-2016-0800
+ RESERVED
+CVE-2016-0799
+ RESERVED
+CVE-2016-0798
+ RESERVED
+CVE-2016-0797
+ RESERVED
+CVE-2016-0796
+ RESERVED
+CVE-2016-0795
+ RESERVED
+CVE-2016-0794
+ RESERVED
+CVE-2016-0793
+ RESERVED
+CVE-2016-0792
+ RESERVED
+CVE-2016-0791
+ RESERVED
+CVE-2016-0790
+ RESERVED
+CVE-2016-0789
+ RESERVED
+CVE-2016-0788
+ RESERVED
+CVE-2016-0787
+ RESERVED
+CVE-2016-0786
+ RESERVED
+CVE-2016-0785
+ RESERVED
+CVE-2016-0784
+ RESERVED
+CVE-2016-0783
+ RESERVED
+CVE-2016-0782
+ RESERVED
+CVE-2016-0781
+ RESERVED
+CVE-2016-0780
+ RESERVED
+CVE-2016-0779
+ RESERVED
+CVE-2016-0778
+ RESERVED
+CVE-2016-0777
+ RESERVED
+CVE-2016-0776
+ RESERVED
+CVE-2016-0775
+ RESERVED
+CVE-2016-0774
+ RESERVED
+CVE-2016-0773
+ RESERVED
+CVE-2016-0772
+ RESERVED
+CVE-2016-0771
+ RESERVED
+CVE-2016-0770
+ RESERVED
+CVE-2016-0769
+ RESERVED
+CVE-2016-0768
+ RESERVED
+CVE-2016-0767
+ RESERVED
+CVE-2016-0766
+ RESERVED
+CVE-2016-0765
+ RESERVED
+CVE-2016-0764
+ RESERVED
+CVE-2016-0763
+ RESERVED
+CVE-2016-0762
+ RESERVED
+CVE-2016-0761
+ RESERVED
+CVE-2016-0760
+ RESERVED
+CVE-2016-0759
+ RESERVED
+CVE-2016-0758
+ RESERVED
+CVE-2016-0757
+ RESERVED
+CVE-2016-0756
+ RESERVED
+CVE-2016-0755
+ RESERVED
+CVE-2016-0754
+ RESERVED
+CVE-2016-0753
+ RESERVED
+CVE-2016-0752
+ RESERVED
+CVE-2016-0751
+ RESERVED
+CVE-2016-0750
+ RESERVED
+CVE-2016-0749
+ RESERVED
+CVE-2016-0748
+ RESERVED
+CVE-2016-0747
+ RESERVED
+CVE-2016-0746
+ RESERVED
+CVE-2016-0745
+ RESERVED
+CVE-2016-0744
+ RESERVED
+CVE-2016-0743
+ RESERVED
+CVE-2016-0742
+ RESERVED
+CVE-2016-0741
+ RESERVED
+CVE-2016-0740
+ RESERVED
+CVE-2016-0739
+ RESERVED
+CVE-2016-0738
+ RESERVED
+CVE-2016-0737
+ RESERVED
+CVE-2016-0736
+ RESERVED
+CVE-2016-0735
+ RESERVED
+CVE-2016-0734
+ RESERVED
+CVE-2016-0733
+ RESERVED
+CVE-2016-0732
+ RESERVED
+CVE-2016-0731
+ RESERVED
+CVE-2016-0730
+ RESERVED
+CVE-2016-0729
+ RESERVED
+CVE-2016-0728
+ RESERVED
+CVE-2016-0727
+ RESERVED
+CVE-2016-0726
+ RESERVED
+CVE-2016-0725
+ RESERVED
+CVE-2016-0724
+ RESERVED
+CVE-2016-0723
+ RESERVED
+CVE-2016-0722
+ RESERVED
+CVE-2016-0721
+ RESERVED
+CVE-2016-0720
+ RESERVED
+CVE-2016-0719
+ RESERVED
+CVE-2016-0718
+ RESERVED
+CVE-2016-0717
+ RESERVED
+CVE-2016-0716
+ RESERVED
+CVE-2016-0715
+ RESERVED
+CVE-2016-0714
+ RESERVED
+CVE-2016-0713
+ RESERVED
+CVE-2016-0712
+ RESERVED
+CVE-2016-0711
+ RESERVED
+CVE-2016-0710
+ RESERVED
+CVE-2016-0709
+ RESERVED
+CVE-2016-0708
+ RESERVED
+CVE-2016-0707
+ RESERVED
+CVE-2016-0706
+ RESERVED
+CVE-2016-0705
+ RESERVED
+CVE-2016-0704
+ RESERVED
+CVE-2016-0703
+ RESERVED
+CVE-2016-0702
+ RESERVED
+CVE-2016-0701
+ RESERVED
+CVE-2015-8591
+ RESERVED
+CVE-2015-8590
+ RESERVED
+CVE-2015-8589
+ RESERVED
+CVE-2015-8588
+ RESERVED
+CVE-2015-8587
+ RESERVED
+CVE-2015-8586
+ RESERVED
+CVE-2015-8585
+ RESERVED
+CVE-2015-8584
+ RESERVED
+CVE-2015-8583
+ RESERVED
+CVE-2015-8582
+ RESERVED
+CVE-2015-8581 (The EjbObjectInputStream class in Apache TomEE allows remote attackers ...)
+ TODO: check
+CVE-2015-8580 (Multiple use-after-free vulnerabilities in the (1) Print method and ...)
+ TODO: check
+CVE-2015-8579 (Kaspersky Total Security 2015 15.0.2.361 allocates memory with Read, ...)
+ TODO: check
+CVE-2015-8578 (AVG Internet Security 2015 allocates memory with Read, Write, Execute ...)
+ TODO: check
+CVE-2015-8577 (The Buffer Overflow Protection (BOP) feature in McAfee VirusScan ...)
+ TODO: check
+CVE-2015-8576
+ RESERVED
+CVE-2015-8574
+ RESERVED
+CVE-2015-8573
+ RESERVED
CVE-2015-XXXX [XSA-166: ioreq handling possibly susceptible to multiple read issue]
- xen <unfixed>
[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
@@ -9,19 +405,20 @@
CVE-2015-8570 (The password reset functionality in Lepide Active Directory Self ...)
TODO: check
CVE-2015-8575 [sco_sock_bind issue]
+ RESERVED
- linux <unfixed>
- linux-2.6 <removed>
NOTE: pstream commit (not yet in Linus tree): http://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4
-CVE-2015-8566
- RESERVED
-CVE-2015-8565
- RESERVED
-CVE-2015-8564
- RESERVED
-CVE-2015-8563
- RESERVED
-CVE-2015-8562
- RESERVED
+CVE-2015-8566 (The Session package 1.x before 1.3.1 for Joomla! Framework allows ...)
+ TODO: check
+CVE-2015-8565 (Directory traversal vulnerability in Joomla! 3.2.0 through 3.3.x and ...)
+ TODO: check
+CVE-2015-8564 (Directory traversal vulnerability in Joomla! 3.4.x before 3.4.6 allows ...)
+ TODO: check
+CVE-2015-8563 (Cross-site request forgery (CSRF) vulnerability in the com_templates ...)
+ TODO: check
+CVE-2015-8562 (Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to ...)
+ TODO: check
CVE-2015-8561 (The F1BookView ActiveX control in F1 Bookview in Schneider Electric ...)
TODO: check
CVE-2015-8555 [information leak in legacy x86 FPU/XMM initialization]
@@ -131,7 +528,7 @@
TODO: check
CVE-2015-8560 [code execution via improper escaping of ; in foomatic-rip]
RESERVED
- {DSA-3419-1}
+ {DSA-3419-1 DLA-371-1}
- cups-filters 1.4.0-1 (bug #807930)
[wheezy] - cups-filters <not-affected> (Vulnerable code not present; introduced in 1.0.42)
- foomatic-filters <unfixed> (bug #807993)
@@ -1755,8 +2152,7 @@
[squeeze] - shotwell <no-dsa> (Minor issue)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/12/04/4
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=754488
-CVE-2015-8476 [PHPMailer Message Injection Vulnerability]
- RESERVED
+CVE-2015-8476 (Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 ...)
{DSA-3416-1 DLA-363-1}
- libphp-phpmailer 5.2.14+dfsg-1 (bug #807265)
NOTE: https://github.com/PHPMailer/PHPMailer/commit/6687a96a18b8f12148881e4ddde795ae477284b0 (v5.2.14)
@@ -1785,8 +2181,7 @@
RESERVED
CVE-2015-8462
RESERVED
-CVE-2015-8461 [A race condition when handling socket errors can lead to an assertion failure in resolver.c]
- RESERVED
+CVE-2015-8461 (Race condition in resolver.c in named in ISC BIND 9.9.8 before ...)
- bind9 <not-affected> (Only affects 9.9.8 -> 9.9.8-P1, 9.9.8-S1 -> 9.9.8-S2, 9.10.3 -> 9.10.3-P1)
NOTE: https://kb.isc.org/article/AA-01319
CVE-2015-8460
@@ -1956,8 +2351,7 @@
RESERVED
CVE-2015-8371
RESERVED
-CVE-2015-8370 [buffer overflow when checking password entered during bootup]
- RESERVED
+CVE-2015-8370 (Multiple integer underflows in Grub2 1.98 through 2.02 allow ...)
{DSA-3421-1 DLA-368-1}
- grub2 2.02~beta2-33 (bug #807614)
NOTE: https://twitter.com/lostinsecurity/status/674925944524640257
@@ -2015,10 +2409,10 @@
RESERVED
CVE-2015-8359
RESERVED
-CVE-2015-8358
- RESERVED
-CVE-2015-8357
- RESERVED
+CVE-2015-8358 (Directory traversal vulnerability in the bitrix.mpbuilder module ...)
+ TODO: check
+CVE-2015-8357 (Directory traversal vulnerability in the bitrix.xscan module before ...)
+ TODO: check
CVE-2015-8356
RESERVED
CVE-2015-8355
@@ -2641,7 +3035,7 @@
RESERVED
CVE-2013-7446 [Use after free in ep_remove_wait_queue]
RESERVED
- {DLA-360-1}
+ {DSA-3426-1 DLA-360-1}
- linux 4.2.6-2
- linux-2.6 <removed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1273845
@@ -2781,7 +3175,7 @@
CVE-2015-8090 (The Web Server component in TIBCO LogLogic Unity before 1.1.1 allows ...)
NOT-FOR-US: TIBCO
CVE-2015-8104 (The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x ...)
- {DSA-3414-1}
+ {DSA-3426-1 DSA-3414-1}
- linux 4.2.6-2
- linux-2.6 <removed>
- xen <unfixed>
@@ -3062,8 +3456,7 @@
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T91203
-CVE-2015-8000 [Responses with a malformed class attribute can trigger an assertion failure in db.c]
- RESERVED
+CVE-2015-8000 (db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before ...)
{DSA-3420-1 DLA-370-1}
- bind9 1:9.9.5.dfsg-12.1 (bug #808081)
NOTE: https://kb.isc.org/article/AA-01317
@@ -3578,7 +3971,7 @@
- libv8 <unfixed> (unimportant)
NOTE: libv8 not covered by security support
CVE-2015-7833 (The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 ...)
- {DSA-3396-1 DLA-360-1}
+ {DSA-3426-1 DSA-3396-1 DLA-360-1}
- linux 4.2.6-2
- linux-2.6 <removed>
NOTE: http://git.linuxtv.org/cgit.cgi/media_tree.git/commit?id=588afcc1c0e45358159090d95bf7b246fb67565
@@ -3703,7 +4096,7 @@
CVE-2015-7800
RESERVED
CVE-2015-7799 (The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel ...)
- {DLA-360-1}
+ {DSA-3426-1 DLA-360-1}
- linux 4.2.6-2
- linux-2.6 <removed>
NOTE: https://code.google.com/p/android/issues/detail?id=187973
@@ -7318,8 +7711,8 @@
RESERVED
CVE-2015-6426
RESERVED
-CVE-2015-6425
- RESERVED
+CVE-2015-6425 (The WebApplications Identity Management subsystem in Cisco Unified ...)
+ TODO: check
CVE-2015-6424
RESERVED
CVE-2015-6423
@@ -10331,8 +10724,8 @@
TODO: check
CVE-2015-5305 (Directory traversal vulnerability in Kubernetes, as used in Red Hat ...)
- kubernetes <itp> (bug #795652)
-CVE-2015-5304
- RESERVED
+CVE-2015-5304 (Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.5 does ...)
+ TODO: check
CVE-2015-5303
RESERVED
CVE-2015-5302 (libreport 2.0.7 before 2.6.3 only saves changes to the first file when ...)
@@ -24315,6 +24708,7 @@
[squeeze] - rabbitmq-server <not-affected> (Management web UI not available in version 1.8.1)
CVE-2015-0861 [missing access permission checks for fields when multiple records are written]
RESERVED
+ {DSA-3425-1}
- tryton-server 3.8.1-1
[wheezy] - tryton-server <not-affected> (Version < 3.2)
[squeeze] - tryton-server <not-affected> (Version < 3.2)
More information about the Secure-testing-commits
mailing list