[Secure-testing-commits] r35632 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Wed Jul 22 21:10:18 UTC 2015 

Author: sectracker
Date: 2015-07-22 21:10:17 +0000 (Wed, 22 Jul 2015)
New Revision: 35632

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-07-22 20:51:26 UTC (rev 35631)
+++ data/CVE/list	2015-07-22 21:10:17 UTC (rev 35632)
@@ -1,3 +1,7 @@
+CVE-2015-5611 (Unspecified vulnerability in Uconnect 15.26.1, as used in certain Fiat ...)
+	TODO: check
+CVE-2015-5610 (The RSM (aka RSMWinService) service in SolarWinds N-Able N-Central ...)
+	TODO: check
 CVE-2015-5609
 	RESERVED
 CVE-2015-5608
@@ -374,8 +378,8 @@
 	RESERVED
 CVE-2015-5465
 	RESERVED
-CVE-2015-5464
-	RESERVED
+CVE-2015-5464 (Unspecified vulnerability on the Gemalto SafeNet Luna HSM has unknown ...)
+	TODO: check
 CVE-2015-5463
 	RESERVED
 CVE-2015-5462
@@ -1095,7 +1099,7 @@
 	RESERVED
 	- linux <unfixed>
 	[wheezy] - linux <undetermined>
-        - linux-2.6 <undetermined>
+	- linux-2.6 <undetermined>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a
 	NOTE: Same fix as for CVE-2015-3290.
 	NOTE: Some form of crash is likely in principle since 3.3.
@@ -2266,15 +2270,13 @@
 	NOT-FOR-US: SwiftKey language-pack update implementation on Samsung devices
 CVE-2012-6692 (Cross-site scripting (XSS) vulnerability in js/wp-seo-metabox.js in ...)
 	NOT-FOR-US: WordPress plugin wordpress-seo
-CVE-2015-4652 [GSM DTAP dissector could crash]
-	RESERVED
+CVE-2015-4652 (epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in ...)
 	{DSA-3294-1}
 	- wireshark 1.12.6+gee1fce6-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-20.html
-CVE-2015-4651 [WCCP dissector crash]
-	RESERVED
+CVE-2015-4651 (The dissect_wccp2r1_address_table_info function in ...)
 	{DSA-3294-1}
 	- wireshark 1.12.6+gee1fce6-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -2324,7 +2326,7 @@
 	RESERVED
 CVE-2015-4634 [SQL injection in graphs.php]
 	RESERVED
-	{DLA-278-1}
+	{DSA-3312-1 DLA-278-1}
 	- cacti 0.8.8e+ds1-1
 	NOTE: http://bugs.cacti.net/view.php?id=2577
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7731
@@ -2469,8 +2471,8 @@
 	NOT-FOR-US: WordPress plugin nextend-twitter-connect
 CVE-2015-4555
 	RESERVED
-CVE-2015-4554
-	RESERVED
+CVE-2015-4554 (Multiple unspecified vulnerabilities in TIBCO Spotfire Client and ...)
+	TODO: check
 CVE-2015-4553
 	RESERVED
 CVE-2015-4552
@@ -3053,8 +3055,8 @@
 	RESERVED
 CVE-2015-4284
 	RESERVED
-CVE-2015-4283
-	RESERVED
+CVE-2015-4283 (Cisco Videoscape Policy Resource Manager (PRM) 3.5.4 allows remote ...)
+	TODO: check
 CVE-2015-4282
 	RESERVED
 CVE-2015-4281
@@ -3121,16 +3123,16 @@
 	RESERVED
 CVE-2015-4250
 	RESERVED
-CVE-2015-4249 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx ...)
-	TODO: check
+CVE-2015-4249
+	REJECTED
 CVE-2015-4248
 	RESERVED
 CVE-2015-4247
-	RESERVED
-CVE-2015-4246
-	RESERVED
+	REJECTED
+CVE-2015-4246 (Cross-site scripting (XSS) vulnerability in Cisco WebEx Meeting Center ...)
+	TODO: check
 CVE-2015-4245
-	RESERVED
+	REJECTED
 CVE-2015-4244 (The boot implementation on Cisco ASR 5000 and 5500 devices with ...)
 	TODO: check
 CVE-2015-4243 (The PPPoE establishment implementation in Cisco IOS XE 3.5.0S on ASR ...)
@@ -5906,12 +5908,12 @@
 	TODO: double check for erliest introducing version
 CVE-2015-3290
 	RESERVED
-        - linux <unfixed>
-        [wheezy] - linux <not-affected> (Introduced in 3.13)
-        - linux-2.6 <not-affected> (Introduced in 3.13)
-        NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9d05041679904b12c12421cbcf9cb5f4860a8d7b (prerequisite)
-        NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e181bb58143cb4a2e8f01c281b0816cd0e4798e (prerequisite)
-        NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a
+	- linux <unfixed>
+	[wheezy] - linux <not-affected> (Introduced in 3.13)
+	- linux-2.6 <not-affected> (Introduced in 3.13)
+	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9d05041679904b12c12421cbcf9cb5f4860a8d7b (prerequisite)
+	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e181bb58143cb4a2e8f01c281b0816cd0e4798e (prerequisite)
+	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a
 CVE-2015-3289
 	RESERVED
 CVE-2015-3288
@@ -7177,8 +7179,8 @@
 	RESERVED
 CVE-2015-2870
 	RESERVED
-CVE-2015-2869
-	RESERVED
+CVE-2015-2869 (The FileInfo plugin before 2.22 for Ghisler Total Commander allows ...)
+	TODO: check
 CVE-2015-2868
 	RESERVED
 CVE-2015-2867
@@ -9549,8 +9551,8 @@
 	RESERVED
 CVE-2015-2135
 	RESERVED
-CVE-2015-2134
-	RESERVED
+CVE-2015-2134 (Cross-site request forgery (CSRF) vulnerability in HP System ...)
+	TODO: check
 CVE-2015-2133
 	RESERVED
 CVE-2015-2132
@@ -10108,10 +10110,10 @@
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2015-1907 (The Administration and Reporting Tool in IBM Rational License Key ...)
 	NOT-FOR-US: IBM Rational License Key Server
-CVE-2015-1906
-	RESERVED
-CVE-2015-1905
-	RESERVED
+CVE-2015-1906 (Cross-site scripting (XSS) vulnerability in the REST API in IBM ...)
+	TODO: check
+CVE-2015-1905 (The REST API in IBM Business Process Manager (BPM) 7.5.x through ...)
+	TODO: check
 CVE-2015-1904
 	RESERVED
 CVE-2015-1903 (Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and ...)

More information about the Secure-testing-commits mailing list