[Secure-testing-commits] r35779 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Wed Jul 29 21:10:15 UTC 2015 

Author: sectracker
Date: 2015-07-29 21:10:15 +0000 (Wed, 29 Jul 2015)
New Revision: 35779

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-07-29 19:51:45 UTC (rev 35778)
+++ data/CVE/list	2015-07-29 21:10:15 UTC (rev 35779)
@@ -1,3 +1,15 @@
+CVE-2015-5693
+	RESERVED
+CVE-2015-5692
+	RESERVED
+CVE-2015-5691
+	RESERVED
+CVE-2015-5690
+	RESERVED
+CVE-2015-5689
+	RESERVED
+CVE-2009-5148
+	RESERVED
 CVE-2015-XXXX [buffer overflow]
 	- remind <unfixed> (unimportant)
 	NOTE: Non-exploitable starting with Wheezy due to D_FORTIFY_SOURCE
@@ -3,6 +15,8 @@
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/07/29/2
 CVE-2015-5695 [Quotas were being bypassed]
+	RESERVED
 	- designate <unfixed>
 CVE-2015-5694 [does not enforce the DNS protocol limit concerning record set sizes]
+	RESERVED
 	- designate <unfixed>
 CVE-2015-5688
@@ -178,7 +192,7 @@
 	RESERVED
 	- wordpress 4.2.3+dfsg-1
 	NOTE: https://core.trac.wordpress.org/changeset/33359
-CVE-2015-5611 (Unspecified vulnerability in Uconnect 15.26.1, as used in certain Fiat ...)
+CVE-2015-5611 (Unspecified vulnerability in Uconnect before 15.26.1, as used in ...)
 	NOT-FOR-US: Uconnect
 CVE-2015-5610 (The RSM (aka RSMWinService) service in SolarWinds N-Able N-Central ...)
 	NOT-FOR-US: SolarWinds
@@ -3266,10 +3280,10 @@
 	RESERVED
 CVE-2015-4289
 	RESERVED
-CVE-2015-4288
-	RESERVED
-CVE-2015-4287
-	RESERVED
+CVE-2015-4288 (The LDAP implementation on the Cisco Web Security Appliance (WSA) ...)
+	TODO: check
+CVE-2015-4287 (Cisco Firepower Extensible Operating System 1.1(1.86) on Firepower ...)
+	TODO: check
 CVE-2015-4286
 	RESERVED
 CVE-2015-4285 (The Local Packet Transport Services (LPTS) implementation in Cisco IOS ...)
@@ -7179,8 +7193,8 @@
 	TODO: check
 CVE-2015-2975 (Research Artisan Lite before 1.18 does not ensure that a user has ...)
 	TODO: check
-CVE-2015-2974
-	RESERVED
+CVE-2015-2974 (LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to ...)
+	TODO: check
 CVE-2015-2973 (Multiple cross-site scripting (XSS) vulnerabilities in the Welcart ...)
 	TODO: check
 CVE-2015-2972 (Multiple SQL injection vulnerabilities in Sysphonic Thetis before ...)
@@ -9310,6 +9324,7 @@
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=5fc2fede9c7c963c950d8b96dcc0f7af88b4d695
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd, the embedded copy was fixed upstream in 5.6.5
 CVE-2009-5147
+	RESERVED
 	- ruby1.8 <removed>
 	- ruby1.9.1 <removed>
 	- ruby2.0 <removed>
@@ -14572,8 +14587,8 @@
 	NOT-FOR-US: Cisco
 CVE-2015-0733 (CRLF injection vulnerability in the HTTP Header Handler in Digital ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0732
-	RESERVED
+CVE-2015-0732 (Cross-site scripting (XSS) vulnerability in Cisco AsyncOS on the Web ...)
+	TODO: check
 CVE-2015-0731 (The ISDN implementation in Cisco IOS 15.3S allows remote attackers to ...)
 	NOT-FOR-US: Cisco
 CVE-2015-0730 (The SMB module in Cisco Wide Area Application Services (WAAS) 6.0(1) ...)

More information about the Secure-testing-commits mailing list