[Secure-testing-commits] r32622 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Tue Mar 3 21:10:23 UTC 2015 

Author: sectracker
Date: 2015-03-03 21:10:23 +0000 (Tue, 03 Mar 2015)
New Revision: 32622

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-03 18:42:38 UTC (rev 32621)
+++ data/CVE/list	2015-03-03 21:10:23 UTC (rev 32622)
@@ -1,3 +1,45 @@
+CVE-2015-2192
+	RESERVED
+CVE-2015-2191
+	RESERVED
+CVE-2015-2190
+	RESERVED
+CVE-2015-2189
+	RESERVED
+CVE-2015-2188
+	RESERVED
+CVE-2015-2187
+	RESERVED
+CVE-2015-2186
+	RESERVED
+CVE-2015-2185
+	RESERVED
+CVE-2015-2184
+	RESERVED
+CVE-2015-2183
+	RESERVED
+CVE-2015-2182
+	RESERVED
+CVE-2015-2181
+	RESERVED
+CVE-2015-2180
+	RESERVED
+CVE-2015-2179
+	RESERVED
+CVE-2015-2178
+	RESERVED
+CVE-2015-2177
+	RESERVED
+CVE-2015-2176
+	RESERVED
+CVE-2015-2175
+	RESERVED
+CVE-2015-2174
+	RESERVED
+CVE-2015-2173
+	RESERVED
+CVE-2009-5145
+	RESERVED
 CVE-2015-2171
 	RESERVED
 CVE-2015-2170
@@ -5,7 +47,7 @@
 CVE-2015-2169
 	RESERVED
 CVE-2015-2168
-	RESERVED
+	REJECTED
 CVE-2015-2167
 	RESERVED
 CVE-2015-2166
@@ -1274,8 +1316,7 @@
 	- glance <not-affected> (Only affects 2014.2.x releases, only present in experimental)
 	[wheezy] - glance <not-affected> (Vulnerable code not present)
 	NOTE: https://review.openstack.org/#/c/122427/
-CVE-2014-9683 [ecryptfs 1-byte overwrite]
-	RESERVED
+CVE-2014-9683 (Off-by-one error in the ecryptfs_decode_from_filename function in ...)
 	{DSA-3170-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
@@ -3752,7 +3793,7 @@
 	NOT-FOR-US: Joomlaskin JS Multi Hotel (aka JS MultiHotel and Js-Multi-Hotel) plugin for WordPress
 CVE-2015-2063 [buffer overflow]
 	RESERVED
-	{DSA-3178-1}
+	{DSA-3178-1 DLA-164-1}
 	- unace 1.2b-12 (bug #775003)
 	NOTE: http://git.hadrons.org/?p=debian/pkgs/unace.git;a=commitdiff;h=319446f
 CVE-2015-0920 (Cross-site request forgery (CSRF) vulnerability in the Banner Effect ...)
@@ -3815,8 +3856,8 @@
 	RESERVED
 CVE-2015-0891
 	RESERVED
-CVE-2015-0890
-	RESERVED
+CVE-2015-0890 (The BestWebSoft Google Captcha (aka reCAPTCHA) plugin before 1.13 for ...)
+	TODO: check
 CVE-2015-0889 (KENT-WEB Joyful Note before 5.3 allows remote attackers to delete ...)
 	TODO: check
 CVE-2015-0888 (KENT-WEB Clip Board before 4.1 allows remote attackers to delete ...)
@@ -3932,7 +3973,7 @@
 	- gnupg 1.4.18-7
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=6cbc75e71295f23431c4ab95edc7573f2fc28476
 CVE-2015-0836 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
-	{DSA-3174-1}
+	{DSA-3179-1 DSA-3174-1}
 	- iceweasel 31.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.5.0-1
@@ -3952,7 +3993,7 @@
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-13/
 CVE-2015-0831 (Use-after-free vulnerability in the ...)
-	{DSA-3174-1}
+	{DSA-3179-1 DSA-3174-1}
 	- iceweasel 31.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.5.0-1
@@ -3968,7 +4009,7 @@
 	- iceweasel <not-affected> (Doesn't affect the memory allocator used in the Debian builds)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-18/
 CVE-2015-0827 (Heap-based buffer overflow in the mozilla::gfx::CopyRect function in ...)
-	{DSA-3174-1}
+	{DSA-3179-1 DSA-3174-1}
 	- iceweasel 31.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.5.0-1
@@ -3987,7 +4028,7 @@
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-23/
 CVE-2015-0822 (The Form Autocompletion feature in Mozilla Firefox before 36.0, ...)
-	{DSA-3174-1}
+	{DSA-3179-1 DSA-3174-1}
 	- iceweasel 31.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.5.0-1
@@ -6063,8 +6104,8 @@
 	RESERVED
 CVE-2014-9284
 	RESERVED
-CVE-2014-9283
-	RESERVED
+CVE-2014-9283 (The BestWebSoft Captcha plugin before 4.0.7 for WordPress allows ...)
+	TODO: check
 CVE-2014-9282 (Directory traversal vulnerability in the Speed Root Explorer ...)
 	TODO: check
 CVE-2014-9268 (The AdView.AdViewer.1 ActiveX control in Autodesk Design Review (ADR) ...)
@@ -10746,8 +10787,8 @@
 	RESERVED
 CVE-2014-7897
 	RESERVED
-CVE-2014-7896
-	RESERVED
+CVE-2014-7896 (Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 ...)
+	TODO: check
 CVE-2014-7895
 	RESERVED
 CVE-2014-7894

More information about the Secure-testing-commits mailing list