[Secure-testing-commits] r37689 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Fri Nov 13 21:10:11 UTC 2015 

Author: sectracker
Date: 2015-11-13 21:10:11 +0000 (Fri, 13 Nov 2015)
New Revision: 37689

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-11-13 19:21:40 UTC (rev 37688)
+++ data/CVE/list	2015-11-13 21:10:11 UTC (rev 37689)
@@ -1,3 +1,7 @@
+CVE-2015-8125
+	RESERVED
+CVE-2015-8124
+	RESERVED
 CVE-2015-8123
 	RESERVED
 CVE-2015-8122
@@ -34,7 +38,7 @@
 	RESERVED
 CVE-2015-8106
 	RESERVED
-CVE-2015-8126 [libpng buffer overflow in png_set_PLTE]
+CVE-2015-8126 (Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE ...)
 	- libpng <unfixed>
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/12/2
 	TODO: check (should be fixed in 1.6.19, 1.5.24, 1.4.17, 1.2.54, and 1.0.64)
@@ -595,8 +599,8 @@
 	RESERVED
 CVE-2015-7906
 	RESERVED
-CVE-2015-7905
-	RESERVED
+CVE-2015-7905 (Unitronics VisiLogic OPLC IDE before 9.8.02 allows remote attackers to ...)
+	TODO: check
 CVE-2015-7904 (Unrestricted file upload vulnerability in Infinite Automation Mango ...)
 	TODO: check
 CVE-2015-7903 (SQL injection vulnerability in Infinite Automation Mango Automation ...)
@@ -4241,8 +4245,8 @@
 	RESERVED
 CVE-2015-6479
 	RESERVED
-CVE-2015-6478
-	RESERVED
+CVE-2015-6478 (Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict ...)
+	TODO: check
 CVE-2015-6477 (Multiple cross-site scripting (XSS) vulnerabilities in the Wind Farm ...)
 	TODO: check
 CVE-2015-6476 (Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x ...)
@@ -4465,8 +4469,8 @@
 	RESERVED
 CVE-2015-6367
 	RESERVED
-CVE-2015-6366
-	RESERVED
+CVE-2015-6366 (Cisco IOS 15.2(04)M6 and 15.4(03)S lets physical-interface ACLs ...)
+	TODO: check
 CVE-2015-6365
 	RESERVED
 CVE-2015-6364
@@ -5099,8 +5103,8 @@
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-6046 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6045
-	RESERVED
+CVE-2015-6045 (Use-after-free vulnerability in the CElement object implementation in ...)
+	TODO: check
 CVE-2015-6044 (Microsoft Internet Explorer 8 allows remote attackers to gain ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-6043
@@ -15005,8 +15009,7 @@
 	RESERVED
 CVE-2015-2699
 	RESERVED
-CVE-2015-2698 [memory corruption caused due to original patch for CVE-2015-2696]
-	RESERVED
+CVE-2015-2698 (The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c ...)
 	- krb5 1.13.2+dfsg-4
 	[jessie] - krb5 <not-affected> (Only affected when applying original patch for CVE-2015-2696 only)
 	[wheezy] - krb5 <not-affected> (Only affected when applying original patch for CVE-2015-2696 only)

More information about the Secure-testing-commits mailing list