[Secure-testing-commits] r37728 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Mon Nov 16 21:10:17 UTC 2015


Author: sectracker
Date: 2015-11-16 21:10:17 +0000 (Mon, 16 Nov 2015)
New Revision: 37728

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-11-16 20:21:54 UTC (rev 37727)
+++ data/CVE/list	2015-11-16 21:10:17 UTC (rev 37728)
@@ -1,3 +1,171 @@
+CVE-2015-8213
+	RESERVED
+CVE-2015-8212
+	RESERVED
+CVE-2015-8211
+	RESERVED
+CVE-2015-8210
+	RESERVED
+CVE-2015-8209
+	RESERVED
+CVE-2015-8208
+	RESERVED
+CVE-2015-8207
+	RESERVED
+CVE-2015-8206
+	RESERVED
+CVE-2015-8205
+	RESERVED
+CVE-2015-8204
+	RESERVED
+CVE-2015-8203
+	RESERVED
+CVE-2015-8202
+	RESERVED
+CVE-2015-8201
+	RESERVED
+CVE-2015-8200
+	RESERVED
+CVE-2015-8199
+	RESERVED
+CVE-2015-8198
+	RESERVED
+CVE-2015-8197
+	RESERVED
+CVE-2015-8196
+	RESERVED
+CVE-2015-8195
+	RESERVED
+CVE-2015-8194
+	RESERVED
+CVE-2015-8193
+	RESERVED
+CVE-2015-8192
+	RESERVED
+CVE-2015-8191
+	RESERVED
+CVE-2015-8190
+	RESERVED
+CVE-2015-8189
+	RESERVED
+CVE-2015-8188
+	RESERVED
+CVE-2015-8187
+	RESERVED
+CVE-2015-8186
+	RESERVED
+CVE-2015-8185
+	RESERVED
+CVE-2015-8184
+	RESERVED
+CVE-2015-8183
+	RESERVED
+CVE-2015-8182
+	RESERVED
+CVE-2015-8181
+	RESERVED
+CVE-2015-8180
+	RESERVED
+CVE-2015-8179
+	RESERVED
+CVE-2015-8178
+	RESERVED
+CVE-2015-8177
+	RESERVED
+CVE-2015-8175
+	RESERVED
+CVE-2015-8174
+	RESERVED
+CVE-2015-8173
+	RESERVED
+CVE-2015-8172
+	RESERVED
+CVE-2015-8171
+	RESERVED
+CVE-2015-8170
+	RESERVED
+CVE-2015-8169
+	RESERVED
+CVE-2015-8168
+	RESERVED
+CVE-2015-8167
+	RESERVED
+CVE-2015-8166
+	RESERVED
+CVE-2015-8165
+	RESERVED
+CVE-2015-8164
+	RESERVED
+CVE-2015-8163
+	RESERVED
+CVE-2015-8162
+	RESERVED
+CVE-2015-8161
+	RESERVED
+CVE-2015-8160
+	RESERVED
+CVE-2015-8159
+	RESERVED
+CVE-2015-8158
+	RESERVED
+CVE-2015-8157
+	RESERVED
+CVE-2015-8156
+	RESERVED
+CVE-2015-8155
+	RESERVED
+CVE-2015-8154
+	RESERVED
+CVE-2015-8153
+	RESERVED
+CVE-2015-8152
+	RESERVED
+CVE-2015-8151
+	RESERVED
+CVE-2015-8150
+	RESERVED
+CVE-2015-8149
+	RESERVED
+CVE-2015-8148
+	RESERVED
+CVE-2015-8145
+	RESERVED
+CVE-2015-8144
+	RESERVED
+CVE-2015-8143
+	RESERVED
+CVE-2015-8142
+	RESERVED
+CVE-2015-8141
+	RESERVED
+CVE-2015-8140
+	RESERVED
+CVE-2015-8139
+	RESERVED
+CVE-2015-8138
+	RESERVED
+CVE-2015-8137
+	RESERVED
+CVE-2015-8136
+	RESERVED
+CVE-2015-8135
+	RESERVED
+CVE-2015-8134
+	RESERVED
+CVE-2015-8133
+	RESERVED
+CVE-2015-8132
+	RESERVED
+CVE-2015-8131
+	RESERVED
+CVE-2015-8130
+	RESERVED
+CVE-2015-8129
+	RESERVED
+CVE-2015-8128
+	RESERVED
+CVE-2015-8127
+	RESERVED
 CVE-2015-XXXX [Use after free in ep_remove_wait_queue]
 	- linux <unfixed>
 	- linux-2.6 <removed>
@@ -125,8 +293,7 @@
 	RESERVED
 CVE-2015-8090
 	RESERVED
-CVE-2015-8104 [KVM: svm: unconditionally intercept #DB]
-	RESERVED
+CVE-2015-8104 (The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x ...)
 	- linux <unfixed>
 	- linux-2.6 <removed>
 	- xen <unfixed>
@@ -310,6 +477,7 @@
 	RESERVED
 CVE-2015-8023
 	RESERVED
+	{DSA-3398-1}
 	- strongswan 5.3.3-3
 	NOTE: https://www.strongswan.org/blog/2015/11/16/strongswan-vulnerability-%28cve-2015-8023%29.html
 CVE-2015-8022
@@ -849,8 +1017,7 @@
 	RESERVED
 CVE-2015-7841
 	RESERVED
-CVE-2015-7872 [Keyrings crash triggerable by unprivileged user]
-	RESERVED
+CVE-2015-7872 (The key_gc_unused_keys function in security/keys/gc.c in the Linux ...)
 	{DSA-3396-1}
 	- linux 4.2.5-1
 	- linux-2.6 <removed>
@@ -966,8 +1133,7 @@
 	[jessie] - dc3dd <not-affected> (Harmless crash due to hardening)
 	[wheezy] - dc3dd <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/bugtraq/2015/Oct/71
-CVE-2015-7830 [Pcapng file parser crash]
-	RESERVED
+CVE-2015-7830 (The pcapng_read_if_descr_block function in wiretap/pcapng.c in the ...)
 	- wireshark 1.12.8+g5b6e543-1
 	[jessie] - wireshark <no-dsa> (Minor issue, can be included in future DSA)
 	[wheezy] - wireshark <no-dsa> (Minor issue, can be included in future DSA)
@@ -1061,8 +1227,8 @@
 	RESERVED
 CVE-2015-7775
 	RESERVED
-CVE-2015-7774
-	RESERVED
+CVE-2015-7774 (PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows ...)
+	TODO: check
 CVE-2015-7773
 	RESERVED
 CVE-2015-7772
@@ -1939,8 +2105,8 @@
 	RESERVED
 CVE-2015-7428
 	RESERVED
-CVE-2015-7427
-	RESERVED
+CVE-2015-7427 (IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, ...)
+	TODO: check
 CVE-2015-7426
 	RESERVED
 CVE-2015-7425
@@ -1955,8 +2121,8 @@
 	RESERVED
 CVE-2015-7420
 	RESERVED
-CVE-2015-7419
-	RESERVED
+CVE-2015-7419 (IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows ...)
+	TODO: check
 CVE-2015-7418
 	RESERVED
 CVE-2015-7417
@@ -1985,8 +2151,8 @@
 	RESERVED
 CVE-2015-7405
 	RESERVED
-CVE-2015-7404
-	RESERVED
+CVE-2015-7404 (IBM Tivoli Storage Manager for Databases: Data Protection for ...)
+	TODO: check
 CVE-2015-7403
 	RESERVED
 CVE-2015-7402
@@ -3277,8 +3443,7 @@
 	NOTE: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=6fe51a9ab04fd28bbc171da3cf12f1c1040d6629
 	NOTE: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8240;selectid=8240
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/11/2
-CVE-2015-7312 [Use-after-free in Linux kernel with aufs mmap patch]
-	RESERVED
+CVE-2015-7312 (Multiple race conditions in the Advanced Union Filesystem (aufs) ...)
 	- linux 4.2.1-1 (bug #796036)
 	[jessie] - linux 3.16.7-ckt11-1+deb8u4
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -4515,14 +4680,14 @@
 	RESERVED
 CVE-2015-6368
 	RESERVED
-CVE-2015-6367
-	RESERVED
+CVE-2015-6367 (Cisco Aironet 1800 devices with software 8.1(131.0) allow remote ...)
+	TODO: check
 CVE-2015-6366 (Cisco IOS 15.2(04)M6 and 15.4(03)S lets physical-interface ACLs ...)
 	TODO: check
-CVE-2015-6365
-	RESERVED
-CVE-2015-6364
-	RESERVED
+CVE-2015-6365 (Cisco IOS 15.2(04)M and 15.4(03)M lets physical-interface ACLs ...)
+	TODO: check
+CVE-2015-6364 (Cisco Content Delivery System Manager Software 3.2 on Videoscape ...)
+	TODO: check
 CVE-2015-6363 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
 	TODO: check
 CVE-2015-6362 (The web GUI in Cisco Connected Grid Network Management System (CG-NMS) ...)
@@ -7275,8 +7440,7 @@
 	NOTE: http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=6056396f77cafc7e40da4d09f1d6212408dcb065
 CVE-2015-5308 (Multiple SQL injection vulnerabilities in cs_admin_users.php in the ...)
 	TODO: check
-CVE-2015-5307
-	RESERVED
+CVE-2015-5307 (The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x ...)
 	{DSA-3396-1}
 	- linux 4.2.6-1
 	- linux-2.6 <removed>
@@ -7488,8 +7652,7 @@
 	RESERVED
 CVE-2015-5258
 	RESERVED
-CVE-2015-5257 [USB: whiteheat: potential null-deref at probe]
-	RESERVED
+CVE-2015-5257 (drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows ...)
 	{DSA-3372-1 DLA-325-1}
 	- linux 4.2.1-1
 	- linux-2.6 <removed>
@@ -11150,8 +11313,8 @@
 	NOT-FOR-US: SAP CRM
 CVE-2015-3978 (SAP Sybase Unwired Platform Online Data Proxy allows local users to ...)
 	NOT-FOR-US: SAP Sybase Unwired Platform Online Data Proxy
-CVE-2015-3977
-	RESERVED
+CVE-2015-3977 (Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before ...)
+	TODO: check
 CVE-2015-3976
 	RESERVED
 CVE-2015-3975
@@ -14484,8 +14647,7 @@
 	NOTE: https://nodesecurity.io/advisories/semver_redos
 	NOTE: https://github.com/npm/npm/releases/tag/v2.7.5
 	NOTE: libv8 is not covered by security support
-CVE-2015-2925 [It is possible to escape from bind mounts]
-	RESERVED
+CVE-2015-2925 (The prepend_path function in fs/dcache.c in the Linux kernel before ...)
 	{DLA-325-1}
 	- linux 4.2.1-1
 	[jessie] - linux 3.16.7-ckt11-1+deb8u4
@@ -53964,8 +54126,8 @@
 	RESERVED
 CVE-2013-5230
 	RESERVED
-CVE-2013-5229
-	RESERVED
+CVE-2013-5229 (The Remote Desktop full-screen feature in Apple OS X before 10.9 and ...)
+	TODO: check
 CVE-2013-5228 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2013-5227 (Apple Safari before 6.1.1 and 7.x before 7.0.1 allows remote attackers ...)




More information about the Secure-testing-commits mailing list