[Secure-testing-commits] r37728 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon Nov 16 21:10:17 UTC 2015
Author: sectracker
Date: 2015-11-16 21:10:17 +0000 (Mon, 16 Nov 2015)
New Revision: 37728
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-16 20:21:54 UTC (rev 37727)
+++ data/CVE/list 2015-11-16 21:10:17 UTC (rev 37728)
@@ -1,3 +1,171 @@
+CVE-2015-8213
+ RESERVED
+CVE-2015-8212
+ RESERVED
+CVE-2015-8211
+ RESERVED
+CVE-2015-8210
+ RESERVED
+CVE-2015-8209
+ RESERVED
+CVE-2015-8208
+ RESERVED
+CVE-2015-8207
+ RESERVED
+CVE-2015-8206
+ RESERVED
+CVE-2015-8205
+ RESERVED
+CVE-2015-8204
+ RESERVED
+CVE-2015-8203
+ RESERVED
+CVE-2015-8202
+ RESERVED
+CVE-2015-8201
+ RESERVED
+CVE-2015-8200
+ RESERVED
+CVE-2015-8199
+ RESERVED
+CVE-2015-8198
+ RESERVED
+CVE-2015-8197
+ RESERVED
+CVE-2015-8196
+ RESERVED
+CVE-2015-8195
+ RESERVED
+CVE-2015-8194
+ RESERVED
+CVE-2015-8193
+ RESERVED
+CVE-2015-8192
+ RESERVED
+CVE-2015-8191
+ RESERVED
+CVE-2015-8190
+ RESERVED
+CVE-2015-8189
+ RESERVED
+CVE-2015-8188
+ RESERVED
+CVE-2015-8187
+ RESERVED
+CVE-2015-8186
+ RESERVED
+CVE-2015-8185
+ RESERVED
+CVE-2015-8184
+ RESERVED
+CVE-2015-8183
+ RESERVED
+CVE-2015-8182
+ RESERVED
+CVE-2015-8181
+ RESERVED
+CVE-2015-8180
+ RESERVED
+CVE-2015-8179
+ RESERVED
+CVE-2015-8178
+ RESERVED
+CVE-2015-8177
+ RESERVED
+CVE-2015-8175
+ RESERVED
+CVE-2015-8174
+ RESERVED
+CVE-2015-8173
+ RESERVED
+CVE-2015-8172
+ RESERVED
+CVE-2015-8171
+ RESERVED
+CVE-2015-8170
+ RESERVED
+CVE-2015-8169
+ RESERVED
+CVE-2015-8168
+ RESERVED
+CVE-2015-8167
+ RESERVED
+CVE-2015-8166
+ RESERVED
+CVE-2015-8165
+ RESERVED
+CVE-2015-8164
+ RESERVED
+CVE-2015-8163
+ RESERVED
+CVE-2015-8162
+ RESERVED
+CVE-2015-8161
+ RESERVED
+CVE-2015-8160
+ RESERVED
+CVE-2015-8159
+ RESERVED
+CVE-2015-8158
+ RESERVED
+CVE-2015-8157
+ RESERVED
+CVE-2015-8156
+ RESERVED
+CVE-2015-8155
+ RESERVED
+CVE-2015-8154
+ RESERVED
+CVE-2015-8153
+ RESERVED
+CVE-2015-8152
+ RESERVED
+CVE-2015-8151
+ RESERVED
+CVE-2015-8150
+ RESERVED
+CVE-2015-8149
+ RESERVED
+CVE-2015-8148
+ RESERVED
+CVE-2015-8145
+ RESERVED
+CVE-2015-8144
+ RESERVED
+CVE-2015-8143
+ RESERVED
+CVE-2015-8142
+ RESERVED
+CVE-2015-8141
+ RESERVED
+CVE-2015-8140
+ RESERVED
+CVE-2015-8139
+ RESERVED
+CVE-2015-8138
+ RESERVED
+CVE-2015-8137
+ RESERVED
+CVE-2015-8136
+ RESERVED
+CVE-2015-8135
+ RESERVED
+CVE-2015-8134
+ RESERVED
+CVE-2015-8133
+ RESERVED
+CVE-2015-8132
+ RESERVED
+CVE-2015-8131
+ RESERVED
+CVE-2015-8130
+ RESERVED
+CVE-2015-8129
+ RESERVED
+CVE-2015-8128
+ RESERVED
+CVE-2015-8127
+ RESERVED
CVE-2015-XXXX [Use after free in ep_remove_wait_queue]
- linux <unfixed>
- linux-2.6 <removed>
@@ -125,8 +293,7 @@
RESERVED
CVE-2015-8090
RESERVED
-CVE-2015-8104 [KVM: svm: unconditionally intercept #DB]
- RESERVED
+CVE-2015-8104 (The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x ...)
- linux <unfixed>
- linux-2.6 <removed>
- xen <unfixed>
@@ -310,6 +477,7 @@
RESERVED
CVE-2015-8023
RESERVED
+ {DSA-3398-1}
- strongswan 5.3.3-3
NOTE: https://www.strongswan.org/blog/2015/11/16/strongswan-vulnerability-%28cve-2015-8023%29.html
CVE-2015-8022
@@ -849,8 +1017,7 @@
RESERVED
CVE-2015-7841
RESERVED
-CVE-2015-7872 [Keyrings crash triggerable by unprivileged user]
- RESERVED
+CVE-2015-7872 (The key_gc_unused_keys function in security/keys/gc.c in the Linux ...)
{DSA-3396-1}
- linux 4.2.5-1
- linux-2.6 <removed>
@@ -966,8 +1133,7 @@
[jessie] - dc3dd <not-affected> (Harmless crash due to hardening)
[wheezy] - dc3dd <no-dsa> (Minor issue)
NOTE: http://seclists.org/bugtraq/2015/Oct/71
-CVE-2015-7830 [Pcapng file parser crash]
- RESERVED
+CVE-2015-7830 (The pcapng_read_if_descr_block function in wiretap/pcapng.c in the ...)
- wireshark 1.12.8+g5b6e543-1
[jessie] - wireshark <no-dsa> (Minor issue, can be included in future DSA)
[wheezy] - wireshark <no-dsa> (Minor issue, can be included in future DSA)
@@ -1061,8 +1227,8 @@
RESERVED
CVE-2015-7775
RESERVED
-CVE-2015-7774
- RESERVED
+CVE-2015-7774 (PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows ...)
+ TODO: check
CVE-2015-7773
RESERVED
CVE-2015-7772
@@ -1939,8 +2105,8 @@
RESERVED
CVE-2015-7428
RESERVED
-CVE-2015-7427
- RESERVED
+CVE-2015-7427 (IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, ...)
+ TODO: check
CVE-2015-7426
RESERVED
CVE-2015-7425
@@ -1955,8 +2121,8 @@
RESERVED
CVE-2015-7420
RESERVED
-CVE-2015-7419
- RESERVED
+CVE-2015-7419 (IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows ...)
+ TODO: check
CVE-2015-7418
RESERVED
CVE-2015-7417
@@ -1985,8 +2151,8 @@
RESERVED
CVE-2015-7405
RESERVED
-CVE-2015-7404
- RESERVED
+CVE-2015-7404 (IBM Tivoli Storage Manager for Databases: Data Protection for ...)
+ TODO: check
CVE-2015-7403
RESERVED
CVE-2015-7402
@@ -3277,8 +3443,7 @@
NOTE: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=6fe51a9ab04fd28bbc171da3cf12f1c1040d6629
NOTE: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8240;selectid=8240
NOTE: http://www.openwall.com/lists/oss-security/2015/09/11/2
-CVE-2015-7312 [Use-after-free in Linux kernel with aufs mmap patch]
- RESERVED
+CVE-2015-7312 (Multiple race conditions in the Advanced Union Filesystem (aufs) ...)
- linux 4.2.1-1 (bug #796036)
[jessie] - linux 3.16.7-ckt11-1+deb8u4
[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -4515,14 +4680,14 @@
RESERVED
CVE-2015-6368
RESERVED
-CVE-2015-6367
- RESERVED
+CVE-2015-6367 (Cisco Aironet 1800 devices with software 8.1(131.0) allow remote ...)
+ TODO: check
CVE-2015-6366 (Cisco IOS 15.2(04)M6 and 15.4(03)S lets physical-interface ACLs ...)
TODO: check
-CVE-2015-6365
- RESERVED
-CVE-2015-6364
- RESERVED
+CVE-2015-6365 (Cisco IOS 15.2(04)M and 15.4(03)M lets physical-interface ACLs ...)
+ TODO: check
+CVE-2015-6364 (Cisco Content Delivery System Manager Software 3.2 on Videoscape ...)
+ TODO: check
CVE-2015-6363 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
TODO: check
CVE-2015-6362 (The web GUI in Cisco Connected Grid Network Management System (CG-NMS) ...)
@@ -7275,8 +7440,7 @@
NOTE: http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=6056396f77cafc7e40da4d09f1d6212408dcb065
CVE-2015-5308 (Multiple SQL injection vulnerabilities in cs_admin_users.php in the ...)
TODO: check
-CVE-2015-5307
- RESERVED
+CVE-2015-5307 (The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x ...)
{DSA-3396-1}
- linux 4.2.6-1
- linux-2.6 <removed>
@@ -7488,8 +7652,7 @@
RESERVED
CVE-2015-5258
RESERVED
-CVE-2015-5257 [USB: whiteheat: potential null-deref at probe]
- RESERVED
+CVE-2015-5257 (drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows ...)
{DSA-3372-1 DLA-325-1}
- linux 4.2.1-1
- linux-2.6 <removed>
@@ -11150,8 +11313,8 @@
NOT-FOR-US: SAP CRM
CVE-2015-3978 (SAP Sybase Unwired Platform Online Data Proxy allows local users to ...)
NOT-FOR-US: SAP Sybase Unwired Platform Online Data Proxy
-CVE-2015-3977
- RESERVED
+CVE-2015-3977 (Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before ...)
+ TODO: check
CVE-2015-3976
RESERVED
CVE-2015-3975
@@ -14484,8 +14647,7 @@
NOTE: https://nodesecurity.io/advisories/semver_redos
NOTE: https://github.com/npm/npm/releases/tag/v2.7.5
NOTE: libv8 is not covered by security support
-CVE-2015-2925 [It is possible to escape from bind mounts]
- RESERVED
+CVE-2015-2925 (The prepend_path function in fs/dcache.c in the Linux kernel before ...)
{DLA-325-1}
- linux 4.2.1-1
[jessie] - linux 3.16.7-ckt11-1+deb8u4
@@ -53964,8 +54126,8 @@
RESERVED
CVE-2013-5230
RESERVED
-CVE-2013-5229
- RESERVED
+CVE-2013-5229 (The Remote Desktop full-screen feature in Apple OS X before 10.9 and ...)
+ TODO: check
CVE-2013-5228 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, ...)
NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
CVE-2013-5227 (Apple Safari before 6.1.1 and 7.x before 7.0.1 allows remote attackers ...)
More information about the Secure-testing-commits
mailing list