[Secure-testing-commits] r38000 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Mon Nov 30 21:10:16 UTC 2015 

Author: sectracker
Date: 2015-11-30 21:10:16 +0000 (Mon, 30 Nov 2015)
New Revision: 38000

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-11-30 21:08:29 UTC (rev 37999)
+++ data/CVE/list	2015-11-30 21:10:16 UTC (rev 38000)
@@ -1,3 +1,15 @@
+CVE-2015-8376
+	RESERVED
+CVE-2015-8373
+	RESERVED
+CVE-2015-8372
+	RESERVED
+CVE-2015-8371
+	RESERVED
+CVE-2015-8370
+	RESERVED
+CVE-2015-8369
+	RESERVED
 CVE-2015-XXXX [canceling export operation creates cleartext copy of all of the user's KeePassX password database entries]
 	- keepassx <unfixed> (bug #791858)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/11/30/4
@@ -2,2 +14,3 @@
 CVE-2015-8375
+	RESERVED
 	NOT-FOR-US: PHP-Fusion
@@ -73,6 +86,7 @@
 CVE-2014-9757
 	RESERVED
 CVE-2015-8374 [information disclosure after file truncate on BTRFS]
+	RESERVED
 	- linux <unfixed>
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0305cd5f7fca85dae392b9ba85b116896eb7c1c7 (v4.4-rc1)
@@ -443,8 +457,8 @@
 	- linux-2.6 <removed>
 	NOTE: Patch for the kernel to harden against invalid MTUs: http://article.gmane.org/gmane.linux.network/351269
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77751427a1ff25b27d47a4c36b12c3c8667855ac (v4.0-rc3)
-CVE-2015-8214
-	RESERVED
+CVE-2015-8214 (Siemens SIMATIC CP 343-1 Advanced devices before 3.0.44, CP 343-1 Lean ...)
+	TODO: check
 CVE-2015-8213 [Fixed settings leak possibility in date template filter]
 	RESERVED
 	{DSA-3404-1 DLA-349-1}
@@ -1641,6 +1655,7 @@
 CVE-2015-7806
 	RESERVED
 CVE-2015-7805 (Heap-based buffer overflow in libsndfile 1.0.25 allows remote ...)
+	{DLA-356-1}
 	- libsndfile 1.0.25-10 (bug #804445)
 	NOTE: http://www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/
 	NOTE: https://www.exploit-db.com/exploits/38447/
@@ -1871,6 +1886,7 @@
 CVE-2015-7706
 	RESERVED
 CVE-2014-9756 (The psf_fwrite function in file_io.c in libsndfile allows attackers to ...)
+	{DLA-356-1}
 	- libsndfile 1.0.25-10 (bug #804447)
 	NOTE: https://github.com/erikd/libsndfile/commit/725c7dbb95bfaf8b4bb7b04820e3a00cceea9ce6
 CVE-2014-9753
@@ -23371,6 +23387,7 @@
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=610bfc6bc99bc83680d190ebc69359a05fc7f605 (v3.13-rc1)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5b6698b0e4a37053de35cc24ee695b98a7eb712b
 CVE-2014-9496 (The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows ...)
+	{DLA-356-1}
 	- libsndfile 1.0.25-9.1 (low; bug #774162)
 	[squeeze] - libsndfile <no-dsa> (Minor issue)
 	[wheezy] - libsndfile <no-dsa> (Minor issue)

More information about the Secure-testing-commits mailing list