[Secure-testing-commits] r37080 - data/CVE

Mon Oct 12 09:10:10 UTC 2015

Author: sectracker
Date: 2015-10-12 09:10:10 +0000 (Mon, 12 Oct 2015)
New Revision: 37080

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-10-12 08:19:02 UTC (rev 37079)
+++ data/CVE/list	2015-10-12 09:10:10 UTC (rev 37080)
@@ -1,12 +1,99 @@
+CVE-2015-7808
+	RESERVED
+CVE-2015-7807
+	RESERVED
+CVE-2015-7806
+	RESERVED
+CVE-2015-7805
+	RESERVED
+CVE-2015-7802
+	RESERVED
+CVE-2015-7801
+	RESERVED
+CVE-2015-7800
+	RESERVED
+CVE-2015-7799
+	RESERVED
+CVE-2015-7798
+	RESERVED
+CVE-2015-7797
+	RESERVED
+CVE-2015-7796
+	RESERVED
+CVE-2015-7795
+	RESERVED
+CVE-2015-7794
+	RESERVED
+CVE-2015-7793
+	RESERVED
+CVE-2015-7792
+	RESERVED
+CVE-2015-7791
+	RESERVED
+CVE-2015-7790
+	RESERVED
+CVE-2015-7789
+	RESERVED
+CVE-2015-7788
+	RESERVED
+CVE-2015-7787
+	RESERVED
+CVE-2015-7786
+	RESERVED
+CVE-2015-7785
+	RESERVED
+CVE-2015-7784
+	RESERVED
+CVE-2015-7783
+	RESERVED
+CVE-2015-7782
+	RESERVED
+CVE-2015-7781
+	RESERVED
+CVE-2015-7780
+	RESERVED
+CVE-2015-7779
+	RESERVED
+CVE-2015-7778
+	RESERVED
+CVE-2015-7777
+	RESERVED
+CVE-2015-7776
+	RESERVED
+CVE-2015-7775
+	RESERVED
+CVE-2015-7774
+	RESERVED
+CVE-2015-7773
+	RESERVED
+CVE-2015-7772
+	RESERVED
+CVE-2015-7771
+	RESERVED
+CVE-2015-7770
+	RESERVED
+CVE-2015-7769
+	RESERVED
+CVE-2015-7768 (Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote ...)
+	TODO: check
+CVE-2015-7767 (Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote ...)
+	TODO: check
+CVE-2015-7766 (PGSQL:SubmitQuery.do in ZOHO ManageEngine OpManager 11.6, 11.5, and ...)
+	TODO: check
+CVE-2015-7765 (ZOHO ManageEngine OpManager 11.5 build 11600 and earlier uses a ...)
+	TODO: check
 CVE-2015-7809 [arbitrary code execution via the _self variable]
+	RESERVED
 	- twig 1.20.0-1
 	[jessie] - twig 1.16.2-1+deb8u1
 	NOTE: Add jessie-tagged workaround item until CVE assigned
 	NOTE: http://symfony.com/blog/security-release-twig-1-20-0
 CVE-2015-7804 [Uninitialized pointer in phar_make_dirstream when zip entry filename is "/"]
+	RESERVED
 	- php5 5.6.14+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=70433
 CVE-2015-7803 [Null pointer dereference in phar_get_fp_offset()]
+	RESERVED
 	- php5 5.6.14+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69720
 CVE-2015-7764
@@ -200,6 +287,7 @@
 CVE-2015-7696
 	RESERVED
 CVE-2015-7695 [ZF2015-08: Potential SQL injection vector using null byte for PDO (MsSql, SQLite)]
+	RESERVED
 	- zendframework 1.12.16+dfsg-1
 	[jessie] - zendframework 1.12.9+dfsg-2+deb8u4
 	[wheezy] - zendframework 1.11.13-1.1+deb7u4
@@ -408,6 +496,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/01/10
 CVE-2015-7613 [Unauthorized access to IPC objects with SysV shm]
 	RESERVED
+	{DLA-325-1}
 	- linux 4.2.3-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9a532277938798b53178d5a66af6e2915cb27cf (v4.3-rc4)
@@ -5036,8 +5125,8 @@
 	RESERVED
 CVE-2015-5660
 	RESERVED
-CVE-2015-5659
-	RESERVED
+CVE-2015-5659 (SQL injection vulnerability in Network Applied Communication ...)
+	TODO: check
 CVE-2015-5658
 	RESERVED
 CVE-2015-5657
@@ -5046,8 +5135,7 @@
 	RESERVED
 CVE-2015-5655
 	RESERVED
-CVE-2015-5654 [cross-site scripting vulnerability]
-	RESERVED
+CVE-2015-5654 (Cross-site scripting (XSS) vulnerability in Dojo Toolkit before 1.2 ...)
 	- libjs-dojo-core <unfixed>
 	TODO: check
 CVE-2015-5653 (Buffer overflow in Canary Labs Trend Web Server before 9.5.2 allows ...)
@@ -5060,8 +5148,8 @@
 	TODO: check
 CVE-2015-5649 (Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles ...)
 	TODO: check
-CVE-2015-5648
-	RESERVED
+CVE-2015-5648 (SQL injection vulnerability in list.php in phpRechnung before 1.6.5 ...)
+	TODO: check
 CVE-2015-5647
 	RESERVED
 CVE-2015-5646
@@ -6152,6 +6240,7 @@
 	RESERVED
 CVE-2015-5257 [USB: whiteheat: potential null-deref at probe]
 	RESERVED
+	{DLA-325-1}
 	- linux 4.2.1-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbb4be652d374f64661137756b8f357a1827d6a4 (v4.3-rc3)
@@ -6231,11 +6320,9 @@
 	NOTE: Upstream doesn't seem to consider this a real issue. And Florian itself closed it as CANTFIX on the RedHat side. Maybe we should tag this unimportant instead? --Raphael Hertzog
 CVE-2015-5236
 	RESERVED
-CVE-2015-5235
-	RESERVED
+CVE-2015-5235 (IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly ...)
 	- icedtea-web <unfixed> (bug #798467)
-CVE-2015-5234
-	RESERVED
+CVE-2015-5234 (IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly ...)
 	- icedtea-web <unfixed> (bug #798467)
 CVE-2015-5233
 	RESERVED
@@ -7051,8 +7138,7 @@
 	NOT-FOR-US: IBM
 CVE-2015-4930 (IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 ...)
 	NOT-FOR-US: IBM QRadar SIEM
-CVE-2015-4929
-	RESERVED
+CVE-2015-4929 (IBM License Metric Tool 9 before 9.2.1.0 and Endpoint Manager for ...)
 	NOT-FOR-US: IBM
 CVE-2015-4928
 	RESERVED
@@ -12970,6 +13056,7 @@
 	NOTE: libv8 is not covered by security support
 CVE-2015-2925 [It is possible to escape from bind mounts]
 	RESERVED
+	{DLA-325-1}
 	- linux 4.2.1-1
 	[jessie] - linux 3.16.7-ckt11-1+deb8u4
 	- linux-2.6 <removed>
@@ -17758,8 +17845,7 @@
 	RESERVED
 CVE-2015-1338 (kernel_crashdump in Apport before 2.19 allows local users to cause a ...)
 	TODO: check
-CVE-2015-1337
-	RESERVED
+CVE-2015-1337 (Simple Streams (simplestreams) does not properly verify the GPG ...)
 	NOT-FOR-US: simplestreams
 CVE-2015-1336
 	RESERVED


