[Secure-testing-commits] r37258 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Thu Oct 22 21:10:12 UTC 2015


Author: sectracker
Date: 2015-10-22 21:10:12 +0000 (Thu, 22 Oct 2015)
New Revision: 37258

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-10-22 20:38:29 UTC (rev 37257)
+++ data/CVE/list	2015-10-22 21:10:12 UTC (rev 37258)
@@ -1,3 +1,25 @@
+CVE-2015-7883
+	RESERVED
+CVE-2015-7882
+	RESERVED
+CVE-2015-7881
+	RESERVED
+CVE-2015-7880
+	RESERVED
+CVE-2015-7879
+	RESERVED
+CVE-2015-7878
+	RESERVED
+CVE-2015-7877
+	RESERVED
+CVE-2015-7876 (The escapeLike function in sqlsrv/database.inc in the Drupal 7 driver ...)
+	TODO: check
+CVE-2015-7875
+	RESERVED
+CVE-2015-7874
+	RESERVED
+CVE-2015-7873
+	RESERVED
 CVE-2015-XXXX [Open Redirect - SA-CORE-2015-004]
 	- drupal7 7.41-1
 	NOTE: https://www.drupal.org/SA-CORE-2015-004
@@ -3,9 +25,11 @@
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/21/6
 CVE-2015-7885
+	RESERVED
 	- linux <unfixed>
 	- linux-2.6 <removed>
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/?id=4b6184336ebb5c8dc1eae7f7ab46ee608a748b05
 	TODO: check
 CVE-2015-7884
+	RESERVED
 	- linux <unfixed>
 	- linux-2.6 <removed>
@@ -93,6 +117,7 @@
 CVE-2015-7841
 	RESERVED
 CVE-2015-7872 [Keyrings crash triggerable by unprivileged user]
+	RESERVED
 	- linux <unfixed>
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
@@ -138,10 +163,10 @@
 	RESERVED
 CVE-2015-7824
 	RESERVED
-CVE-2015-7823
-	RESERVED
-CVE-2015-7822
-	RESERVED
+CVE-2015-7823 (Open redirect vulnerability in CMSPages/GetDocLink.ashx in Kentico CMS ...)
+	TODO: check
+CVE-2015-7822 (Multiple cross-site scripting (XSS) vulnerabilities in Kentico CMS 8.2 ...)
+	TODO: check
 CVE-2015-7821
 	RESERVED
 CVE-2015-7820
@@ -208,6 +233,7 @@
 	NOTE: Not a security flaw as the under-read does not depend on input
 CVE-2015-7801 [Use after free]
 	RESERVED
+	{DLA-332-1}
 	- optipng 0.7.5-1
 CVE-2015-7800
 	RESERVED
@@ -499,9 +525,11 @@
 	RESERVED
 CVE-2015-7697 [Infinite loop when extracting password-protected archive]
 	RESERVED
+	{DLA-330-1}
 	- unzip 6.0-19 (bug #802160)
 CVE-2015-7696 [Heap buffer overflow when extracting password-protected archive]
 	RESERVED
+	{DLA-330-1}
 	- unzip 6.0-19 (bug #802162)
 CVE-2015-7695 [ZF2015-08: Potential SQL injection vector using null byte for PDO (MsSql, SQLite)]
 	RESERVED
@@ -745,8 +773,7 @@
 CVE-2015-XXXX [trivial hash complexity DoS attack]
 	- php5 <unfixed> (bug #800564)
 	NOTE: https://bugs.php.net/bug.php?id=70644
-CVE-2015-7698 [oc-sa-2015-017]
-	RESERVED
+CVE-2015-7698 (icewind1991 SMB before 1.0.3 allows remote authenticated users to ...)
 	- php-smb 1.0.3a-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-017
 CVE-2015-7699 [oc-sa-2015-018]
@@ -1385,8 +1412,8 @@
 	RESERVED
 CVE-2015-7300
 	RESERVED
-CVE-2015-7299
-	RESERVED
+CVE-2015-7299 (SQL injection vulnerability in Runtime/Runtime/AjaxCall.ashx in K2 ...)
+	TODO: check
 CVE-2015-7298 [Improper validation of certificates when using self-signed certificates]
 	RESERVED
 	- owncloud-client <unfixed>
@@ -4615,13 +4642,11 @@
 	NOTE: http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/
 CVE-2015-5955
 	RESERVED
-CVE-2015-5954 [Disclosure of users files when deleting parent folders of shared files]
-	RESERVED
+CVE-2015-5954 (The virtual filesystem in ownCloud Server before 6.0.9, 7.0.x before ...)
 	{DSA-3373-1}
 	- owncloud 7.0.7~dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-011
-CVE-2015-5953 [Stored XSS in "activity" application]
-	RESERVED
+CVE-2015-5953 (Cross-site scripting (XSS) vulnerability in the activity application ...)
 	{DSA-3373-1}
 	- owncloud 7.0.6+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-010
@@ -6137,6 +6162,7 @@
 CVE-2012-6693 (GE Healthcare Centricity PACS 4.0 Server has a default password of (1) ...)
 	NOT-FOR-US: GE Healthcare Centricity PACS
 CVE-2011-5325 [Directory traversal via crafted tar file which contains a symlink pointing outside of the current directory]
+	RESERVED
 	- busybox <unfixed> (bug #802702)
 CVE-2011-5324 (The TeraRecon server, as used in GE Healthcare Centricity PACS-IW ...)
 	NOT-FOR-US: GE Healthcare Centricity PACS-IW
@@ -6361,6 +6387,7 @@
 	NOTE: https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch
 CVE-2015-5291 [Remote attack on clients using session tickets or SNI]
 	RESERVED
+	{DLA-331-1}
 	- polarssl <unfixed> (bug #801413)
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5291
@@ -7451,411 +7478,359 @@
 	RESERVED
 CVE-2015-4918
 	RESERVED
-CVE-2015-4917
-	RESERVED
-CVE-2015-4916
-	RESERVED
+CVE-2015-4917 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+	TODO: check
+CVE-2015-4916 (Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 ...)
 	- openjfx <unfixed>
-CVE-2015-4915
-	RESERVED
-CVE-2015-4914
-	RESERVED
-CVE-2015-4913
-	RESERVED
+CVE-2015-4915 (Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) ...)
+	TODO: check
+CVE-2015-4914 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+	TODO: check
+CVE-2015-4913 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <unfixed> (bug #802564)
 	- mariadb-10.0 <undetermined>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4912
-	RESERVED
-CVE-2015-4911
-	RESERVED
+CVE-2015-4912 (Unspecified vulnerability in the Oracle Access Manager component in ...)
+	TODO: check
+CVE-2015-4911 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; ...)
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4910
-	RESERVED
+CVE-2015-4910 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4909
-	RESERVED
-CVE-2015-4908
-	RESERVED
+CVE-2015-4909 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
+	TODO: check
+CVE-2015-4908 (Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 ...)
 	- openjfx <unfixed>
-CVE-2015-4907
-	RESERVED
-CVE-2015-4906
-	RESERVED
+CVE-2015-4907 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+	TODO: check
+CVE-2015-4906 (Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 ...)
 	- openjfx <unfixed>
-CVE-2015-4905
-	RESERVED
+CVE-2015-4905 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4904
-	RESERVED
+CVE-2015-4904 (Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4903
-	RESERVED
+CVE-2015-4903 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4902
-	RESERVED
+CVE-2015-4902 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 ...)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-4901
-	RESERVED
+CVE-2015-4901 (Unspecified vulnerability in Oracle Java SE 8u60 allows remote ...)
 	- openjfx <unfixed>
-CVE-2015-4900
-	RESERVED
-CVE-2015-4899
-	RESERVED
-CVE-2015-4898
-	RESERVED
+CVE-2015-4900 (Unspecified vulnerability in the XDB - XML Database component in ...)
+	TODO: check
+CVE-2015-4899 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+	TODO: check
+CVE-2015-4898 (Unspecified vulnerability in the Oracle Applications Framework ...)
+	TODO: check
 CVE-2015-4897
 	RESERVED
-CVE-2015-4896
-	RESERVED
+CVE-2015-4896 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
 	- virtualbox <unfixed>
 	- virtualbox-ose <removed>
-CVE-2015-4895
-	RESERVED
+CVE-2015-4895 (Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4894
-	RESERVED
-CVE-2015-4893
-	RESERVED
+CVE-2015-4894 (Unspecified vulnerability in the Mobile Server component in Oracle ...)
+	TODO: check
+CVE-2015-4893 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; ...)
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4892
-	RESERVED
-CVE-2015-4891
-	RESERVED
-CVE-2015-4890
-	RESERVED
+CVE-2015-4892 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+	TODO: check
+CVE-2015-4891 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+	TODO: check
+CVE-2015-4890 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
 CVE-2015-4889
 	RESERVED
-CVE-2015-4888
-	RESERVED
-CVE-2015-4887
-	RESERVED
-CVE-2015-4886
-	RESERVED
+CVE-2015-4888 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+	TODO: check
+CVE-2015-4887 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+	TODO: check
+CVE-2015-4886 (Unspecified vulnerability in the Oracle Report Manager component in ...)
+	TODO: check
 CVE-2015-4885
 	RESERVED
-CVE-2015-4884
-	RESERVED
-CVE-2015-4883
-	RESERVED
+CVE-2015-4884 (Unspecified vulnerability in the Oracle Application Object Library ...)
+	TODO: check
+CVE-2015-4883 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4882
-	RESERVED
+CVE-2015-4882 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4881
-	RESERVED
+CVE-2015-4881 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4880
-	RESERVED
-CVE-2015-4879
-	RESERVED
+CVE-2015-4880 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+	TODO: check
+CVE-2015-4879 (Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <unfixed> (bug #802564)
 	- mariadb-10.0 <undetermined>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4878
-	RESERVED
-CVE-2015-4877
-	RESERVED
-CVE-2015-4876
-	RESERVED
-CVE-2015-4875
-	RESERVED
-CVE-2015-4874
-	RESERVED
-CVE-2015-4873
-	RESERVED
-CVE-2015-4872
-	RESERVED
+CVE-2015-4878 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+	TODO: check
+CVE-2015-4877 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+	TODO: check
+CVE-2015-4876 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+	TODO: check
+CVE-2015-4875 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+	TODO: check
+CVE-2015-4874 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+	TODO: check
+CVE-2015-4873 (Unspecified vulnerability in the Database Scheduler component in ...)
+	TODO: check
+CVE-2015-4872 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; ...)
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4871
-	RESERVED
+CVE-2015-4871 (Unspecified vulnerability in Oracle Java SE 7u85 allows remote ...)
 	- openjdk-7 <unfixed>
-CVE-2015-4870
-	RESERVED
+CVE-2015-4870 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <unfixed> (bug #802564)
 	- mariadb-10.0 <undetermined>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4869
-	RESERVED
-CVE-2015-4868
-	RESERVED
+CVE-2015-4869 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows ...)
+	TODO: check
+CVE-2015-4868 (Unspecified vulnerability in Oracle Java SE 8u60 and Java SE Embedded ...)
 	- openjdk-8 8u66-b17-1
-CVE-2015-4867
-	RESERVED
-CVE-2015-4866
-	RESERVED
+CVE-2015-4867 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+	TODO: check
+CVE-2015-4866 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4865
-	RESERVED
-CVE-2015-4864
-	RESERVED
+CVE-2015-4865 (Unspecified vulnerability in the Oracle Applications Framework ...)
+	TODO: check
+CVE-2015-4864 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <unfixed>
 	[jessie] - mysql-5.5 5.5.44-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.44-0+deb7u1
-CVE-2015-4863
-	RESERVED
-CVE-2015-4862
-	RESERVED
+CVE-2015-4863 (Unspecified vulnerability in the Portable Clusterware component in ...)
+	TODO: check
+CVE-2015-4862 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4861
-	RESERVED
+CVE-2015-4861 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <unfixed> (bug #802564)
 	- mariadb-10.0 <undetermined>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4860
-	RESERVED
+CVE-2015-4860 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4859
-	RESERVED
-CVE-2015-4858
-	RESERVED
+CVE-2015-4859 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+	TODO: check
+CVE-2015-4858 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <unfixed> (bug #802564)
 	- mariadb-10.0 <undetermined>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4857
-	RESERVED
-CVE-2015-4856
-	RESERVED
+CVE-2015-4857 (Unspecified vulnerability in the RDBMS component in Oracle Database ...)
+	TODO: check
+CVE-2015-4856 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
 	- virtualbox 5.0.0-dfsg-1
 	[jessie] - virtualbox 4.3.30-dfsg-1+deb8u1
 	[wheezy] - virtualbox 4.1.40-dfsg-1+deb7u1
 	- virtualbox-ose <removed>
 CVE-2015-4855
 	RESERVED
-CVE-2015-4854
-	RESERVED
+CVE-2015-4854 (Unspecified vulnerability in the Oracle Application Object Library ...)
+	TODO: check
 CVE-2015-4853
 	RESERVED
 CVE-2015-4852
 	RESERVED
-CVE-2015-4851
-	RESERVED
-CVE-2015-4850
-	RESERVED
-CVE-2015-4849
-	RESERVED
-CVE-2015-4848
-	RESERVED
-CVE-2015-4847
-	RESERVED
-CVE-2015-4846
-	RESERVED
-CVE-2015-4845
-	RESERVED
-CVE-2015-4844
-	RESERVED
+CVE-2015-4851 (Unspecified vulnerability in the Oracle iSupplier Portal component in ...)
+	TODO: check
+CVE-2015-4850 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+	TODO: check
+CVE-2015-4849 (Unspecified vulnerability in the Oracle Payments component in Oracle ...)
+	TODO: check
+CVE-2015-4848 (Unspecified vulnerability in the Oracle Configurator component in ...)
+	TODO: check
+CVE-2015-4847 (Unspecified vulnerability in the Oracle Configurator component in ...)
+	TODO: check
+CVE-2015-4846 (Unspecified vulnerability in the Oracle Applications Manager component ...)
+	TODO: check
+CVE-2015-4845 (Unspecified vulnerability in the Oracle Application Object Library ...)
+	TODO: check
+CVE-2015-4844 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4843
-	RESERVED
+CVE-2015-4843 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4842
-	RESERVED
+CVE-2015-4842 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4841
-	RESERVED
-CVE-2015-4840
-	RESERVED
+CVE-2015-4841 (Unspecified vulnerability in the Siebel Core - Server Framework ...)
+	TODO: check
+CVE-2015-4840 (Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE ...)
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4839
-	RESERVED
-CVE-2015-4838
-	RESERVED
-CVE-2015-4837
-	RESERVED
-CVE-2015-4836
-	RESERVED
+CVE-2015-4839 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+	TODO: check
+CVE-2015-4838 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
+	TODO: check
+CVE-2015-4837 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+	TODO: check
+CVE-2015-4836 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <unfixed> (bug #802564)
 	- mariadb-10.0 <undetermined>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4835
-	RESERVED
+CVE-2015-4835 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4834
-	RESERVED
-CVE-2015-4833
-	RESERVED
+CVE-2015-4834 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+	TODO: check
+CVE-2015-4833 (Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4832
-	RESERVED
-CVE-2015-4831
-	RESERVED
-CVE-2015-4830
-	RESERVED
+CVE-2015-4832 (Unspecified vulnerability in the Oracle Identity Manager component in ...)
+	TODO: check
+CVE-2015-4831 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+	TODO: check
+CVE-2015-4830 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <unfixed> (bug #802564)
 	- mariadb-10.0 <undetermined>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
 CVE-2015-4829
 	RESERVED
-CVE-2015-4828
-	RESERVED
-CVE-2015-4827
-	RESERVED
-CVE-2015-4826
-	RESERVED
+CVE-2015-4828 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM component ...)
+	TODO: check
+CVE-2015-4827 (Unspecified vulnerability in the Oracle Retail Open Commerce Platform ...)
+	TODO: check
+CVE-2015-4826 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <unfixed> (bug #802564)
 	- mariadb-10.0 <undetermined>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4825
-	RESERVED
-CVE-2015-4824
-	RESERVED
-CVE-2015-4823
-	RESERVED
-CVE-2015-4822
-	RESERVED
-CVE-2015-4821
-	RESERVED
-CVE-2015-4820
-	RESERVED
-CVE-2015-4819
-	RESERVED
+CVE-2015-4825 (Unspecified vulnerability in the PeopleSoft Enterprise FIN Expenses ...)
+	TODO: check
+CVE-2015-4824 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+	TODO: check
+CVE-2015-4823 (Unspecified vulnerability in the Hyperion Installation Technology ...)
+	TODO: check
+CVE-2015-4822 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+	TODO: check
+CVE-2015-4821 (Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) ...)
+	TODO: check
+CVE-2015-4820 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+	TODO: check
+CVE-2015-4819 (Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <unfixed> (bug #802564)
 	- mariadb-10.0 <undetermined>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4818
-	RESERVED
-CVE-2015-4817
-	RESERVED
-CVE-2015-4816
-	RESERVED
+CVE-2015-4818 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+	TODO: check
+CVE-2015-4817 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+	TODO: check
+CVE-2015-4816 (Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.5)
 	- mysql-5.5 <unfixed> (bug #802564)
 	- mariadb-10.0 <undetermined>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4815
-	RESERVED
+CVE-2015-4815 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <unfixed> (bug #802564)
 	- mariadb-10.0 <undetermined>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
 CVE-2015-4814
 	RESERVED
-CVE-2015-4813
-	RESERVED
+CVE-2015-4813 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
 	- virtualbox <unfixed>
 	- virtualbox-ose <removed>
-CVE-2015-4812
-	RESERVED
-CVE-2015-4811
-	RESERVED
-CVE-2015-4810
-	RESERVED
+CVE-2015-4812 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+	TODO: check
+CVE-2015-4811 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+	TODO: check
+CVE-2015-4810 (Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local ...)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-4809
-	RESERVED
+CVE-2015-4809 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+	TODO: check
 CVE-2015-4808
 	RESERVED
-CVE-2015-4807
-	RESERVED
+CVE-2015-4807 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier ...)
 	- mysql-5.6 <not-affected> (Only on Windows plattform)
 	- mysql-5.5 <not-affected> (Only on Windows plattform)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4806
-	RESERVED
+CVE-2015-4806 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4805
-	RESERVED
+CVE-2015-4805 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4804
-	RESERVED
-CVE-2015-4803
-	RESERVED
+CVE-2015-4804 (Unspecified vulnerability in the PeopleSoft Enterprise HCM Talent ...)
+	TODO: check
+CVE-2015-4803 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; ...)
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4802
-	RESERVED
+CVE-2015-4802 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <unfixed> (bug #802564)
 	- mariadb-10.0 <undetermined>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4801
-	RESERVED
-CVE-2015-4800
-	RESERVED
+CVE-2015-4801 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
+	TODO: check
+CVE-2015-4800 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4799
-	RESERVED
-CVE-2015-4798
-	RESERVED
-CVE-2015-4797
-	RESERVED
-CVE-2015-4796
-	RESERVED
-CVE-2015-4795
-	RESERVED
-CVE-2015-4794
-	RESERVED
-CVE-2015-4793
-	RESERVED
-CVE-2015-4792
-	RESERVED
+CVE-2015-4799 (Unspecified vulnerability in the Oracle WebCenter Sites component in ...)
+	TODO: check
+CVE-2015-4798 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+	TODO: check
+CVE-2015-4797 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+	TODO: check
+CVE-2015-4796 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+	TODO: check
+CVE-2015-4795 (Unspecified vulnerability in the Oracle Utilities Work and Asset ...)
+	TODO: check
+CVE-2015-4794 (Unspecified vulnerability in the Java VM component in Oracle Database ...)
+	TODO: check
+CVE-2015-4793 (Unspecified vulnerability in the Oracle Communications Convergence ...)
+	TODO: check
+CVE-2015-4792 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <unfixed> (bug #802564)
 	- mariadb-10.0 <undetermined>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4791
-	RESERVED
+CVE-2015-4791 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier ...)
 	- mysql-5.6 <not-affected> (Only on Windows plattform)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
@@ -7915,8 +7890,7 @@
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4766
-	RESERVED
+CVE-2015-4766 (Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier ...)
 	- mysql-5.6 <unfixed> (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
@@ -7926,8 +7900,8 @@
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
 CVE-2015-4763 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2015-4762
-	RESERVED
+CVE-2015-4762 (Unspecified vulnerability in the Oracle Applications DBA component in ...)
+	TODO: check
 CVE-2015-4761 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
@@ -8022,8 +7996,7 @@
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2015-4735 (Unspecified vulnerability in the Enterprise Manager for Oracle ...)
 	NOT-FOR-US: Oracle Database
-CVE-2015-4734
-	RESERVED
+CVE-2015-4734 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and ...)
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
@@ -8051,8 +8024,7 @@
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
-CVE-2015-4730
-	RESERVED
+CVE-2015-4730 (Unspecified vulnerability in Oracle MySQL 5.6.20 and earlier allows ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
@@ -8079,20 +8051,17 @@
 	RESERVED
 CVE-2015-4719
 	RESERVED
-CVE-2015-4718 [Command injection when using external SMB storage]
-	RESERVED
+CVE-2015-4718 (The external SMB storage driver in ownCloud Server before 6.0.8, 7.0.x ...)
 	{DSA-3373-1}
 	- owncloud 7.0.6+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-008
 	NOTE: https://github.com/owncloud/core/commit/200e9d949783efbd57f39acedebc03924c1dfff4
-CVE-2015-4717 [Resource Exthaustion when sanitizing filenames]
-	RESERVED
+CVE-2015-4717 (The filename sanitization component in ownCloud Server before 6.0.8, ...)
 	{DSA-3373-1}
 	- owncloud 7.0.6+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-007
 	NOTE: https://github.com/owncloud/core/commit/5fa749cd9656ca6eab30bac0ef4e7625b8a8be2e
-CVE-2015-4716 [Local file inclusion on MS Windows Platform]
-	RESERVED
+CVE-2015-4716 (Directory traversal vulnerability in the routing component in ownCloud ...)
 	{DSA-3373-1}
 	- owncloud 7.0.6+dfsg-1 (unimportant)
 	NOTE: Specific to installations on Windows
@@ -11941,6 +11910,7 @@
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756456#c0
 	TODO: check
 CVE-2015-7941 [out-of-bounds memory access]
+	{DLA-266-1}
 	- libxml2 2.9.2+really2.9.1+dfsg1-0.1 (bug #783010)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=744980
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/19/5
@@ -14246,8 +14216,8 @@
 	- mysql-5.5 <unfixed> (bug #792445)
 	- mariadb-10.0 10.0.20-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2642
-	RESERVED
+CVE-2015-2642 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows ...)
+	TODO: check
 CVE-2015-2641 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
@@ -14274,8 +14244,8 @@
 	NOT-FOR-US: Oracle Fusion
 CVE-2015-2634 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2633
-	RESERVED
+CVE-2015-2633 (Unspecified vulnerability in the Enterprise Manager Ops Center ...)
+	TODO: check
 CVE-2015-2632 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 ...)
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
@@ -14365,8 +14335,8 @@
 	NOT-FOR-US: Oracle E-Business
 CVE-2015-2609 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local ...)
 	NOT-FOR-US: Solaris (performance counters)
-CVE-2015-2608
-	RESERVED
+CVE-2015-2608 (Unspecified vulnerability in (1) the Oracle Communications Diameter ...)
+	TODO: check
 CVE-2015-2607 (Unspecified vulnerability in the Oracle Commerce Guided Search / ...)
 	NOT-FOR-US: Oracle Commerce
 CVE-2015-2606 (Unspecified vulnerability in the Oracle Endeca Information Discovery ...)
@@ -16632,8 +16602,8 @@
 CVE-2015-1830 (Directory traversal vulnerability in the fileserver upload/download ...)
 	- activemq <not-affected> (Only affects activemq on Windows)
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt
-CVE-2015-1829
-	RESERVED
+CVE-2015-1829 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+	TODO: check
 CVE-2015-1828
 	RESERVED
 CVE-2015-1827 (The get_user_grouplist function in the extdom plug-in in FreeIPA ...)




More information about the Secure-testing-commits mailing list