[Secure-testing-commits] r36810 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Wed Sep 23 21:10:11 UTC 2015


Author: sectracker
Date: 2015-09-23 21:10:11 +0000 (Wed, 23 Sep 2015)
New Revision: 36810

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-09-23 20:26:11 UTC (rev 36809)
+++ data/CVE/list	2015-09-23 21:10:11 UTC (rev 36810)
@@ -1,4 +1,33 @@
+CVE-2015-7326
+	RESERVED
+CVE-2015-7325
+	RESERVED
+CVE-2015-7324
+	RESERVED
+CVE-2015-7323
+	RESERVED
+CVE-2015-7322
+	RESERVED
+CVE-2015-7321
+	RESERVED
+CVE-2015-7320
+	RESERVED
+CVE-2015-7319
+	RESERVED
+CVE-2015-7318
+	RESERVED
+CVE-2015-7317
+	RESERVED
+CVE-2015-7316
+	RESERVED
+CVE-2015-7315
+	RESERVED
+CVE-2015-7310 (McAfee Enterprise Security Manager (ESM), Enterprise Security ...)
+	TODO: check
+CVE-2015-7309 (The theme editor in Bolt before 2.2.5 does not check the file ...)
+	TODO: check
 CVE-2015-7314
+	RESERVED
 	NOT-FOR-US: Gollum wiki
 CVE-2015-7308
 	RESERVED
@@ -28,10 +57,12 @@
 	- core-network <unfixed> (bug #799756)
 	NOTE: http://pf.itd.nrl.navy.mil/pipermail/core-users/2015-August/001837.html
 CVE-2015-7313 [DoS]
+	RESERVED
 	- tiff <unfixed>
 	- tiff3 <removed>
 	TODO: check
 CVE-2015-7311 [XSA-142]
+	RESERVED
 	- xen <unfixed>
 	[jessie] - xen <no-dsa> (Minor issue, can be fixed along in a later DSA)
 	[wheezy] - xen <no-dsa> (Minor issue, can be fixed along in a later DSA)
@@ -278,6 +309,7 @@
 	RESERVED
 CVE-2015-7180
 	RESERVED
+	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
@@ -291,21 +323,25 @@
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-113/
 CVE-2015-7177
 	RESERVED
+	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
 CVE-2015-7176
 	RESERVED
+	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
 CVE-2015-7175
 	RESERVED
+	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
 CVE-2015-7174
 	RESERVED
+	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
@@ -735,7 +771,7 @@
 	TODO: check
 CVE-2015-7236 [remote triggerable use-after-free in rpcbind]
 	RESERVED
-	{DLA-311-1}
+	{DSA-3366-1 DLA-311-1}
 	- rpcbind <unfixed> (bug #799307)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=946204
 	NOTE: http://www.spinics.net/lists/linux-nfs/msg53045.html
@@ -783,8 +819,8 @@
 	RESERVED
 CVE-2015-6941
 	RESERVED
-CVE-2015-6940
-	RESERVED
+CVE-2015-6940 (The GetResource servlet in Pentaho Business Analytics (BA) Suite ...)
+	TODO: check
 CVE-2015-XXXX [ross-site scripting vulnerability in the user list table]
 	- wordpress 4.3.1+dfsg-1 (bug #799140)
 	NOTE: https://github.com/WordPress/WordPress/commit/f91a5fd10ea7245e5b41e288624819a37adf290a
@@ -1006,6 +1042,7 @@
 	NOTE: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8240;selectid=8240
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/11/2
 CVE-2015-7312 [Use-after-free in Linux kernel with aufs mmap patch]
+	RESERVED
 	- linux <unfixed> (bug #796036)
 	[jessie] - linux 3.16.7-ckt11-1+deb8u4
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -6865,21 +6902,25 @@
 	RESERVED
 CVE-2015-4522 [Vulnerabilities found through code inspection]
 	RESERVED
+	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
 CVE-2015-4521 [Vulnerabilities found through code inspection]
 	RESERVED
+	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
 CVE-2015-4520 [Errors in the handling of CORS preflight request headers]
 	RESERVED
+	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-111/
 CVE-2015-4519 [Dragging and dropping images exposes final URL after redirects]
 	RESERVED
+	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-110/
@@ -6887,6 +6928,7 @@
 	RESERVED
 CVE-2015-4517 [Vulnerabilities found through code inspection]
 	RESERVED
+	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
@@ -6906,6 +6948,7 @@
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-107/
 CVE-2015-4511
 	RESERVED
+	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-105/
@@ -6915,6 +6958,7 @@
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-104/
 CVE-2015-4509 [Use-after-free while manipulating HTML media content]
 	RESERVED
+	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-106/
@@ -6928,6 +6972,7 @@
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-102/
 CVE-2015-4506 [Buffer overflow in libvpx while parsing vp9 format video]
 	RESERVED
+	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- libvpx <unfixed>
@@ -6954,6 +6999,7 @@
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-96/
 CVE-2015-4500 [Miscellaneous memory safety hazards]
 	RESERVED
+	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-96/




More information about the Secure-testing-commits mailing list