[Secure-testing-commits] r43795 - data/CVE

Fri Aug 5 21:10:12 UTC 2016

Author: sectracker
Date: 2016-08-05 21:10:12 +0000 (Fri, 05 Aug 2016)
New Revision: 43795

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2016-08-05 20:34:20 UTC (rev 43794)
+++ data/CVE/list	2016-08-05 21:10:12 UTC (rev 43795)
@@ -1,16 +1,173 @@
+CVE-2016-6603
+	RESERVED
+CVE-2016-6602
+	RESERVED
+CVE-2016-6601
+	RESERVED
+CVE-2016-6600
+	RESERVED
+CVE-2016-6599
+	RESERVED
+CVE-2016-6598
+	RESERVED
+CVE-2016-6597
+	RESERVED
+CVE-2016-6596
+	RESERVED
+CVE-2016-6594
+	RESERVED
+CVE-2016-6593
+	RESERVED
+CVE-2016-6592
+	RESERVED
+CVE-2016-6591
+	RESERVED
+CVE-2016-6590
+	RESERVED
+CVE-2016-6589
+	RESERVED
+CVE-2016-6588
+	RESERVED
+CVE-2016-6587
+	RESERVED
+CVE-2016-6586
+	RESERVED
+CVE-2016-6585
+	RESERVED
+CVE-2016-6584
+	RESERVED
+CVE-2016-6583
+	RESERVED
+CVE-2016-6582
+	RESERVED
+CVE-2016-6579
+	RESERVED
+CVE-2016-6578
+	RESERVED
+CVE-2016-6577
+	RESERVED
+CVE-2016-6576
+	RESERVED
+CVE-2016-6575
+	RESERVED
+CVE-2016-6574
+	RESERVED
+CVE-2016-6573
+	RESERVED
+CVE-2016-6572
+	RESERVED
+CVE-2016-6571
+	RESERVED
+CVE-2016-6570
+	RESERVED
+CVE-2016-6569
+	RESERVED
+CVE-2016-6568
+	RESERVED
+CVE-2016-6567
+	RESERVED
+CVE-2016-6566
+	RESERVED
+CVE-2016-6565
+	RESERVED
+CVE-2016-6564
+	RESERVED
+CVE-2016-6563
+	RESERVED
+CVE-2016-6562
+	RESERVED
+CVE-2016-6561
+	RESERVED
+CVE-2016-6560
+	RESERVED
+CVE-2016-6559
+	RESERVED
+CVE-2016-6558
+	RESERVED
+CVE-2016-6557
+	RESERVED
+CVE-2016-6556
+	RESERVED
+CVE-2016-6555
+	RESERVED
+CVE-2016-6554
+	RESERVED
+CVE-2016-6553
+	RESERVED
+CVE-2016-6552
+	RESERVED
+CVE-2016-6551
+	RESERVED
+CVE-2016-6550
+	RESERVED
+CVE-2016-6549
+	RESERVED
+CVE-2016-6548
+	RESERVED
+CVE-2016-6547
+	RESERVED
+CVE-2016-6546
+	RESERVED
+CVE-2016-6545
+	RESERVED
+CVE-2016-6544
+	RESERVED
+CVE-2016-6543
+	RESERVED
+CVE-2016-6542
+	RESERVED
+CVE-2016-6541
+	RESERVED
+CVE-2016-6540
+	RESERVED
+CVE-2016-6539
+	RESERVED
+CVE-2016-6538
+	RESERVED
+CVE-2016-6537
+	RESERVED
+CVE-2016-6536
+	RESERVED
+CVE-2016-6535
+	RESERVED
+CVE-2016-6534
+	RESERVED
+CVE-2016-6533
+	RESERVED
+CVE-2016-6532
+	RESERVED
+CVE-2016-6531
+	RESERVED
+CVE-2016-6530
+	RESERVED
+CVE-2016-6529
+	RESERVED
+CVE-2016-6528
+	RESERVED
+CVE-2016-6524
+	RESERVED
+CVE-2008-7318
+	RESERVED
+CVE-2008-7317
+	RESERVED
 CVE-2016-6527
+	RESERVED
 	NOT-FOR-US: Samsung
 	NOTE: http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016
 CVE-2016-6526
+	RESERVED
 	NOT-FOR-US: Samsung
 	NOTE: http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016
 CVE-2016-6595 [DoS via repeatedly joining and quitting swarm cluster as a node]
+	RESERVED
 	- docker.io <not-affected> (Only affects Docker 1.12)
 	NOTE: http://seclists.org/oss-sec/2016/q3/198
 CVE-2016-6581 [HPACK Bomb]
+	RESERVED
 	- python-hpack <unfixed> (bug #833467)
 	NOTE: https://github.com/python-hyper/hpack/pull/56
 CVE-2016-6580
+	RESERVED
 	NOT-FOR-US: Python Priority
 	NOTE: https://github.com/python-hyper/priority/pull/23
 CVE-2016-6519
@@ -38,6 +195,7 @@
 CVE-2016-6496
 	RESERVED
 CVE-2016-6525 [heap overflow in pdf_load_mesh_params()]
+	RESERVED
 	- mupdf <unfixed> (bug #833417)
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=696954
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e
@@ -565,7 +723,7 @@
 	NOTE: NTP server not enabled by default in debian/config/pkg/* via CONFIG_NTPD
 	NOTE: Fixed by: https://git.busybox.net/busybox/commit/?id=150dc7a2b483b8338a3e185c478b4b23ee884e71
 CVE-2016-6300
-	RESERVED
+	REJECTED
 CVE-2016-6299
 	RESERVED
 CVE-2016-6298
@@ -4077,63 +4235,52 @@
 	RESERVED
 CVE-2016-5269
 	RESERVED
-CVE-2016-5268
-	RESERVED
+CVE-2016-5268 (Mozilla Firefox before 48.0 does not properly set the LINKABLE and ...)
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-83/
-CVE-2016-5267
-	RESERVED
+CVE-2016-5267 (Mozilla Firefox before 48.0 on Android allows remote attackers to ...)
 	- firefox <not-affected> (Android-specific)
 	- firefox-esr <not-affected> (Android-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-82/
-CVE-2016-5266
-	RESERVED
+CVE-2016-5266 (Mozilla Firefox before 48.0 does not properly restrict drag-and-drop ...)
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-81/
-CVE-2016-5265
-	RESERVED
+CVE-2016-5265 (Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-80/
-CVE-2016-5264
-	RESERVED
+CVE-2016-5264 (Use-after-free vulnerability in the ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-79/
-CVE-2016-5263
-	RESERVED
+CVE-2016-5263 (The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-78/
-CVE-2016-5262
-	RESERVED
+CVE-2016-5262 (Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-76/
-CVE-2016-5261
-	RESERVED
+CVE-2016-5261 (Integer overflow in the WebSocketChannel class in the WebSockets ...)
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-75/
-CVE-2016-5260
-	RESERVED
+CVE-2016-5260 (Mozilla Firefox before 48.0 mishandles changes from 'INPUT ...)
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-74/
-CVE-2016-5259
-	RESERVED
+CVE-2016-5259 (Use-after-free vulnerability in the CanonicalizeXPCOMParticipant ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-73/
-CVE-2016-5258
-	RESERVED
+CVE-2016-5258 (Use-after-free vulnerability in the WebRTC socket thread in Mozilla ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
@@ -4142,35 +4289,29 @@
 	RESERVED
 CVE-2016-5256
 	RESERVED
-CVE-2016-5255
-	RESERVED
+CVE-2016-5255 (Use-after-free vulnerability in the js::PreliminaryObjectArray::sweep ...)
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-71/
-CVE-2016-5254
-	RESERVED
+CVE-2016-5254 (Use-after-free vulnerability in the nsXULPopupManager::KeyDown ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-70/
-CVE-2016-5253
-	RESERVED
+CVE-2016-5253 (The Updater in Mozilla Firefox before 48.0 on Windows allows local ...)
 	- firefox <not-affected> (Only affects Windows)
 	- firefox-esr <not-affected> (Only affects Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-69/
-CVE-2016-5252
-	RESERVED
+CVE-2016-5252 (Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-67/
-CVE-2016-5251
-	RESERVED
+CVE-2016-5251 (Mozilla Firefox before 48.0 allows remote attackers to spoof the ...)
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-66/
-CVE-2016-5250
-	RESERVED
+CVE-2016-5250 (Mozilla Firefox before 48.0 allows remote attackers to obtain ...)
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-84/
@@ -11406,32 +11547,27 @@
 	NOTE: This depends on a user namespace creator being able to mount aufs.
 	NOTE: jessie: Unprivileged users are not allowed to create user namespaces by default; aufs is not allowed to be mounted from a new user namespace by default.
 	NOTE: wheezy: User namespaces are non-functional.
-CVE-2016-2839
-	RESERVED
+CVE-2016-2839 (Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux ...)
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-65/
 	TODO: check details, what is ffmpeg 0.10 supposed to mean?
-CVE-2016-2838
-	RESERVED
+CVE-2016-2838 (Heap-based buffer overflow in the nsBidi::BracketData::AddOpening ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-64/
-CVE-2016-2837
-	RESERVED
+CVE-2016-2837 (Heap-based buffer overflow in the ClearKey Content Decryption Module ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-77/
-CVE-2016-2836
-	RESERVED
+CVE-2016-2836 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/
-CVE-2016-2835
-	RESERVED
+CVE-2016-2835 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/
@@ -11451,8 +11587,7 @@
 	{DSA-3600-1 DLA-521-1}
 	- firefox-esr 45.2.0esr-1
 	- firefox 47.0-1
-CVE-2016-2830
-	RESERVED
+CVE-2016-2830 (Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1


