[Secure-testing-commits] r43966 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Fri Aug 12 21:10:10 UTC 2016
Author: sectracker
Date: 2016-08-12 21:10:10 +0000 (Fri, 12 Aug 2016)
New Revision: 43966
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-08-12 20:59:51 UTC (rev 43965)
+++ data/CVE/list 2016-08-12 21:10:10 UTC (rev 43966)
@@ -1,3 +1,247 @@
+CVE-2016-6792
+ RESERVED
+CVE-2016-6791
+ RESERVED
+CVE-2016-6790
+ RESERVED
+CVE-2016-6789
+ RESERVED
+CVE-2016-6788
+ RESERVED
+CVE-2016-6787
+ RESERVED
+CVE-2016-6786
+ RESERVED
+CVE-2016-6785
+ RESERVED
+CVE-2016-6784
+ RESERVED
+CVE-2016-6783
+ RESERVED
+CVE-2016-6782
+ RESERVED
+CVE-2016-6781
+ RESERVED
+CVE-2016-6780
+ RESERVED
+CVE-2016-6779
+ RESERVED
+CVE-2016-6778
+ RESERVED
+CVE-2016-6777
+ RESERVED
+CVE-2016-6776
+ RESERVED
+CVE-2016-6775
+ RESERVED
+CVE-2016-6774
+ RESERVED
+CVE-2016-6773
+ RESERVED
+CVE-2016-6772
+ RESERVED
+CVE-2016-6771
+ RESERVED
+CVE-2016-6770
+ RESERVED
+CVE-2016-6769
+ RESERVED
+CVE-2016-6768
+ RESERVED
+CVE-2016-6767
+ RESERVED
+CVE-2016-6766
+ RESERVED
+CVE-2016-6765
+ RESERVED
+CVE-2016-6764
+ RESERVED
+CVE-2016-6763
+ RESERVED
+CVE-2016-6762
+ RESERVED
+CVE-2016-6761
+ RESERVED
+CVE-2016-6760
+ RESERVED
+CVE-2016-6759
+ RESERVED
+CVE-2016-6758
+ RESERVED
+CVE-2016-6757
+ RESERVED
+CVE-2016-6756
+ RESERVED
+CVE-2016-6755
+ RESERVED
+CVE-2016-6754
+ RESERVED
+CVE-2016-6753
+ RESERVED
+CVE-2016-6752
+ RESERVED
+CVE-2016-6751
+ RESERVED
+CVE-2016-6750
+ RESERVED
+CVE-2016-6749
+ RESERVED
+CVE-2016-6748
+ RESERVED
+CVE-2016-6747
+ RESERVED
+CVE-2016-6746
+ RESERVED
+CVE-2016-6745
+ RESERVED
+CVE-2016-6744
+ RESERVED
+CVE-2016-6743
+ RESERVED
+CVE-2016-6742
+ RESERVED
+CVE-2016-6741
+ RESERVED
+CVE-2016-6740
+ RESERVED
+CVE-2016-6739
+ RESERVED
+CVE-2016-6738
+ RESERVED
+CVE-2016-6737
+ RESERVED
+CVE-2016-6736
+ RESERVED
+CVE-2016-6735
+ RESERVED
+CVE-2016-6734
+ RESERVED
+CVE-2016-6733
+ RESERVED
+CVE-2016-6732
+ RESERVED
+CVE-2016-6731
+ RESERVED
+CVE-2016-6730
+ RESERVED
+CVE-2016-6729
+ RESERVED
+CVE-2016-6728
+ RESERVED
+CVE-2016-6727
+ RESERVED
+CVE-2016-6726
+ RESERVED
+CVE-2016-6725
+ RESERVED
+CVE-2016-6724
+ RESERVED
+CVE-2016-6723
+ RESERVED
+CVE-2016-6722
+ RESERVED
+CVE-2016-6721
+ RESERVED
+CVE-2016-6720
+ RESERVED
+CVE-2016-6719
+ RESERVED
+CVE-2016-6718
+ RESERVED
+CVE-2016-6717
+ RESERVED
+CVE-2016-6716
+ RESERVED
+CVE-2016-6715
+ RESERVED
+CVE-2016-6714
+ RESERVED
+CVE-2016-6713
+ RESERVED
+CVE-2016-6712
+ RESERVED
+CVE-2016-6711
+ RESERVED
+CVE-2016-6710
+ RESERVED
+CVE-2016-6709
+ RESERVED
+CVE-2016-6708
+ RESERVED
+CVE-2016-6707
+ RESERVED
+CVE-2016-6706
+ RESERVED
+CVE-2016-6705
+ RESERVED
+CVE-2016-6704
+ RESERVED
+CVE-2016-6703
+ RESERVED
+CVE-2016-6702
+ RESERVED
+CVE-2016-6701
+ RESERVED
+CVE-2016-6700
+ RESERVED
+CVE-2016-6699
+ RESERVED
+CVE-2016-6698
+ RESERVED
+CVE-2016-6697
+ RESERVED
+CVE-2016-6696
+ RESERVED
+CVE-2016-6695
+ RESERVED
+CVE-2016-6694
+ RESERVED
+CVE-2016-6693
+ RESERVED
+CVE-2016-6692
+ RESERVED
+CVE-2016-6691
+ RESERVED
+CVE-2016-6690
+ RESERVED
+CVE-2016-6689
+ RESERVED
+CVE-2016-6688
+ RESERVED
+CVE-2016-6687
+ RESERVED
+CVE-2016-6686
+ RESERVED
+CVE-2016-6685
+ RESERVED
+CVE-2016-6684
+ RESERVED
+CVE-2016-6683
+ RESERVED
+CVE-2016-6682
+ RESERVED
+CVE-2016-6681
+ RESERVED
+CVE-2016-6680
+ RESERVED
+CVE-2016-6679
+ RESERVED
+CVE-2016-6678
+ RESERVED
+CVE-2016-6677
+ RESERVED
+CVE-2016-6676
+ RESERVED
+CVE-2016-6675
+ RESERVED
+CVE-2016-6674
+ RESERVED
+CVE-2016-6673
+ RESERVED
+CVE-2016-6672
+ RESERVED
+CVE-2015-8950
+ RESERVED
CVE-2016-XXXX [Double free]
- imagemagick <unfixed> (bug #834183)
NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30245
@@ -27,6 +271,7 @@
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/11/5
TODO: check
CVE-2016-6671 [buffer overflow when decoding swf]
+ RESERVED
- ffmpeg 7:3.1.2-1
CVE-2016-6670
RESERVED
@@ -375,8 +620,7 @@
RESERVED
CVE-2016-6598
RESERVED
-CVE-2016-6597
- RESERVED
+CVE-2016-6597 (Sophos EAS Proxy before 6.2.0 for Sophos Mobile Control, when Lotus ...)
NOT-FOR-US: Sophos EAS Proxy
NOTE: https://www.pallas.com/advisories/sophos_eas_open_reverse_proxy_vulnerability
CVE-2016-6596
@@ -655,6 +899,7 @@
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2193bea3212d74e2a907152055e27d409b59485e
NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
CVE-2016-6511 (epan/proto.c in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 ...)
+ {DSA-3648-1}
- wireshark 2.0.5+ga3be9c6-1
NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13.
NOTE: https://www.wireshark.org/security/wnpa-sec-2016-47.html
@@ -662,6 +907,7 @@
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=56706427f53cc64793870bf072c2c06248ae88f3
NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
CVE-2016-6510 (Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector ...)
+ {DSA-3648-1}
- wireshark 2.0.5+ga3be9c6-1
NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13.
NOTE: https://www.wireshark.org/security/wnpa-sec-2016-46.html
@@ -669,6 +915,7 @@
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=47a5fa850b388fcf4ea762073806f01b459820fe
NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
CVE-2016-6509 (epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark ...)
+ {DSA-3648-1}
- wireshark 2.0.5+ga3be9c6-1
NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13.
NOTE: https://www.wireshark.org/security/wnpa-sec-2016-45.html
@@ -676,6 +923,7 @@
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5a469ddc893f7c1912d0e15cc73bd3011e6cc2fb
NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
CVE-2016-6508 (epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x ...)
+ {DSA-3648-1}
- wireshark 2.0.5+ga3be9c6-1
NOTE: https://www.wireshark.org/security/wnpa-sec-2016-44.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12660
@@ -683,6 +931,7 @@
NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13.
NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
CVE-2016-6507 (epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark ...)
+ {DSA-3648-1}
- wireshark 2.0
NOTE: Only affects 1.12, marking 2.0 as fixed
NOTE: https://www.wireshark.org/security/wnpa-sec-2016-43.html
@@ -691,6 +940,7 @@
NOTE: Affects 1.12.0 to 1.12.12, fixed 1.12.13
NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
CVE-2016-6506 (epan/dissectors/packet-wsp.c in the WSP dissector in Wireshark 1.12.x ...)
+ {DSA-3648-1}
- wireshark 2.0.5+ga3be9c6-1
NOTE: https://www.wireshark.org/security/wnpa-sec-2016-42.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12594
@@ -698,6 +948,7 @@
NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 , fixed in 2.0.5, 1.12.13
NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
CVE-2016-6505 (epan/dissectors/packet-packetbb.c in the PacketBB dissector in ...)
+ {DSA-3648-1}
- wireshark 2.0.5+ga3be9c6-1
NOTE: https://www.wireshark.org/security/wnpa-sec-2016-41.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12577
@@ -705,6 +956,7 @@
NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13.
NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
CVE-2016-6504 (epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wireshark ...)
+ {DSA-3648-1}
- wireshark 2.0
NOTE: Only affects 1.12, marking 2.0 as fixed
NOTE: https://www.wireshark.org/security/wnpa-sec-2016-40.html
@@ -1709,8 +1961,7 @@
NOTE: otherwise the mitigiation isn't very effective for systems with a locked root account.
CVE-2016-6208
RESERVED
-CVE-2016-6207
- RESERVED
+CVE-2016-6207 (Integer overflow in the _gdContributionsAlloc function in ...)
{DSA-3630-1}
- libgd2 2.2.2-43-g22cba39-1
[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -1836,8 +2087,7 @@
NOTE: https://launchpad.net/bugs/1447282
NOTE: Fixed by: https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/857
NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/2
-CVE-2016-6214 [read out-of-bounds issue]
- RESERVED
+CVE-2016-6214 (gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows ...)
{DSA-3619-1}
- libgd2 2.2.2-29-g3c2b605-1
[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -2010,8 +2260,7 @@
NOTE: Reproducer attached in http://seclists.org/oss-sec/2016/q3/7
CVE-2016-6162 (net/core/skbuff.c in the Linux kernel 4.7-rc6 allows local users to ...)
- linux <not-affected> (Vulnerable code introduced in 4.7-rc1)
-CVE-2016-6161
- RESERVED
+CVE-2016-6161 (The output function in gd_gif_out.c in the GD Graphics Library (aka ...)
{DSA-3619-1 DLA-563-1}
- libgd2 2.2.1-1
NOTE: https://github.com/libgd/libgd/issues/209
@@ -2598,8 +2847,7 @@
TODO: check
CVE-2016-5877
RESERVED
-CVE-2016-6132 [read out-of-bands was found in the parsing of TGA files]
- RESERVED
+CVE-2016-6132 (The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka ...)
{DSA-3619-1}
- libgd2 2.2.2-29-g3c2b605-1 (bug #829694)
[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -2716,12 +2964,12 @@
NOT-FOR-US: Siemens SICAM PAS
CVE-2016-5848 (Siemens SICAM PAS before 8.07 does not properly restrict password data ...)
NOT-FOR-US: Siemens SICAM PAS
-CVE-2016-5847
- RESERVED
+CVE-2016-5847 (SAP SAPCAR allows local users to change the permissions of arbitrary ...)
+ TODO: check
CVE-2016-5846
RESERVED
-CVE-2016-5845
- RESERVED
+CVE-2016-5845 (SAP SAPCAR does not check the return value of file operations when ...)
+ TODO: check
CVE-2016-5843
RESERVED
CVE-2016-5840 (hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, ...)
@@ -4078,8 +4326,7 @@
- php5 5.6.24+dfsg-1
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72573
NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-5384 [possible double free due to insufficiently validated cache files]
- RESERVED
+CVE-2016-5384 (fontconfig before 2.12.1 does not validate offsets, which allows local ...)
{DSA-3644-1 DLA-587-1}
- fontconfig 2.11.0-6.5 (bug #833570)
NOTE: https://lists.freedesktop.org/archives/fontconfig/2016-August/005792.html
More information about the Secure-testing-commits
mailing list