[Secure-testing-commits] r44069 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Fri Aug 19 21:10:13 UTC 2016


Author: sectracker
Date: 2016-08-19 21:10:13 +0000 (Fri, 19 Aug 2016)
New Revision: 44069

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-08-19 20:18:20 UTC (rev 44068)
+++ data/CVE/list	2016-08-19 21:10:13 UTC (rev 44069)
@@ -1,3 +1,87 @@
+CVE-2016-6880
+	RESERVED
+CVE-2016-6879
+	RESERVED
+CVE-2016-6878
+	RESERVED
+CVE-2016-6877
+	RESERVED
+CVE-2016-6876
+	RESERVED
+CVE-2016-6869
+	RESERVED
+CVE-2016-6868
+	RESERVED
+CVE-2016-6867
+	RESERVED
+CVE-2016-6865
+	RESERVED
+CVE-2016-6864
+	RESERVED
+CVE-2016-6863
+	RESERVED
+CVE-2016-6862
+	RESERVED
+CVE-2016-6861
+	RESERVED
+CVE-2016-6860
+	RESERVED
+CVE-2016-6859
+	RESERVED
+CVE-2016-6858
+	RESERVED
+CVE-2016-6857
+	RESERVED
+CVE-2016-6856
+	RESERVED
+CVE-2016-6855
+	RESERVED
+CVE-2016-6854
+	RESERVED
+CVE-2016-6853
+	RESERVED
+CVE-2016-6852
+	RESERVED
+CVE-2016-6851
+	RESERVED
+CVE-2016-6850
+	RESERVED
+CVE-2016-6849
+	RESERVED
+CVE-2016-6848
+	RESERVED
+CVE-2016-6847
+	RESERVED
+CVE-2016-6846
+	RESERVED
+CVE-2016-6845
+	RESERVED
+CVE-2016-6844
+	RESERVED
+CVE-2016-6843
+	RESERVED
+CVE-2016-6842
+	RESERVED
+CVE-2016-6841
+	RESERVED
+CVE-2016-6840
+	RESERVED
+CVE-2016-6839
+	RESERVED
+CVE-2016-6838
+	RESERVED
+CVE-2016-6829
+	RESERVED
+CVE-2016-6827
+	RESERVED
+CVE-2016-6826
+	RESERVED
+CVE-2016-6825
+	RESERVED
+CVE-2016-6824
+	RESERVED
+CVE-2016-6823
+	RESERVED
 CVE-2016-6888 [net: vmxnet: integer overflow in packet initialisation]
 	- qemu <unfixed>
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
@@ -7,24 +91,31 @@
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=47882fa4975bf0b58dd74474329fdd7154e8f04c
 	TODO: check
 CVE-2016-6875 [Fix infinite recursion in wddx]
+	RESERVED
 	- hhvm <unfixed>
 	NOTE: https://github.com/facebook/hhvm/commit/1888810e77b446a79a7674784d5f139fcfa605e2
 CVE-2016-6874 [Fix recursion checks in array_*_recursive]
+	RESERVED
 	- hhvm <unfixed>
 	NOTE: https://github.com/facebook/hhvm/commit/05e706d98f748f609b19d8697e490eaab5007d69
 CVE-2016-6873 [Fix self recursion in compact]
+	RESERVED
 	- hhvm <unfixed>
 	NOTE: https://github.com/facebook/hhvm/commit/e264f04ae825a5d97758130cf8eec99862517e7e
 CVE-2016-6872 [Fix integer overflow in StringUtil::implode]
+	RESERVED
 	- hhvm <unfixed>
 	NOTE: https://github.com/facebook/hhvm/commit/2c9a8fcc73a151608634d3e712973d192027c271
 CVE-2016-6871 [Fix buffer overrun due to integer overflow in bcmath]
+	RESERVED
 	- hhvm <unfixed>
 	NOTE: https://github.com/facebook/hhvm/commit/c00fc9d3003eb06226b58b6a48555f1456ee2475
 CVE-2016-6870 [incorrect use of strndup]
+	RESERVED
 	- hhvm <unfixed>
 	NOTE: https://github.com/facebook/hhvm/commit/365abe807cab2d60dc9ec307292a06181f77a9c2
 CVE-2016-6866
+	RESERVED
 	- suckless-tools 41-1
 	[jessie] - suckless-tools <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/18/22
@@ -34,24 +125,29 @@
 	NOTE: thus in readpw, not calling crypt(passwd, pws) with a possibly
 	NOTE: empty pws.
 CVE-2016-6837 [XSS in view_all_bug_page.php]
+	RESERVED
 	- mantis <removed>
 	NOTE: https://mantisbt.org/bugs/view.php?id=21611
 	NOTE: https://github.com/mantisbt/mantisbt/commit/7086c2d8b4b20ac14013b36761ac04f0abf21a4e
 CVE-2016-6832 [heap-based buffer overflow in ff_audio_resample (resample.c)]
+	RESERVED
 	- libav <removed>
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://blogs.gentoo.org/ago/2016/08/07/libav-heap-based-buffer-overflow-in-ff_audio_resample-resample-c/
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=0ac8ff618c5e6d878c547a8877e714ed728950ce
 	NOTE: Claimed to not affect ffmpeg
 CVE-2016-6831 [Memory leak in CHICKEN Scheme's process-execute and process-spawn procedures]
+	RESERVED
 	- chicken <unfixed> (bug #834845)
 	NOTE: Fixed in the same upstream patch which is provided for CVE-2016-6830
 CVE-2016-6830 [Buffer overrun in CHICKEN Scheme's "process-execute" and "process-spawn" procedures from the posix unit]
+	RESERVED
 	- chicken <unfixed> (bug #834845)
 	NOTE: http://lists.nongnu.org/archive/html/chicken-announce/2016-08/msg00001.html
 	NOTE: https://lists.nongnu.org/archive/html/chicken-hackers/2016-07/txtSWHYeFeG0R.txt
 	NOTE: http://bugs.call-cc.org/ticket/1308
 CVE-2016-6828 [Linux tcp_xmit_retransmit_queue use after free]
+	RESERVED
 	- linux <unfixed>
 CVE-2016-6822
 	RESERVED
@@ -368,6 +464,7 @@
 	- imagemagick <unfixed> (bug #834183)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30245
 CVE-2016-6833 [net: vmxnet3: use after free while writing]
+	RESERVED
 	- qemu <unfixed>
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
 	- qemu-kvm <removed>
@@ -376,6 +473,7 @@
 	NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01602.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/12/1
 CVE-2016-6834 [an infinite loop during packet fragmentation]
+	RESERVED
 	- qemu <unfixed>
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, packet abstraction introduced in 1.5)
 	- qemu-kvm <removed>
@@ -384,6 +482,7 @@
 	NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01601.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/11/8
 CVE-2016-6835 [buffer overflow in vmxnet_tx_pkt_parse_headers() in vmxnet3 device emulation]
+	RESERVED
 	- qemu <unfixed>
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
 	- qemu-kvm <removed>
@@ -391,6 +490,7 @@
 	NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-stable/2016-08/msg00077.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/11/7
 CVE-2016-6836 [Information leak in vmxnet3_complete_packet]
+	RESERVED
 	- qemu <unfixed>
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
 	- qemu-kvm <removed>
@@ -1383,10 +1483,10 @@
 	RESERVED
 CVE-2016-6368
 	RESERVED
-CVE-2016-6367
-	RESERVED
-CVE-2016-6366
-	RESERVED
+CVE-2016-6367 (Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA ...)
+	TODO: check
+CVE-2016-6366 (Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software ...)
+	TODO: check
 CVE-2016-6365
 	RESERVED
 CVE-2016-6364
@@ -7144,8 +7244,8 @@
 	RESERVED
 CVE-2016-4655
 	RESERVED
-CVE-2016-4654
-	RESERVED
+CVE-2016-4654 (IOMobileFrameBuffer in Apple iOS before 9.3.4 allows attackers to ...)
+	TODO: check
 CVE-2016-4653 (The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before ...)
 	TODO: check
 CVE-2016-4652 (CoreGraphics in Apple OS X before 10.11.6 allows local users to obtain ...)
@@ -17567,10 +17667,10 @@
 	TODO: check
 CVE-2016-1459 (Cisco IOS 12.4 and 15.0 through 15.5 and IOS XE 3.13 through 3.17 ...)
 	TODO: check
-CVE-2016-1458
-	RESERVED
-CVE-2016-1457
-	RESERVED
+CVE-2016-1458 (The web-based GUI in Cisco Firepower Management Center 4.x and 5.x ...)
+	TODO: check
+CVE-2016-1457 (The web-based GUI in Cisco Firepower Management Center 4.x and 5.x ...)
+	TODO: check
 CVE-2016-1456 (The CLI in Cisco IOS XR 6.x through 6.0.1 allows local users to ...)
 	TODO: check
 CVE-2016-1455
@@ -17763,8 +17863,8 @@
 	TODO: check
 CVE-2016-1366 (The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on ...)
 	NOT-FOR-US: Cisco IOS XR
-CVE-2016-1365
-	RESERVED
+CVE-2016-1365 (The Grapevine update process in Cisco Application Policy ...)
+	TODO: check
 CVE-2016-1364 (Cisco Wireless LAN Controller (WLC) Software 7.4 before 7.4.130.0(MD) ...)
 	TODO: check
 CVE-2016-1363 (Buffer overflow in the redirection functionality in Cisco Wireless LAN ...)




More information about the Secure-testing-commits mailing list