[Secure-testing-commits] r44227 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Tue Aug 30 21:10:11 UTC 2016


Author: sectracker
Date: 2016-08-30 21:10:11 +0000 (Tue, 30 Aug 2016)
New Revision: 44227

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-08-30 21:08:37 UTC (rev 44226)
+++ data/CVE/list	2016-08-30 21:10:11 UTC (rev 44227)
@@ -1,3 +1,29 @@
+CVE-2016-7110
+	RESERVED
+CVE-2016-7109
+	RESERVED
+CVE-2016-7108
+	RESERVED
+CVE-2016-7107
+	RESERVED
+CVE-2016-7106
+	RESERVED
+CVE-2016-7105
+	RESERVED
+CVE-2016-7104
+	RESERVED
+CVE-2016-7102
+	RESERVED
+CVE-2016-7101
+	RESERVED
+CVE-2016-7100
+	RESERVED
+CVE-2016-7099
+	RESERVED
+CVE-2016-7096
+	RESERVED
+CVE-2016-7095
+	RESERVED
 CVE-2016-XXXX [allows the 'amanda' user to execute any code as root, and to execute an interactive shell as root]
 	- amanda 1:3.3.9-1
 	TODO: check
@@ -2,6 +28,8 @@
 CVE-2016-7111
+	RESERVED
 	- mantis <not-affected> (Vulnerable code introduced in 1.3.0-rc.2)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/b3511d2feb47eaee41feb5f69cf3c8a2c9acd229
 	NOTE: https://mantisbt.org/bugs/view.php?id=21263
 CVE-2016-7103
+	RESERVED
 	- jqueryui <unfixed>
@@ -20,11 +48,13 @@
 CVE-2016-7090
 	RESERVED
 CVE-2016-7098
+	RESERVED
 	- wget <unfixed> (low)
 	[jessie] - wget <no-dsa> (Minor issue)
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=9ffb64ba6a8121909b01e984deddce8d096c498d
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=690c47e3b18c099843cdf557a0425d701fca4957
 CVE-2016-7097 [Setting a POSIX ACL via setxattr doesn't clear the setgid bit]
+	RESERVED
 	- linux <unfixed>
 	NOTE: http://www.spinics.net/lists/linux-fsdevel/msg98328.html
 	NOTE: http://marc.info/?l=linux-fsdevel&m=147162313630259&w=2
@@ -682,6 +712,7 @@
 CVE-2016-6793
 	RESERVED
 CVE-2015-8954 [suricata: evasion issues]
+	RESERVED
 	- suricata 2.0.6-1 (bug #777523)
 	[wheezy] - suricata <no-dsa> (Minor issue)
 	[squeeze] - suricata <no-dsa> (Minor issue)
@@ -2098,7 +2129,7 @@
 	RESERVED
 	NOT-FOR-US: Red Hat QCI
 CVE-2016-6339
-	RESERVED
+	REJECTED
 CVE-2016-6338
 	RESERVED
 	NOT-FOR-US: ovirt-engine
@@ -4381,8 +4412,8 @@
 	NOT-FOR-US: Huawei
 CVE-2016-5722 (OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and ...)
 	NOT-FOR-US: OceanStor
-CVE-2016-5721
-	RESERVED
+CVE-2016-5721 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra ...)
+	TODO: check
 CVE-2016-5720
 	RESERVED
 CVE-2016-5719
@@ -4457,8 +4488,8 @@
 	RESERVED
 CVE-2016-5684
 	RESERVED
-CVE-2016-5683
-	RESERVED
+CVE-2016-5683 (ReadyDesk 9.1 allows local users to determine cleartext SQL Server ...)
+	TODO: check
 CVE-2016-5682
 	RESERVED
 CVE-2016-5681 (Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 ...)
@@ -4495,12 +4526,12 @@
 	NOT-FOR-US: Creston
 CVE-2016-5665
 	RESERVED
-CVE-2016-5664
-	RESERVED
-CVE-2016-5663
-	RESERVED
-CVE-2016-5662
-	RESERVED
+CVE-2016-5664 (Directory traversal vulnerability on Accellion Kiteworks appliances ...)
+	TODO: check
+CVE-2016-5663 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	TODO: check
+CVE-2016-5662 (Accellion Kiteworks appliances before kw2016.03.00 use setuid-root ...)
+	TODO: check
 CVE-2016-5661 (Accela Civic Platform Citizen Access portal relies on the client to ...)
 	NOT-FOR-US: Accela
 CVE-2016-5660 (Cross-site scripting (XSS) vulnerability in AttachmentsList.aspx in ...)
@@ -6696,12 +6727,12 @@
 	RESERVED
 CVE-2016-5051
 	RESERVED
-CVE-2016-5050
-	RESERVED
-CVE-2016-5049
-	RESERVED
-CVE-2016-5048
-	RESERVED
+CVE-2016-5050 (Unrestricted file upload vulnerability in chat/sendfile.aspx in ...)
+	TODO: check
+CVE-2016-5049 (Directory traversal vulnerability in chat/openattach.aspx in ReadyDesk ...)
+	TODO: check
+CVE-2016-5048 (SQL injection vulnerability in chat/staff/default.aspx in ReadyDesk ...)
+	TODO: check
 CVE-2016-5047
 	RESERVED
 CVE-2016-5046
@@ -8882,8 +8913,8 @@
 	RESERVED
 CVE-2016-4379
 	RESERVED
-CVE-2016-4378
-	RESERVED
+CVE-2016-4378 (The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication ...)
+	TODO: check
 CVE-2016-4377 (HPE Smart Update in Storage Sizing Tool before 13.0, Converged ...)
 	TODO: check
 CVE-2016-4376 (HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches ...)
@@ -9163,18 +9194,18 @@
 	RESERVED
 CVE-2016-4271
 	RESERVED
-CVE-2016-4270
-	RESERVED
-CVE-2016-4269
-	RESERVED
-CVE-2016-4268
-	RESERVED
-CVE-2016-4267
-	RESERVED
-CVE-2016-4266
-	RESERVED
-CVE-2016-4265
-	RESERVED
+CVE-2016-4270 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+	TODO: check
+CVE-2016-4269 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+	TODO: check
+CVE-2016-4268 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+	TODO: check
+CVE-2016-4267 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+	TODO: check
+CVE-2016-4266 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+	TODO: check
+CVE-2016-4265 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+	TODO: check
 CVE-2016-4264
 	RESERVED
 CVE-2016-4263
@@ -9465,8 +9496,8 @@
 	NOT-FOR-US: Adobe
 CVE-2016-4120 (Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4119
-	RESERVED
+CVE-2016-4119 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+	TODO: check
 CVE-2016-4118 (Untrusted search path vulnerability in the add-in installer in Adobe ...)
 	NOT-FOR-US: Adobe
 CVE-2016-4117 (Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to ...)
@@ -31600,8 +31631,8 @@
 	NOT-FOR-US: HP Systems Insight Manager
 CVE-2015-5401
 	RESERVED
-CVE-2015-5399
-	RESERVED
+CVE-2015-5399 (Cross-site scripting (XSS) vulnerability in PHPVibe before 4.21 allows ...)
+	TODO: check
 CVE-2015-5398
 	RESERVED
 CVE-2015-5397 (Cross-site request forgery (CSRF) vulnerability in Joomla! 3.2.0 ...)




More information about the Secure-testing-commits mailing list