[Secure-testing-commits] r46834 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Tue Dec 6 21:10:11 UTC 2016
Author: sectracker
Date: 2016-12-06 21:10:11 +0000 (Tue, 06 Dec 2016)
New Revision: 46834
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-06 21:06:21 UTC (rev 46833)
+++ data/CVE/list 2016-12-06 21:10:11 UTC (rev 46834)
@@ -1,3 +1,203 @@
+CVE-2017-3229
+ RESERVED
+CVE-2017-3228
+ RESERVED
+CVE-2017-3227
+ RESERVED
+CVE-2017-3226
+ RESERVED
+CVE-2017-3225
+ RESERVED
+CVE-2017-3224
+ RESERVED
+CVE-2017-3223
+ RESERVED
+CVE-2017-3222
+ RESERVED
+CVE-2017-3221
+ RESERVED
+CVE-2017-3220
+ RESERVED
+CVE-2017-3219
+ RESERVED
+CVE-2017-3218
+ RESERVED
+CVE-2017-3217
+ RESERVED
+CVE-2017-3216
+ RESERVED
+CVE-2017-3215
+ RESERVED
+CVE-2017-3214
+ RESERVED
+CVE-2017-3213
+ RESERVED
+CVE-2017-3212
+ RESERVED
+CVE-2017-3211
+ RESERVED
+CVE-2017-3210
+ RESERVED
+CVE-2017-3209
+ RESERVED
+CVE-2017-3208
+ RESERVED
+CVE-2017-3207
+ RESERVED
+CVE-2017-3206
+ RESERVED
+CVE-2017-3205
+ RESERVED
+CVE-2017-3204
+ RESERVED
+CVE-2017-3203
+ RESERVED
+CVE-2017-3202
+ RESERVED
+CVE-2017-3201
+ RESERVED
+CVE-2017-3200
+ RESERVED
+CVE-2017-3199
+ RESERVED
+CVE-2017-3198
+ RESERVED
+CVE-2017-3197
+ RESERVED
+CVE-2017-3196
+ RESERVED
+CVE-2017-3195
+ RESERVED
+CVE-2017-3194
+ RESERVED
+CVE-2017-3193
+ RESERVED
+CVE-2017-3192
+ RESERVED
+CVE-2017-3191
+ RESERVED
+CVE-2017-3190
+ RESERVED
+CVE-2017-3189
+ RESERVED
+CVE-2017-3188
+ RESERVED
+CVE-2017-3187
+ RESERVED
+CVE-2017-3186
+ RESERVED
+CVE-2017-3185
+ RESERVED
+CVE-2017-3184
+ RESERVED
+CVE-2017-3183
+ RESERVED
+CVE-2017-3182
+ RESERVED
+CVE-2017-3181
+ RESERVED
+CVE-2017-3180
+ RESERVED
+CVE-2017-3179
+ RESERVED
+CVE-2017-3178
+ RESERVED
+CVE-2017-3177
+ RESERVED
+CVE-2017-3176
+ RESERVED
+CVE-2017-3175
+ RESERVED
+CVE-2017-3174
+ RESERVED
+CVE-2017-3173
+ RESERVED
+CVE-2017-3172
+ RESERVED
+CVE-2017-3171
+ RESERVED
+CVE-2017-3170
+ RESERVED
+CVE-2017-3169
+ RESERVED
+CVE-2017-3168
+ RESERVED
+CVE-2017-3167
+ RESERVED
+CVE-2017-3166
+ RESERVED
+CVE-2017-3165
+ RESERVED
+CVE-2017-3164
+ RESERVED
+CVE-2017-3163
+ RESERVED
+CVE-2017-3162
+ RESERVED
+CVE-2017-3161
+ RESERVED
+CVE-2017-3160
+ RESERVED
+CVE-2017-3159
+ RESERVED
+CVE-2017-3158
+ RESERVED
+CVE-2017-3157
+ RESERVED
+CVE-2017-3156
+ RESERVED
+CVE-2017-3155
+ RESERVED
+CVE-2017-3154
+ RESERVED
+CVE-2017-3153
+ RESERVED
+CVE-2017-3152
+ RESERVED
+CVE-2017-3151
+ RESERVED
+CVE-2017-3150
+ RESERVED
+CVE-2016-9866
+ RESERVED
+CVE-2016-9865
+ RESERVED
+CVE-2016-9864
+ RESERVED
+CVE-2016-9863
+ RESERVED
+CVE-2016-9862
+ RESERVED
+CVE-2016-9861
+ RESERVED
+CVE-2016-9860
+ RESERVED
+CVE-2016-9859
+ RESERVED
+CVE-2016-9858
+ RESERVED
+CVE-2016-9857
+ RESERVED
+CVE-2016-9856
+ RESERVED
+CVE-2016-9855
+ RESERVED
+CVE-2016-9854
+ RESERVED
+CVE-2016-9853
+ RESERVED
+CVE-2016-9852
+ RESERVED
+CVE-2016-9851
+ RESERVED
+CVE-2016-9850
+ RESERVED
+CVE-2016-9849
+ RESERVED
+CVE-2016-9848
+ RESERVED
+CVE-2016-9847
+ RESERVED
CVE-2016-XXXX [cross-site scripting vulnerability]
- html5lib 0.999999999-1
[jessie] - html5lib <no-dsa> (Minor issue)
@@ -455,6 +655,7 @@
CVE-2017-2925
RESERVED
CVE-2016-9839
+ RESERVED
- mapserver 7.0.3-1
[jessie] - mapserver <no-dsa> (Minor issue)
NOTE: https://lists.osgeo.org/pipermail/mapserver-dev/2016-December/014979.html
@@ -464,8 +665,8 @@
RESERVED
CVE-2016-9837
RESERVED
-CVE-2016-9836
- RESERVED
+CVE-2016-9836 (The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! ...)
+ TODO: check
CVE-2016-9835 (Directory traversal vulnerability in file "jcss.php" in Zikula 1.3.x ...)
TODO: check
CVE-2016-9834
@@ -541,6 +742,7 @@
CVE-2016-9757
RESERVED
CVE-2016-9846 [display: virtio-gpu: memory leakage while updating cursor]
+ RESERVED
- qemu <unfixed>
[wheezy] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <removed>
@@ -548,6 +750,7 @@
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg00029.html
TODO: check affected versions
CVE-2016-9845 [display: virtio-gpu-3d: information leakage in virgl_cmd_get_capset_info]
+ RESERVED
- qemu <unfixed>
[wheezy] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <removed>
@@ -555,23 +758,29 @@
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2016-11/msg00019.html
TODO: check affected versions
CVE-2016-9843
+ RESERVED
- zlib <unfixed>
NOTE: https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811
CVE-2016-9842
+ RESERVED
- zlib <unfixed> (bug #847274)
NOTE: https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958
CVE-2016-9841
+ RESERVED
- zlib <unfixed> (bug #847270)
NOTE: https://github.com/madler/zlib/commit/9aaec95e82117c1cb0f9624264c3618fc380cecb
CVE-2016-9840
+ RESERVED
- zlib <unfixed> (bug #847270)
NOTE: https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0
CVE-2016-9844 [zipinfo buffer overflow]
+ RESERVED
- unzip <unfixed>
NOTE: https://launchpad.net/bugs/1643750
NOTE: http://www.openwall.com/lists/oss-security/2016/12/05/13
NOTE: Proposed patch in http://www.openwall.com/lists/oss-security/2016/12/05/19
CVE-2014-9913
+ RESERVED
- unzip <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2014/11/03/5
CVE-2016-XXXX [heap-based buffer overflow in TIFFFillStrip (tif_read.c)]
@@ -6247,7 +6456,7 @@
- qemu <not-affected> (Vulnerability specific to Xen)
- qemu-kvm <not-affected> (Vulnerability specific to Xen)
- xen 4.4.0-1
- NOTE: Xen switched to qemu-system in 4.4.0-1
+ NOTE: Xen switched to qemu-system in 4.4.0-1
NOTE: https://xenbits.xen.org/xsa/advisory-199.html
CVE-2016-9620
RESERVED
@@ -7941,8 +8150,7 @@
RESERVED
CVE-2016-9153
RESERVED
-CVE-2016-9152 [cross-site scripting]
- RESERVED
+CVE-2016-9152 (Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in ...)
- spip <unfixed> (bug #847156)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23290
CVE-2016-9151 (Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x ...)
@@ -8983,8 +9191,7 @@
RESERVED
CVE-2016-8741
RESERVED
-CVE-2016-8740
- RESERVED
+CVE-2016-8740 (The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, ...)
- apache2 <unfixed> (bug #847124)
[jessie] - apache2 <not-affected> (Vulnerable code not present)
[wheezy] - apache2 <not-affected> (Vulnerable code not present)
@@ -14054,8 +14261,8 @@
RESERVED
CVE-2016-7172
RESERVED
-CVE-2016-7171
- RESERVED
+CVE-2016-7171 (NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use ...)
+ TODO: check
CVE-2016-7170 [vmware_vga: OOB stack memory access when processing svga command]
RESERVED
{DLA-653-1 DLA-652-1}
@@ -20325,8 +20532,8 @@
TODO: check
CVE-2016-5342 (Heap-based buffer overflow in the wcnss_wlan_write function in ...)
TODO: check
-CVE-2016-5341
- RESERVED
+CVE-2016-5341 (The GPS component in Android before 2016-12-05 allows ...)
+ TODO: check
CVE-2016-5340 (The is_ashmem_file function in drivers/staging/android/ashmem.c in a ...)
TODO: check
CVE-2016-5339
@@ -224173,7 +224380,7 @@
- phpbb2 2.0.8 (low)
CVE-2004-2349 (Multiple SQL injection vulnerabilities in Tunez before 1.20-pre2 allow ...)
NOT-FOR-US: Tunez
-CVE-2004-2348 (Sybari AntiGen for Domino 7.0 Build 722 SR2 alows remote attackers to ...)
+CVE-2004-2348 (Sybari AntiGen for Domino 7.0 Build 722 SR2 allows remote attackers to ...)
NOT-FOR-US: Sybari AntiGen for Domino
CVE-2004-2347 (blog.cgi in Leif M. Wright Web Blog 1.1 and 1.1.5 allows remote ...)
NOT-FOR-US: Leif M. Wright Web Blog
@@ -234620,7 +234827,7 @@
NOT-FOR-US: Safari
CVE-2004-1121 (Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the ...)
NOT-FOR-US: Safari
-CVE-2004-1120 (Mulitple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c ...)
+CVE-2004-1120 (Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c ...)
{DSA-663-1}
- prozilla 1:1.3.7.3-1
CVE-2004-1119 (Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and ...)
More information about the Secure-testing-commits
mailing list