[Secure-testing-commits] r38721 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Tue Jan 5 21:10:13 UTC 2016
Author: sectracker
Date: 2016-01-05 21:10:12 +0000 (Tue, 05 Jan 2016)
New Revision: 38721
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-05 20:19:28 UTC (rev 38720)
+++ data/CVE/list 2016-01-05 21:10:12 UTC (rev 38721)
@@ -1,3 +1,423 @@
+CVE-2016-1493
+ RESERVED
+CVE-2016-1492
+ RESERVED
+CVE-2016-1491
+ RESERVED
+CVE-2016-1490
+ RESERVED
+CVE-2016-1489
+ RESERVED
+CVE-2016-1488
+ RESERVED
+CVE-2016-1487
+ RESERVED
+CVE-2016-1486
+ RESERVED
+CVE-2016-1485
+ RESERVED
+CVE-2016-1484
+ RESERVED
+CVE-2016-1483
+ RESERVED
+CVE-2016-1482
+ RESERVED
+CVE-2016-1481
+ RESERVED
+CVE-2016-1480
+ RESERVED
+CVE-2016-1479
+ RESERVED
+CVE-2016-1478
+ RESERVED
+CVE-2016-1477
+ RESERVED
+CVE-2016-1476
+ RESERVED
+CVE-2016-1475
+ RESERVED
+CVE-2016-1474
+ RESERVED
+CVE-2016-1473
+ RESERVED
+CVE-2016-1472
+ RESERVED
+CVE-2016-1471
+ RESERVED
+CVE-2016-1470
+ RESERVED
+CVE-2016-1469
+ RESERVED
+CVE-2016-1468
+ RESERVED
+CVE-2016-1467
+ RESERVED
+CVE-2016-1466
+ RESERVED
+CVE-2016-1465
+ RESERVED
+CVE-2016-1464
+ RESERVED
+CVE-2016-1463
+ RESERVED
+CVE-2016-1462
+ RESERVED
+CVE-2016-1461
+ RESERVED
+CVE-2016-1460
+ RESERVED
+CVE-2016-1459
+ RESERVED
+CVE-2016-1458
+ RESERVED
+CVE-2016-1457
+ RESERVED
+CVE-2016-1456
+ RESERVED
+CVE-2016-1455
+ RESERVED
+CVE-2016-1454
+ RESERVED
+CVE-2016-1453
+ RESERVED
+CVE-2016-1452
+ RESERVED
+CVE-2016-1451
+ RESERVED
+CVE-2016-1450
+ RESERVED
+CVE-2016-1449
+ RESERVED
+CVE-2016-1448
+ RESERVED
+CVE-2016-1447
+ RESERVED
+CVE-2016-1446
+ RESERVED
+CVE-2016-1445
+ RESERVED
+CVE-2016-1444
+ RESERVED
+CVE-2016-1443
+ RESERVED
+CVE-2016-1442
+ RESERVED
+CVE-2016-1441
+ RESERVED
+CVE-2016-1440
+ RESERVED
+CVE-2016-1439
+ RESERVED
+CVE-2016-1438
+ RESERVED
+CVE-2016-1437
+ RESERVED
+CVE-2016-1436
+ RESERVED
+CVE-2016-1435
+ RESERVED
+CVE-2016-1434
+ RESERVED
+CVE-2016-1433
+ RESERVED
+CVE-2016-1432
+ RESERVED
+CVE-2016-1431
+ RESERVED
+CVE-2016-1430
+ RESERVED
+CVE-2016-1429
+ RESERVED
+CVE-2016-1428
+ RESERVED
+CVE-2016-1427
+ RESERVED
+CVE-2016-1426
+ RESERVED
+CVE-2016-1425
+ RESERVED
+CVE-2016-1424
+ RESERVED
+CVE-2016-1423
+ RESERVED
+CVE-2016-1422
+ RESERVED
+CVE-2016-1421
+ RESERVED
+CVE-2016-1420
+ RESERVED
+CVE-2016-1419
+ RESERVED
+CVE-2016-1418
+ RESERVED
+CVE-2016-1417
+ RESERVED
+CVE-2016-1416
+ RESERVED
+CVE-2016-1415
+ RESERVED
+CVE-2016-1414
+ RESERVED
+CVE-2016-1413
+ RESERVED
+CVE-2016-1412
+ RESERVED
+CVE-2016-1411
+ RESERVED
+CVE-2016-1410
+ RESERVED
+CVE-2016-1409
+ RESERVED
+CVE-2016-1408
+ RESERVED
+CVE-2016-1407
+ RESERVED
+CVE-2016-1406
+ RESERVED
+CVE-2016-1405
+ RESERVED
+CVE-2016-1404
+ RESERVED
+CVE-2016-1403
+ RESERVED
+CVE-2016-1402
+ RESERVED
+CVE-2016-1401
+ RESERVED
+CVE-2016-1400
+ RESERVED
+CVE-2016-1399
+ RESERVED
+CVE-2016-1398
+ RESERVED
+CVE-2016-1397
+ RESERVED
+CVE-2016-1396
+ RESERVED
+CVE-2016-1395
+ RESERVED
+CVE-2016-1394
+ RESERVED
+CVE-2016-1393
+ RESERVED
+CVE-2016-1392
+ RESERVED
+CVE-2016-1391
+ RESERVED
+CVE-2016-1390
+ RESERVED
+CVE-2016-1389
+ RESERVED
+CVE-2016-1388
+ RESERVED
+CVE-2016-1387
+ RESERVED
+CVE-2016-1386
+ RESERVED
+CVE-2016-1385
+ RESERVED
+CVE-2016-1384
+ RESERVED
+CVE-2016-1383
+ RESERVED
+CVE-2016-1382
+ RESERVED
+CVE-2016-1381
+ RESERVED
+CVE-2016-1380
+ RESERVED
+CVE-2016-1379
+ RESERVED
+CVE-2016-1378
+ RESERVED
+CVE-2016-1377
+ RESERVED
+CVE-2016-1376
+ RESERVED
+CVE-2016-1375
+ RESERVED
+CVE-2016-1374
+ RESERVED
+CVE-2016-1373
+ RESERVED
+CVE-2016-1372
+ RESERVED
+CVE-2016-1371
+ RESERVED
+CVE-2016-1370
+ RESERVED
+CVE-2016-1369
+ RESERVED
+CVE-2016-1368
+ RESERVED
+CVE-2016-1367
+ RESERVED
+CVE-2016-1366
+ RESERVED
+CVE-2016-1365
+ RESERVED
+CVE-2016-1364
+ RESERVED
+CVE-2016-1363
+ RESERVED
+CVE-2016-1362
+ RESERVED
+CVE-2016-1361
+ RESERVED
+CVE-2016-1360
+ RESERVED
+CVE-2016-1359
+ RESERVED
+CVE-2016-1358
+ RESERVED
+CVE-2016-1357
+ RESERVED
+CVE-2016-1356
+ RESERVED
+CVE-2016-1355
+ RESERVED
+CVE-2016-1354
+ RESERVED
+CVE-2016-1353
+ RESERVED
+CVE-2016-1352
+ RESERVED
+CVE-2016-1351
+ RESERVED
+CVE-2016-1350
+ RESERVED
+CVE-2016-1349
+ RESERVED
+CVE-2016-1348
+ RESERVED
+CVE-2016-1347
+ RESERVED
+CVE-2016-1346
+ RESERVED
+CVE-2016-1345
+ RESERVED
+CVE-2016-1344
+ RESERVED
+CVE-2016-1343
+ RESERVED
+CVE-2016-1342
+ RESERVED
+CVE-2016-1341
+ RESERVED
+CVE-2016-1340
+ RESERVED
+CVE-2016-1339
+ RESERVED
+CVE-2016-1338
+ RESERVED
+CVE-2016-1337
+ RESERVED
+CVE-2016-1336
+ RESERVED
+CVE-2016-1335
+ RESERVED
+CVE-2016-1334
+ RESERVED
+CVE-2016-1333
+ RESERVED
+CVE-2016-1332
+ RESERVED
+CVE-2016-1331
+ RESERVED
+CVE-2016-1330
+ RESERVED
+CVE-2016-1329
+ RESERVED
+CVE-2016-1328
+ RESERVED
+CVE-2016-1327
+ RESERVED
+CVE-2016-1326
+ RESERVED
+CVE-2016-1325
+ RESERVED
+CVE-2016-1324
+ RESERVED
+CVE-2016-1323
+ RESERVED
+CVE-2016-1322
+ RESERVED
+CVE-2016-1321
+ RESERVED
+CVE-2016-1320
+ RESERVED
+CVE-2016-1319
+ RESERVED
+CVE-2016-1318
+ RESERVED
+CVE-2016-1317
+ RESERVED
+CVE-2016-1316
+ RESERVED
+CVE-2016-1315
+ RESERVED
+CVE-2016-1314
+ RESERVED
+CVE-2016-1313
+ RESERVED
+CVE-2016-1312
+ RESERVED
+CVE-2016-1311
+ RESERVED
+CVE-2016-1310
+ RESERVED
+CVE-2016-1309
+ RESERVED
+CVE-2016-1308
+ RESERVED
+CVE-2016-1307
+ RESERVED
+CVE-2016-1306
+ RESERVED
+CVE-2016-1305
+ RESERVED
+CVE-2016-1304
+ RESERVED
+CVE-2016-1303
+ RESERVED
+CVE-2016-1302
+ RESERVED
+CVE-2016-1301
+ RESERVED
+CVE-2016-1300
+ RESERVED
+CVE-2016-1299
+ RESERVED
+CVE-2016-1298
+ RESERVED
+CVE-2016-1297
+ RESERVED
+CVE-2016-1296
+ RESERVED
+CVE-2016-1295
+ RESERVED
+CVE-2016-1294
+ RESERVED
+CVE-2016-1293
+ RESERVED
+CVE-2016-1292
+ RESERVED
+CVE-2016-1291
+ RESERVED
+CVE-2016-1290
+ RESERVED
+CVE-2016-1289
+ RESERVED
+CVE-2016-1288
+ RESERVED
+CVE-2016-1287
+ RESERVED
+CVE-2016-1286
+ RESERVED
+CVE-2016-1285
+ RESERVED
+CVE-2016-1284
+ RESERVED
CVE-2016-XXXX [when NFSv4 migration is executed, kernel oops occurs at NFS client]
- linux 4.3.1-1
[jessie] - linux 3.16.7-ckt20-1
@@ -9,6 +429,7 @@
NOTE: Introduced by: https://git.kernel.org/linus/ec011fe847347b40c60fdb5085f65227762e2e08 (v3.13-rc1)
TODO: check versions
CVE-2016-1494 [signature forgery]
+ RESERVED
- python-rsa <unfixed>
NOTE: Fix: https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff
NOTE: https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/
@@ -89,6 +510,7 @@
CVE-2015-8707
RESERVED
CVE-2015-8744 [net: vmxnet3: incorrect l2 header validation leads to a crash]
+ RESERVED
- qemu 1:2.5+dfsg-1
[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
[squeeze] - qemu <not-affected> (Vulnerable code introduced later)
@@ -96,6 +518,7 @@
NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=a7278b36fcab9af469563bd7b9dadebe2ae25e48 (v2.5.0-rc0)
NOTE: VMXNET3 device implementation introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=786fd2b0f87baded8c9e55307b99719eea3e016e (v1.5.0-rc0)
CVE-2015-8745 [net: vmxnet3: reading IMR registers leads to a crash]
+ RESERVED
- qemu 1:2.5+dfsg-1
[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
[squeeze] - qemu <not-affected> (Vulnerable code introduced later)
@@ -103,6 +526,7 @@
NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=c6048f849c7e3f009786df76206e895a69de032c (v2.5.0-rc0)
NOTE: VMXNET3 device implementation introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=786fd2b0f87baded8c9e55307b99719eea3e016e (v1.5.0-rc0)
CVE-2015-8743 [net: ne2000: OOB r/w in ioport operations]
+ RESERVED
- qemu <unfixed>
[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
- qemu-kvm <removed>
@@ -1714,7 +2138,7 @@
NOT-FOR-US: Lepide
CVE-2015-8575 [sco_sock_bind issue]
RESERVED
- {DLA-378-1}
+ {DSA-3434-1 DLA-378-1}
- linux 4.3.3-3
- linux-2.6 <removed>
NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4 (v4.4-rc6)
@@ -1753,6 +2177,7 @@
TODO: check
CVE-2015-8552 [Linux pciback missing sanity checks leading to crash]
RESERVED
+ {DSA-3434-1}
[experimental] - linux 4.4~rc6-1~exp1
- linux 4.3.3-3
- linux-2.6 <removed>
@@ -1765,6 +2190,7 @@
NOTE: https://git.kernel.org/linus/408fb0e5aa7fda0059db282ff58c3b2a4278baa0
CVE-2015-8551 [Linux pciback missing sanity checks leading to crash]
RESERVED
+ {DSA-3434-1}
[experimental] - linux 4.4~rc6-1~exp1
- linux 4.3.3-3
- linux-2.6 <removed>
@@ -1777,6 +2203,7 @@
NOTE: https://git.kernel.org/linus/408fb0e5aa7fda0059db282ff58c3b2a4278baa0
CVE-2015-8550 [paravirtualized drivers incautious about shared memory contents]
RESERVED
+ {DSA-3434-1}
[experimental] - linux 4.4~rc6-1~exp1
- linux 4.3.3-3
- linux-2.6 <removed>
@@ -1798,6 +2225,7 @@
CVE-2015-8549
RESERVED
CVE-2015-8569 (The (1) pptp_bind and (2) pptp_connect functions in ...)
+ {DSA-3434-1}
- linux 4.3.3-3
- linux-2.6 <removed>
[squeeze] - linux-2.6 <not-affected> (Vulnerable code introduced later)
@@ -5744,6 +6172,7 @@
NOT-FOR-US: ARM Mali GPU driver
CVE-2015-7545 [arbitrary code execution issues via URLs]
RESERVED
+ {DSA-3435-1}
- git 1:2.6.1-1
[squeeze] - git <not-affected> (git 1.7.2 did not have git-remote-ext yet)
NOTE: http://www.openwall.com/lists/oss-security/2015/10/06/1
@@ -6196,7 +6625,7 @@
TODO: check correctness for CVE-2009-5147/CVE-2015-7551 record since affects multiple ruby versions
CVE-2015-7550 [Linux keyring subsystem race leads to null dereference]
RESERVED
- {DLA-378-1}
+ {DSA-3434-1 DLA-378-1}
- linux 4.3.3-3
- linux-2.6 <removed>
NOTE: https://git.kernel.org/linus/b4a1b4f5047e4f54e194681125c74c0aa64d637d (v4.4-rc8)
@@ -6298,6 +6727,7 @@
- ironic 1:4.2.2-1 (bug #807269)
CVE-2015-7513 [Reload pit counters for all channels when restoring state]
RESERVED
+ {DSA-3434-1}
- linux 4.3.3-3
- linux-2.6 <removed>
[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
@@ -7884,16 +8314,13 @@
RESERVED
CVE-2015-6862
RESERVED
-CVE-2015-6861
- RESERVED
-CVE-2015-6860
- RESERVED
+CVE-2015-6861 (HPE Helion Eucalyptus 3.4.0 through 4.2.0 allows remote authenticated ...)
+ TODO: check
+CVE-2015-6860 (HPE Network Switches with software 15.16.x and 15.17.x allow local ...)
NOT-FOR-US: HPE Network Switches
-CVE-2015-6859
- RESERVED
+CVE-2015-6859 (HPE Network Switches with software 15.16.x and 15.17.x allow local ...)
NOT-FOR-US: HPE Network Switches
-CVE-2015-6858
- RESERVED
+CVE-2015-6858 (HP Insight Control server provisioning before 7.5.0 RabbitMQ allows ...)
NOT-FOR-US: HP Insight Control
CVE-2015-6857 (Unspecified vulnerability in Virtual Table Server (VTS) in HP ...)
NOT-FOR-US: HP Performance Center
@@ -9133,8 +9560,8 @@
RESERVED
CVE-2015-6433
RESERVED
-CVE-2015-6432
- RESERVED
+CVE-2015-6432 (Cisco IOS XR 4.2.0, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.2.2, 5.2.4, 5.3.0, ...)
+ TODO: check
CVE-2015-6431 (Cisco IOS XE 16.1.1 allows remote attackers to cause a denial of ...)
TODO: check
CVE-2015-6430
@@ -11710,12 +12137,12 @@
RESERVED
CVE-2015-5448 (HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 ...)
NOT-FOR-US: HP Asset Manager
-CVE-2015-5447
- RESERVED
-CVE-2015-5446
- RESERVED
-CVE-2015-5445
- RESERVED
+CVE-2015-5447 (Cross-site scripting (XSS) vulnerability in HP StoreOnce Backup system ...)
+ TODO: check
+CVE-2015-5446 (HP StoreOnce Backup system software before 3.13.1 allows remote ...)
+ TODO: check
+CVE-2015-5445 (Cross-site request forgery (CSRF) vulnerability in HP StoreOnce Backup ...)
+ TODO: check
CVE-2015-5444 (Multiple cross-site scripting (XSS) vulnerabilities in HP Smart ...)
NOT-FOR-US: SPS DAL
CVE-2015-5443 (HP 3PAR Service Processor SP 4.2.0.GA-29 (GA) SPOCC, SP 4.3.0.GA-17 ...)
@@ -11736,8 +12163,8 @@
RESERVED
CVE-2015-5435 (Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 ...)
NOT-FOR-US: HP
-CVE-2015-5434
- RESERVED
+CVE-2015-5434 (HP H3C Comware 5 and 7 devices allow remote attackers to bypass ...)
+ TODO: check
CVE-2015-5433 (HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used ...)
NOT-FOR-US: HP Virtual Connect Enterprise Manager
CVE-2015-5432 (HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used ...)
@@ -40077,8 +40504,8 @@
RESERVED
CVE-2014-5041
RESERVED
-CVE-2014-5040
- RESERVED
+CVE-2014-5040 (HP Helion Eucalyptus 4.1.x before 4.1.2 and HPE Helion Eucalyptus ...)
+ TODO: check
CVE-2014-5039
RESERVED
CVE-2014-5038 (Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or ...)
More information about the Secure-testing-commits
mailing list