[Secure-testing-commits] r38759 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Thu Jan 7 21:10:13 UTC 2016 

Author: sectracker
Date: 2016-01-07 21:10:13 +0000 (Thu, 07 Jan 2016)
New Revision: 38759

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-07 21:02:12 UTC (rev 38758)
+++ data/CVE/list	2016-01-07 21:10:13 UTC (rev 38759)
@@ -1,3 +1,9 @@
+CVE-2016-1497
+	RESERVED
+CVE-2016-1496
+	RESERVED
+CVE-2016-1495
+	RESERVED
 CVE-2016-XXXX [cross-site scripting vulnerability]
 	- wordpress <unfixed>
 	NOTE: https://wordpress.org/news/2016/01/wordpress-4-4-1-security-and-maintenance-release/
@@ -23,20 +29,24 @@
 	NOTE: https://github.com/kickstarter/rack-attack/commit/76c2e3143099d938883ae5654527b47e9e6a8977
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/07/1
 CVE-2016-1501 [Full installation path disclosure through error message]
+	RESERVED
 	- owncloud 7.0.12~dfsg-2
 	[jessie] - owncloud <no-dsa> (Minor issue; will be fixed via a pu)
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-004
 CVE-2016-1500 [Disclosure of files that begin with ".v" due to unchecked return value]
+	RESERVED
 	[experimental] - owncloud 8.2.2~dfsg-1
 	- owncloud 7.0.12~dfsg-1
 	[jessie] - owncloud <no-dsa> (Minor issue; will be fixed via a pu)
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-003
 CVE-2016-1499 [Information Exposure Through Directory Listing in the file scanner]
+	RESERVED
 	[experimental] - owncloud 8.2.2~dfsg-1
 	- owncloud 7.0.12~dfsg-2
 	[jessie] - owncloud <no-dsa> (Minor issue; will be fixed via a pu)
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-002
 CVE-2016-1498 [Reflected XSS in OCS provider discovery]
+	RESERVED
 	[experimental] - owncloud 8.2.2~dfsg-1
 	- owncloud 7.0.12~dfsg-1
 	[jessie] - owncloud <no-dsa> (Minor issue; will be fixed via a pu)
@@ -469,10 +479,13 @@
 	NOTE: https://launchpad.net/bugs/1516765
 	NOTE: Affects: >= 2014.2 <= 2015.1.2, ==12.0.0
 CVE-2015-8748 [Prevent regex injection in rights management]
+	RESERVED
 	- radicale <unfixed> (bug #809920)
 CVE-2015-8747 [The multifilesystem backend allows access to arbitrary files on all platforms]
+	RESERVED
 	- radicale <unfixed> (bug #809920)
 CVE-2015-8746 [when NFSv4 migration is executed, kernel oops occurs at NFS client]
+	RESERVED
 	- linux 4.3.1-1
 	[jessie] - linux 3.16.7-ckt20-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -9248,30 +9261,30 @@
 	RESERVED
 CVE-2015-6648
 	RESERVED
-CVE-2015-6647
-	RESERVED
-CVE-2015-6646
-	RESERVED
-CVE-2015-6645
-	RESERVED
-CVE-2015-6644
-	RESERVED
-CVE-2015-6643
-	RESERVED
-CVE-2015-6642
-	RESERVED
-CVE-2015-6641
-	RESERVED
-CVE-2015-6640
-	RESERVED
-CVE-2015-6639
-	RESERVED
-CVE-2015-6638
-	RESERVED
-CVE-2015-6637
-	RESERVED
-CVE-2015-6636
-	RESERVED
+CVE-2015-6647 (The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 ...)
+	TODO: check
+CVE-2015-6646 (The System V IPC implementation in the kernel in Android before 6.0 ...)
+	TODO: check
+CVE-2015-6645 (SyncManager in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 ...)
+	TODO: check
+CVE-2015-6644 (Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 ...)
+	TODO: check
+CVE-2015-6643 (Setup Wizard in Android 5.x before 5.1.1 LMY49F and 6.0 before ...)
+	TODO: check
+CVE-2015-6642 (The kernel in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 ...)
+	TODO: check
+CVE-2015-6641 (Bluetooth in Android 6.0 before 2016-01-01 allows remote attackers to ...)
+	TODO: check
+CVE-2015-6640 (The prctl_set_vma_anon_name function in kernel/sys.c in Android before ...)
+	TODO: check
+CVE-2015-6639 (The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 ...)
+	TODO: check
+CVE-2015-6638 (The Imagination Technologies driver in Android 5.x before 5.1.1 LMY49F ...)
+	TODO: check
+CVE-2015-6637 (The MediaTek misc-sd driver in Android before 5.1.1 LMY49F and 6.0 ...)
+	TODO: check
+CVE-2015-6636 (mediaserver in Android 5.x before 5.1.1 LMY49F and 6.0 before ...)
+	TODO: check
 CVE-2015-6635
 	RESERVED
 CVE-2015-6634 (The display drivers in Android before 5.1.1 LMY48Z allow remote ...)
@@ -12775,8 +12788,7 @@
 	[squeeze] - pdns <not-affected> (Only 3.4.4 and later affected)
 	- pdns-recursor <not-affected> (recursor not affected)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/09/3
-CVE-2015-5310 [wpa_supplicant unauthorized WNM Sleep Mode GTK control]
-	RESERVED
+CVE-2015-5310 (Wi-Fi in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows ...)
 	{DSA-3397-1}
 	- wpa 2.3-2.3 (bug #804707)
 	[wheezy] - wpa <not-affected> (v2.0-v2.5 with CONFIG_WNM=y)

More information about the Secure-testing-commits mailing list