[Secure-testing-commits] r38920 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu Jan 14 21:10:12 UTC 2016
Author: sectracker
Date: 2016-01-14 21:10:12 +0000 (Thu, 14 Jan 2016)
New Revision: 38920
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-14 21:03:35 UTC (rev 38919)
+++ data/CVE/list 2016-01-14 21:10:12 UTC (rev 38920)
@@ -1,3 +1,363 @@
+CVE-2016-1896
+ RESERVED
+CVE-2016-1895
+ RESERVED
+CVE-2016-1894
+ RESERVED
+CVE-2016-1893
+ RESERVED
+CVE-2016-1892
+ RESERVED
+CVE-2016-1891
+ RESERVED
+CVE-2016-1890
+ RESERVED
+CVE-2016-1889
+ RESERVED
+CVE-2016-1888
+ RESERVED
+CVE-2016-1887
+ RESERVED
+CVE-2016-1886
+ RESERVED
+CVE-2016-1885
+ RESERVED
+CVE-2016-1884
+ RESERVED
+CVE-2016-1883
+ RESERVED
+CVE-2016-1882
+ RESERVED
+CVE-2016-1881
+ RESERVED
+CVE-2016-1880
+ RESERVED
+CVE-2016-1879
+ RESERVED
+CVE-2016-1878
+ RESERVED
+CVE-2016-1877
+ RESERVED
+CVE-2016-1876
+ RESERVED
+CVE-2016-1875
+ RESERVED
+CVE-2016-1874
+ RESERVED
+CVE-2016-1873
+ RESERVED
+CVE-2016-1872
+ RESERVED
+CVE-2016-1871
+ RESERVED
+CVE-2016-1870
+ RESERVED
+CVE-2016-1869
+ RESERVED
+CVE-2016-1868
+ RESERVED
+CVE-2016-1866
+ RESERVED
+CVE-2016-1865
+ RESERVED
+CVE-2016-1864
+ RESERVED
+CVE-2016-1863
+ RESERVED
+CVE-2016-1862
+ RESERVED
+CVE-2016-1861
+ RESERVED
+CVE-2016-1860
+ RESERVED
+CVE-2016-1859
+ RESERVED
+CVE-2016-1858
+ RESERVED
+CVE-2016-1857
+ RESERVED
+CVE-2016-1856
+ RESERVED
+CVE-2016-1855
+ RESERVED
+CVE-2016-1854
+ RESERVED
+CVE-2016-1853
+ RESERVED
+CVE-2016-1852
+ RESERVED
+CVE-2016-1851
+ RESERVED
+CVE-2016-1850
+ RESERVED
+CVE-2016-1849
+ RESERVED
+CVE-2016-1848
+ RESERVED
+CVE-2016-1847
+ RESERVED
+CVE-2016-1846
+ RESERVED
+CVE-2016-1845
+ RESERVED
+CVE-2016-1844
+ RESERVED
+CVE-2016-1843
+ RESERVED
+CVE-2016-1842
+ RESERVED
+CVE-2016-1841
+ RESERVED
+CVE-2016-1840
+ RESERVED
+CVE-2016-1839
+ RESERVED
+CVE-2016-1838
+ RESERVED
+CVE-2016-1837
+ RESERVED
+CVE-2016-1836
+ RESERVED
+CVE-2016-1835
+ RESERVED
+CVE-2016-1834
+ RESERVED
+CVE-2016-1833
+ RESERVED
+CVE-2016-1832
+ RESERVED
+CVE-2016-1831
+ RESERVED
+CVE-2016-1830
+ RESERVED
+CVE-2016-1829
+ RESERVED
+CVE-2016-1828
+ RESERVED
+CVE-2016-1827
+ RESERVED
+CVE-2016-1826
+ RESERVED
+CVE-2016-1825
+ RESERVED
+CVE-2016-1824
+ RESERVED
+CVE-2016-1823
+ RESERVED
+CVE-2016-1822
+ RESERVED
+CVE-2016-1821
+ RESERVED
+CVE-2016-1820
+ RESERVED
+CVE-2016-1819
+ RESERVED
+CVE-2016-1818
+ RESERVED
+CVE-2016-1817
+ RESERVED
+CVE-2016-1816
+ RESERVED
+CVE-2016-1815
+ RESERVED
+CVE-2016-1814
+ RESERVED
+CVE-2016-1813
+ RESERVED
+CVE-2016-1812
+ RESERVED
+CVE-2016-1811
+ RESERVED
+CVE-2016-1810
+ RESERVED
+CVE-2016-1809
+ RESERVED
+CVE-2016-1808
+ RESERVED
+CVE-2016-1807
+ RESERVED
+CVE-2016-1806
+ RESERVED
+CVE-2016-1805
+ RESERVED
+CVE-2016-1804
+ RESERVED
+CVE-2016-1803
+ RESERVED
+CVE-2016-1802
+ RESERVED
+CVE-2016-1801
+ RESERVED
+CVE-2016-1800
+ RESERVED
+CVE-2016-1799
+ RESERVED
+CVE-2016-1798
+ RESERVED
+CVE-2016-1797
+ RESERVED
+CVE-2016-1796
+ RESERVED
+CVE-2016-1795
+ RESERVED
+CVE-2016-1794
+ RESERVED
+CVE-2016-1793
+ RESERVED
+CVE-2016-1792
+ RESERVED
+CVE-2016-1791
+ RESERVED
+CVE-2016-1790
+ RESERVED
+CVE-2016-1789
+ RESERVED
+CVE-2016-1788
+ RESERVED
+CVE-2016-1787
+ RESERVED
+CVE-2016-1786
+ RESERVED
+CVE-2016-1785
+ RESERVED
+CVE-2016-1784
+ RESERVED
+CVE-2016-1783
+ RESERVED
+CVE-2016-1782
+ RESERVED
+CVE-2016-1781
+ RESERVED
+CVE-2016-1780
+ RESERVED
+CVE-2016-1779
+ RESERVED
+CVE-2016-1778
+ RESERVED
+CVE-2016-1777
+ RESERVED
+CVE-2016-1776
+ RESERVED
+CVE-2016-1775
+ RESERVED
+CVE-2016-1774
+ RESERVED
+CVE-2016-1773
+ RESERVED
+CVE-2016-1772
+ RESERVED
+CVE-2016-1771
+ RESERVED
+CVE-2016-1770
+ RESERVED
+CVE-2016-1769
+ RESERVED
+CVE-2016-1768
+ RESERVED
+CVE-2016-1767
+ RESERVED
+CVE-2016-1766
+ RESERVED
+CVE-2016-1765
+ RESERVED
+CVE-2016-1764
+ RESERVED
+CVE-2016-1763
+ RESERVED
+CVE-2016-1762
+ RESERVED
+CVE-2016-1761
+ RESERVED
+CVE-2016-1760
+ RESERVED
+CVE-2016-1759
+ RESERVED
+CVE-2016-1758
+ RESERVED
+CVE-2016-1757
+ RESERVED
+CVE-2016-1756
+ RESERVED
+CVE-2016-1755
+ RESERVED
+CVE-2016-1754
+ RESERVED
+CVE-2016-1753
+ RESERVED
+CVE-2016-1752
+ RESERVED
+CVE-2016-1751
+ RESERVED
+CVE-2016-1750
+ RESERVED
+CVE-2016-1749
+ RESERVED
+CVE-2016-1748
+ RESERVED
+CVE-2016-1747
+ RESERVED
+CVE-2016-1746
+ RESERVED
+CVE-2016-1745
+ RESERVED
+CVE-2016-1744
+ RESERVED
+CVE-2016-1743
+ RESERVED
+CVE-2016-1742
+ RESERVED
+CVE-2016-1741
+ RESERVED
+CVE-2016-1740
+ RESERVED
+CVE-2016-1739
+ RESERVED
+CVE-2016-1738
+ RESERVED
+CVE-2016-1737
+ RESERVED
+CVE-2016-1736
+ RESERVED
+CVE-2016-1735
+ RESERVED
+CVE-2016-1734
+ RESERVED
+CVE-2016-1733
+ RESERVED
+CVE-2016-1732
+ RESERVED
+CVE-2016-1731
+ RESERVED
+CVE-2016-1730
+ RESERVED
+CVE-2016-1729
+ RESERVED
+CVE-2016-1728
+ RESERVED
+CVE-2016-1727
+ RESERVED
+CVE-2016-1726
+ RESERVED
+CVE-2016-1725
+ RESERVED
+CVE-2016-1724
+ RESERVED
+CVE-2016-1723
+ RESERVED
+CVE-2016-1722
+ RESERVED
+CVE-2016-1721
+ RESERVED
+CVE-2016-1720
+ RESERVED
+CVE-2016-1719
+ RESERVED
+CVE-2016-1718
+ RESERVED
+CVE-2016-1717
+ RESERVED
+CVE-2016-1716
+ RESERVED
CVE-2016-XXXX [Eliminate the fallback from untrusted X11-forwarding to trusted forwarding for cases when the X server disables the SECURITY extension]
- openssh 1:7.1p2-1
NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c
@@ -5,16 +365,19 @@
- openssh 1:7.1p2-1
NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=2fecfd486bdba9f51b3a789277bb0733ca36e1c0
CVE-2016-1898
+ RESERVED
- ffmpeg <unfixed>
[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
- libav <removed>
NOTE: http://habrahabr.ru/company/mailru/blog/274855
CVE-2016-1897
+ RESERVED
- ffmpeg <unfixed>
[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
- libav <removed>
NOTE: http://habrahabr.ru/company/mailru/blog/274855
CVE-2016-1867 [Out-of-bounds Read in the JasPer's jpc_pi_nextcprl() function]
+ RESERVED
- jasper <unfixed>
TODO: check
CVE-2016-1715 (The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 ...)
@@ -364,8 +727,7 @@
NOTE: https://git.kernel.org/linus/635682a14427d241bab7bbdeebb48a7d7b91638e (v4.3-rc4)
NOTE: http://www.openwall.com/lists/oss-security/2016/01/11/4
TODO: check versions
-CVE-2016-1569 [gbak with invalid parameter crashes FireBird]
- RESERVED
+CVE-2016-1569 (FireBird 2.5.5 allows remote authenticated users to cause a denial of ...)
- firebird2.5 2.5.5.26952.ds4-3 (bug #810599)
[jessie] - firebird2.5 <not-affected> (Issue introduced in 2.5.5)
[wheezy] - firebird2.5 <not-affected> (Issue introduced in 2.5.5)
@@ -1028,8 +1390,7 @@
NOTE: Fixed by: https://git.kernel.org/linus/18e3b739fdc826481c6a1335ce0c5b19b3d415da (v4.3-rc1)
NOTE: Fixed as well in v3.16.7-ckt18 (commit: 6a64d8c4c07c176abee384803f28fa1507963369)
NOTE: Introduced by: https://git.kernel.org/linus/ec011fe847347b40c60fdb5085f65227762e2e08 (v3.13-rc1)
-CVE-2016-1494 [signature forgery]
- RESERVED
+CVE-2016-1494 (The verify function in the RSA package for Python (Python-RSA) before ...)
- python-rsa <unfixed> (bug #809980)
NOTE: proposed fix: https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff
NOTE: proposed fix not yet merged
@@ -1037,6 +1398,7 @@
TODO: check
CVE-2015-8604 [SQL Injection in graphs_new.php]
RESERVED
+ {DLA-386-1}
- cacti 0.8.8f+ds1-4
NOTE: http://bugs.cacti.net/view.php?id=2652
NOTE: http://www.openwall.com/lists/oss-security/2016/01/04/8
@@ -2193,40 +2555,40 @@
RESERVED
CVE-2016-0948
RESERVED
-CVE-2016-0947
- RESERVED
-CVE-2016-0946
- RESERVED
-CVE-2016-0945
- RESERVED
-CVE-2016-0944
- RESERVED
-CVE-2016-0943
- RESERVED
-CVE-2016-0942
- RESERVED
-CVE-2016-0941
- RESERVED
-CVE-2016-0940
- RESERVED
-CVE-2016-0939
- RESERVED
-CVE-2016-0938
- RESERVED
-CVE-2016-0937
- RESERVED
-CVE-2016-0936
- RESERVED
-CVE-2016-0935
- RESERVED
-CVE-2016-0934
- RESERVED
-CVE-2016-0933
- RESERVED
-CVE-2016-0932
- RESERVED
-CVE-2016-0931
- RESERVED
+CVE-2016-0947 (Untrusted search path vulnerability in Adobe Download Manager, as used ...)
+ TODO: check
+CVE-2016-0946 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-0945 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-0944 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-0943 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-0942 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-0941 (Use-after-free vulnerability in the Search object implementation in ...)
+ TODO: check
+CVE-2016-0940 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-0939 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-0938 (The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, ...)
+ TODO: check
+CVE-2016-0937 (Use-after-free vulnerability in the OCG object implementation in Adobe ...)
+ TODO: check
+CVE-2016-0936 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-0935 (Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, ...)
+ TODO: check
+CVE-2016-0934 (Use-after-free vulnerability in AGM.dll in Adobe Reader and Acrobat ...)
+ TODO: check
+CVE-2016-0933 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-0932 (Use-after-free vulnerability in the Doc object implementation in Adobe ...)
+ TODO: check
+CVE-2016-0931 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
+ TODO: check
CVE-2015-8660 (The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel ...)
- linux 4.3.3-3
[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -2478,8 +2840,7 @@
RESERVED
- perl <not-affected> (Only affects Perl on Windows)
NOTE: https://rt.perl.org/Public/Bug/Display.html?id=126755
-CVE-2015-8607 [XS File::Spec::canonpath loses taint]
- RESERVED
+CVE-2015-8607 (The canonpath function in the File::Spec module in PathTools before ...)
{DSA-3441-1}
- perl 5.22.1-4 (bug #810719)
[wheezy] - perl <not-affected> (Introduced in 5.20.0)
@@ -2493,7 +2854,7 @@
RESERVED
CVE-2015-8605 [UDP payload length not properly checked]
RESERVED
- {DSA-3442-1}
+ {DSA-3442-1 DLA-385-1}
- isc-dhcp <unfixed> (bug #810875)
NOTE: https://kb.isc.org/article/AA-01334
CVE-2015-8603 (Cross-site scripting (XSS) vulnerability in Serendipity before 2.0.3 ...)
@@ -2741,9 +3102,11 @@
RESERVED
CVE-2016-0778
RESERVED
+ {DSA-3446-1 DLA-387-1}
- openssh 1:7.1p2-1
CVE-2016-0777
RESERVED
+ {DSA-3446-1 DLA-387-1}
- openssh 1:7.1p2-1 (bug #810984)
CVE-2016-0776
RESERVED
@@ -4716,8 +5079,8 @@
[wheezy] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
[squeeze] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
NOTE: https://www.samba.org/samba/security/CVE-2015-8467.html
-CVE-2015-8466
- RESERVED
+CVE-2015-8466 (Swift3 before 1.9 allows remote attackers to conduct replay attacks ...)
+ TODO: check
CVE-2014-9758
RESERVED
CVE-2015-XXXX [uses non-random tempdir /tmp/tmprepo.0/.git/]
More information about the Secure-testing-commits
mailing list