[Secure-testing-commits] r39050 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Wed Jan 20 21:10:18 UTC 2016
Author: sectracker
Date: 2016-01-20 21:10:18 +0000 (Wed, 20 Jan 2016)
New Revision: 39050
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-20 17:14:22 UTC (rev 39049)
+++ data/CVE/list 2016-01-20 21:10:18 UTC (rev 39050)
@@ -1,3 +1,35 @@
+CVE-2016-1926
+ RESERVED
+CVE-2016-1921
+ RESERVED
+CVE-2016-1918
+ RESERVED
+CVE-2016-1917
+ RESERVED
+CVE-2016-1916
+ RESERVED
+CVE-2016-1915
+ RESERVED
+CVE-2016-1914
+ RESERVED
+CVE-2016-1913 (Multiple cross-site scripting (XSS) vulnerabilities in the Redhen ...)
+ TODO: check
+CVE-2016-1912 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ...)
+ TODO: check
+CVE-2016-1911 (Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver ...)
+ TODO: check
+CVE-2016-1910 (The User Management Engine (UME) in SAP NetWeaver 7.4 allows attackers ...)
+ TODO: check
+CVE-2016-1909 (FortiOS 4.x before 4.3.17 and 5.0.x before 5.0.8 has a hardcoded ...)
+ TODO: check
+CVE-2015-8775
+ RESERVED
+CVE-2015-8774
+ RESERVED
+CVE-2015-8773
+ RESERVED
+CVE-2015-8772
+ RESERVED
CVE-2016-XXXX [net: e1000 infinite loop in start_xmit and e1000_receive_iov routines]
- qemu <unfixed>
[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -19,17 +51,22 @@
- imagemagick 8:6.8.9.9-7 (bug #811308)
TODO: check, needs possibly CVEs
CVE-2016-1925 [Improper handling of length parameter inconsitency]
+ RESERVED
- lha <removed> (unimportant)
NOTE: Non-free not supported
CVE-2016-1924 [opj_tgt_reset: AddressSanitizer: SEGV on unknown address]
+ RESERVED
- openjpeg2 <unfixed>
TODO: check
CVE-2016-1923 [opj_j2k_update_image_data: AddressSanitizer: heap-buffer-overflow READ of size 4]
+ RESERVED
- openjpeg2 <unfixed>
TODO: check
CVE-2016-1920 [VPN Man-in-the-Middle due to shared certificate store on KNOX 1.0 / Android 4.3]
+ RESERVED
NOT-FOR-US: KNOX 1.0 / Android 4.3
CVE-2016-1919 [Weak eCryptFS Key generation from user password on KNOX 1.0 / Android 4.3]
+ RESERVED
NOT-FOR-US: KNOX 1.0 / Android 4.3
CVE-2016-1902
RESERVED
@@ -43,8 +80,7 @@
- kubernetes <itp> (bug #795652)
NOTE: https://github.com/kubernetes/kubernetes/issues/19479
NOTE: https://github.com/kubernetes/kubernetes/pull/19481
-CVE-2016-1904 [Heap BufferOver Flow in escapeshell functions]
- RESERVED
+CVE-2016-1904 (Multiple integer overflows in ext/standard/exec.c in PHP 7.x before ...)
- php5 <undetermined>
- php5.6 <undetermined>
- php7.0 7.0.2-1
@@ -52,8 +88,7 @@
NOTE: https://bugs.php.net/bug.php?id=71270
NOTE: https://github.com/php/php-src/commit/2871c70efaaaa0f102557a17c727fd4d5204dd4b
TODO: check
-CVE-2016-1903 [Memory Read via gdImageRotateInterpolated Array Index Out of Bounds]
- RESERVED
+CVE-2016-1903 (The gdImageRotateInterpolated function in ...)
- php5 5.6.17+dfsg-1
- php5.6 5.6.17+dfsg-1
- php7.0 7.0.2-1
@@ -445,6 +480,7 @@
CVE-2016-1716
RESERVED
CVE-2016-1908 [Eliminate the fallback from untrusted X11-forwarding to trusted forwarding for cases when the X server disables the SECURITY extension]
+ RESERVED
- openssh <unfixed>
NOTE: Upstream commit: https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c
NOTE: which needs to be applied after: https://anongit.mindrot.org/openssh.git/commit/?id=f98a09cacff7baad8748c9aa217afd155a4d493f
@@ -452,7 +488,7 @@
NOTE: https://lists.mindrot.org/pipermail/openssh-unix-dev/2016-January/034684.html
NOTE: Red Hat Bugzilla entry: https://bugzilla.redhat.com/show_bug.cgi?id=1298741
TODO: check
-CVE-2016-1907 [Fix an out of-bound read access in the packet handling code]
+CVE-2016-1907 (The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 ...)
- openssh 1:7.1p2-1
[jessie] - openssh <not-affected> (Vulnerable code not present; Introduced in OpenSSH 6.8)
[wheezy] - openssh <not-affected> (Vulnerable code not present; Introduced in OpenSSH 6.8)
@@ -484,22 +520,26 @@
CVE-2016-1712
RESERVED
CVE-2015-8779 [catopen() Multiple unbounded stack allocations]
+ RESERVED
- glibc <unfixed>
- eglibc <removed>
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17905#c0
TODO: check versions
CVE-2015-8778 [hcreate((size_t)-1) should fail with ENOMEM]
+ RESERVED
- glibc <unfixed>
- eglibc <removed>
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18240
TODO: check versions
CVE-2015-8776 [Passing out of range data to strftime() causes a segfault]
+ RESERVED
- glibc <unfixed>
- eglibc <removed>
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18985
NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d36c75fc0d44deec29635dd239b0fbd206ca49b7
TODO: check versions
CVE-2015-8771 [Possibility of code injection when setting passwords for Samba]
+ RESERVED
- gosa 2.7.4+reloaded2-6
NOTE: https://github.com/gosa-project/gosa-core/commit/a67a047cba2cdae8bccb0f0e2bc6d3eb45cfcbc8
CVE-2015-8770 [remote code execution / path traversal]
@@ -791,6 +831,7 @@
RESERVED
CVE-2016-1572 [privilege escalation by overmounting /proc/$pid]
RESERVED
+ {DSA-3450-1 DLA-397-1}
- ecryptfs-utils 106-2
NOTE: https://bugs.launchpad.net/ecryptfs/+bug/1530566
NOTE: https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/870
@@ -1448,14 +1489,14 @@
RESERVED
CVE-2016-1297
RESERVED
-CVE-2016-1296
- RESERVED
-CVE-2016-1295
- RESERVED
-CVE-2016-1294
- RESERVED
-CVE-2016-1293
- RESERVED
+CVE-2016-1296 (The proxy engine on Cisco Web Security Appliance (WSA) devices with ...)
+ TODO: check
+CVE-2016-1295 (Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote ...)
+ TODO: check
+CVE-2016-1294 (Cross-site scripting (XSS) vulnerability in the Management Center in ...)
+ TODO: check
+CVE-2016-1293 (Multiple cross-site scripting (XSS) vulnerabilities in the Management ...)
+ TODO: check
CVE-2016-1292
RESERVED
CVE-2016-1291
@@ -1502,8 +1543,7 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1294264
NOTE: https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697
TODO: check
-CVE-2015-8749 [Xen connection password leak in logs via StorageError]
- RESERVED
+CVE-2015-8749 (The volume_utils._parse_volume_info function in OpenStack Compute ...)
- nova <unfixed>
NOTE: https://launchpad.net/bugs/1516765
NOTE: Affects: >= 2014.2 <= 2015.1.2, ==12.0.0
@@ -1802,11 +1842,13 @@
NOTE: https://github.com/htacg/tidy-html5/issues/341
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/03/4
CVE-2014-9761 [nan function unbounded stack allocation]
+ RESERVED
- glibc <unfixed>
- eglibc <removed>
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=16962
TODO: check versions
CVE-2014-9760 [XSS vulnerability during session log on]
+ RESERVED
- gosa 2.7.4+reloaded1-5
NOTE: Fixed in 2.7.4+reloaded1-3 with follow-up fix in 2.7.4+reloaded1-5
NOTE: https://github.com/gosa-project/gosa-core/commit/e35b990464a2c2cf64d6833a217ed944876e7732
@@ -1861,20 +1903,20 @@
RESERVED
CVE-2016-1263
RESERVED
-CVE-2016-1262
- RESERVED
+CVE-2016-1262 (Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, ...)
+ TODO: check
CVE-2016-1261
RESERVED
-CVE-2016-1260
- RESERVED
+CVE-2016-1260 (Juniper Junos OS before 13.2X51-D36, 14.1X53 before 14.1X53-D25, and ...)
+ TODO: check
CVE-2016-1259
RESERVED
-CVE-2016-1258
- RESERVED
-CVE-2016-1257
- RESERVED
-CVE-2016-1256
- RESERVED
+CVE-2016-1258 (Embedthis Appweb, as used in J-Web in Juniper Junos OS before ...)
+ TODO: check
+CVE-2016-1257 (The Routing Engine in Juniper Junos OS 13.2R5 through 13.2R8, 13.3R1 ...)
+ TODO: check
+CVE-2016-1256 (Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, ...)
+ TODO: check
CVE-2015-8706
RESERVED
CVE-2015-8705 [Problems converting OPT resource records and ECS options to text format can cause BIND to terminate]
@@ -2137,8 +2179,8 @@
RESERVED
CVE-2016-1143
RESERVED
-CVE-2016-1142
- RESERVED
+CVE-2016-1142 (Seeds acmailer before 3.8.21 and 3.9.x before 3.9.15 Beta allows ...)
+ TODO: check
CVE-2016-1141
RESERVED
CVE-2016-1140
@@ -2155,8 +2197,8 @@
RESERVED
CVE-2016-1134
RESERVED
-CVE-2016-1133
- RESERVED
+CVE-2016-1133 (CRLF injection vulnerability in the on_req function in ...)
+ TODO: check
CVE-2016-1132
RESERVED
CVE-2016-1131 (Buffer overflow in the CL_vsprintf function in Takumi Yamada DX ...)
@@ -2179,8 +2221,7 @@
RESERVED
CVE-2015-8689
RESERVED
-CVE-2015-8688 [Message interception due to unverified origin of roster push]
- RESERVED
+CVE-2015-8688 (Gajim before 0.16.5 allows remote attackers to modify the roster and ...)
- gajim <unfixed> (bug #809900)
NOTE: http://gultsch.de/gajim_roster_push_and_message_interception.html
NOTE: https://trac.gajim.org/changeset/af78b7c068904d78c5dfb802826aae99f26a8947/
@@ -2188,8 +2229,7 @@
RESERVED
CVE-2015-8686
RESERVED
-CVE-2015-8685 [Html injection]
- RESERVED
+CVE-2015-8685 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ...)
- dolibarr <unfixed>
NOTE: https://github.com/Dolibarr/dolibarr/issues/4291
NOTE: https://github.com/GPCsolutions/dolibarr/commit/0d3181324c816bdf664ca5e1548dfe8eb05c54f8
@@ -2210,8 +2250,8 @@
RESERVED
CVE-2015-8676
RESERVED
-CVE-2015-8675
- RESERVED
+CVE-2015-8675 (Huawei S5300 Campus Series switches with software before ...)
+ TODO: check
CVE-2015-8674
RESERVED
CVE-2015-8673 (Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing ...)
@@ -2802,13 +2842,11 @@
[squeeze] - t-coffee <not-affected> (version in Squeeze uses system() and umask is handled correctly by sh (as opposed to later versions that use mkdir()))
[wheezy] - t-coffee <no-dsa> (Minor issue)
[jessie] - t-coffee <no-dsa> (Minor issue)
-CVE-2015-8617 [format string vulnerability]
- RESERVED
+CVE-2015-8617 (Format string vulnerability in the zend_throw_or_error function in ...)
- php7.0 7.0.1-1
NOTE: https://bugs.php.net/bug.php?id=71105
NOTE: https://github.com/php/php-src/commit/b101a6bbd4f2181c360bd38e7683df4a03cba83e (php-7.0.2RC1)
-CVE-2015-8616 [Use after free in PHP Collator::sortWithSortKeys function]
- RESERVED
+CVE-2015-8616 (Use-after-free vulnerability in the Collator::sortWithSortKeys ...)
- php7.0 7.0.1-1
NOTE: https://bugs.php.net/bug.php?id=71020
NOTE: http://www.openwall.com/lists/oss-security/2015/12/22/4
@@ -2876,6 +2914,7 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283926
TODO: check affected versions
CVE-2016-1922 [i386: null pointer dereference in vapic_write()]
+ RESERVED
- qemu <unfixed> (bug #811201)
[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
- qemu-kvm <removed>
@@ -4771,8 +4810,8 @@
RESERVED
CVE-2016-0202
RESERVED
-CVE-2016-0201
- RESERVED
+CVE-2016-0201 (GSKit in IBM Security Network Protection 5.3.1 before 5.3.1.7 and ...)
+ TODO: check
CVE-2015-8538 [a out of bound read bug is found in libdwarf]
RESERVED
- dwarfutils <unfixed> (bug #807817)
@@ -7009,8 +7048,8 @@
RESERVED
CVE-2015-7887
RESERVED
-CVE-2015-7886
- RESERVED
+CVE-2015-7886 (NetApp Data ONTAP before 8.2.4P1, when 7-Mode and HTTP access are ...)
+ TODO: check
CVE-2015-7899 (The com_content component in Joomla! 3.x before 3.4.5 does not ...)
- joomla <itp> (bug #571794)
CVE-2015-7883
@@ -8351,14 +8390,14 @@
RESERVED
CVE-2015-7471
RESERVED
-CVE-2015-7470
- RESERVED
-CVE-2015-7469
- RESERVED
-CVE-2015-7468
- RESERVED
-CVE-2015-7467
- RESERVED
+CVE-2015-7470 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
+ TODO: check
+CVE-2015-7469 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
+ TODO: check
+CVE-2015-7468 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
+ TODO: check
+CVE-2015-7467 (Cross-site scripting (XSS) vulnerability in Report Builder in IBM Jazz ...)
+ TODO: check
CVE-2015-7466 (Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 ...)
TODO: check
CVE-2015-7465 (Cross-site request forgery (CSRF) vulnerability in Lifecycle Query ...)
@@ -8463,8 +8502,8 @@
TODO: check
CVE-2015-7415 (Multiple cross-site scripting (XSS) vulnerabilities in IBM UrbanCode ...)
TODO: check
-CVE-2015-7414
- RESERVED
+CVE-2015-7414 (Cross-site scripting (XSS) vulnerability in the GDS component in IBM ...)
+ TODO: check
CVE-2015-7413 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 ...)
NOT-FOR-US: IBM
CVE-2015-7412 (The GatewayScript modules on IBM DataPower Gateways with software ...)
@@ -9791,10 +9830,10 @@
RESERVED
CVE-2015-6865
RESERVED
-CVE-2015-6864
- RESERVED
-CVE-2015-6863
- RESERVED
+CVE-2015-6864 (HPE ArcSight Logger before 6.1P1 allows remote authenticated users to ...)
+ TODO: check
+CVE-2015-6863 (HPE ArcSight Logger before 6.1P1 allows remote attackers to execute ...)
+ TODO: check
CVE-2015-6862 (HPE UCMDB Browser before 4.02 allows remote attackers to obtain ...)
NOT-FOR-US: HPE UCMDB Browser
CVE-2015-6861 (HPE Helion Eucalyptus 3.4.0 through 4.2.0 allows remote authenticated ...)
@@ -9991,8 +10030,7 @@
NOTE: https://bugs.php.net/bug.php?id=69782
NOTE: http://www.openwall.com/lists/oss-security/2015/09/07/5
NOTE: Fixed in 5.5.45 and 5.6.13
-CVE-2015-6836 [SOAP serialize_function_call() type confusion / RCE]
- RESERVED
+CVE-2015-6836 (The SoapClient __call method in ext/soap/soap.c in PHP before 5.4.45, ...)
{DSA-3358-1 DLA-341-1}
- php5 5.6.13+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=70388
@@ -10018,7 +10056,7 @@
RESERVED
- ruby-devise-two-factor 2.0.0-1 (bug #798466)
NOTE: http://www.openwall.com/lists/oss-security/2015/09/06/2
-CVE-2015-8777 [Glibc Pointer guarding weakness]
+CVE-2015-8777 (The process_envvars function in elf/rtld.c in the GNU C Library (aka ...)
{DLA-316-1}
- glibc 2.21-1 (bug #798316; bug #801691)
[jessie] - glibc <no-dsa> (Minor issue)
@@ -10836,8 +10874,7 @@
NOTE: Details on the CVE assignment: http://www.openwall.com/lists/oss-security/2015/08/25/9
NOTE: https://sourceforge.net/p/libpgf/code/147/
NOTE: https://sourceforge.net/p/libpgf/code/148/
-CVE-2015-6527
- RESERVED
+CVE-2015-6527 (The php_str_replace_in_subject function in ext/standard/string.c in ...)
- php5 <not-affected> (Specific to PHP 7)
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=6aeee47b2cd47915ccfa3b41433a3f57aea24dd5
NOTE: https://bugs.php.net/bug.php?id=70140
@@ -10869,15 +10906,13 @@
NOT-FOR-US: pfSense
CVE-2015-6507 (The hdbsql client 1.00.091.00 Build 1418659308-1530 in SAP HANA allows ...)
TODO: check
-CVE-2015-6833 [Files extracted from archive may be placed outside of destination directory]
- RESERVED
+CVE-2015-6833 (Directory traversal vulnerability in the PharData class in PHP before ...)
{DSA-3344-1 DLA-341-1}
- php5 5.6.12+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=70019
NOTE: http://www.openwall.com/lists/oss-security/2015/08/19/3
NOTE: Fixed upstream in 5.4.44 and 5.6.12
-CVE-2015-6831 [vulnerabilities in unserialize]
- RESERVED
+CVE-2015-6831 (Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, ...)
{DSA-3344-1 DLA-341-1}
- php5 5.6.12+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=70169
@@ -10886,8 +10921,7 @@
NOTE: https://bugs.php.net/bug.php?id=70155
NOTE: http://www.openwall.com/lists/oss-security/2015/08/19/3
NOTE: Fixed upstream in 5.4.44 and 5.6.12
-CVE-2015-6832 [Dangling pointer in the unserialization of ArrayObject items]
- RESERVED
+CVE-2015-6832 (Use-after-free vulnerability in the SPL unserialize implementation in ...)
{DSA-3344-1 DLA-341-1}
- php5 5.6.12+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=70068
@@ -13379,8 +13413,7 @@
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/07/18/4
NOTE: http://bugs.cacti.net/view.php?id=2574
NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7731
-CVE-2015-5590 [Buffer overflow and stack smashing error in phar_fix_filepath]
- RESERVED
+CVE-2015-5590 (Stack-based buffer overflow in the phar_fix_filepath function in ...)
{DSA-3344-1 DLA-307-1}
- php5 5.6.11+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69923
@@ -15056,10 +15089,10 @@
NOT-FOR-US: IBM
CVE-2015-5010
RESERVED
-CVE-2015-5009
- RESERVED
-CVE-2015-5008
- RESERVED
+CVE-2015-5009 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 ...)
+ TODO: check
+CVE-2015-5008 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 ...)
+ TODO: check
CVE-2015-5007 (Cross-site request forgery (CSRF) vulnerability in IBM WebSphere ...)
TODO: check
CVE-2015-5006 (IBM Java Security Components in IBM SDK, Java Technology Edition 8 ...)
@@ -15070,8 +15103,8 @@
TODO: check
CVE-2015-5003 (The portal in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 ...)
TODO: check
-CVE-2015-5002
- RESERVED
+CVE-2015-5002 (Cross-site scripting (XSS) vulnerability in IBM Host On-Demand 11.0 ...)
+ TODO: check
CVE-2015-5001 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
TODO: check
CVE-2015-5000
@@ -15098,8 +15131,8 @@
TODO: check
CVE-2015-4989 (The portal in IBM Tealeaf Customer Experience before 8.7.1.8814, 8.8 ...)
TODO: check
-CVE-2015-4988
- RESERVED
+CVE-2015-4988 (Directory traversal vulnerability in the replay server in IBM Tealeaf ...)
+ TODO: check
CVE-2015-4987
RESERVED
CVE-2015-4986
@@ -15154,12 +15187,12 @@
TODO: check
CVE-2015-4961
RESERVED
-CVE-2015-4960
- RESERVED
-CVE-2015-4959
- RESERVED
-CVE-2015-4958
- RESERVED
+CVE-2015-4960 (IBM InfoSphere Master Data Management - Collaborative Edition 9.1, ...)
+ TODO: check
+CVE-2015-4959 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated ...)
+ TODO: check
+CVE-2015-4958 (IBM InfoSphere Master Data Management - Collaborative Edition 9.1, ...)
+ TODO: check
CVE-2015-4957
RESERVED
CVE-2015-4956
@@ -15172,8 +15205,8 @@
RESERVED
CVE-2015-4952
RESERVED
-CVE-2015-4951
- RESERVED
+CVE-2015-4951 (Client Acceptor Daemon (CAD) in the client in IBM Spectrum Protect ...)
+ TODO: check
CVE-2015-4950 (The mailbox-restore feature in IBM Tivoli Storage Manager for Mail: ...)
NOT-FOR-US: IBM
CVE-2015-4949 (IBM Tivoli Storage Manager for Databases: Data Protection for ...)
@@ -15190,8 +15223,8 @@
NOT-FOR-US: IBM
CVE-2015-4943 (IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to ...)
TODO: check
-CVE-2015-4942
- RESERVED
+CVE-2015-4942 (IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to ...)
+ TODO: check
CVE-2015-4941 (IBM WebSphere MQ Light 1.x before 1.0.2 mishandles abbreviated TLS ...)
TODO: check
CVE-2015-4940 (Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x ...)
More information about the Secure-testing-commits
mailing list