[Secure-testing-commits] r39216 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Tue Jan 26 21:10:26 UTC 2016 

Author: sectracker
Date: 2016-01-26 21:10:26 +0000 (Tue, 26 Jan 2016)
New Revision: 39216

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-26 21:06:28 UTC (rev 39215)
+++ data/CVE/list	2016-01-26 21:10:26 UTC (rev 39216)
@@ -1,3 +1,5 @@
+CVE-2015-8786
+	RESERVED
 CVE-2016-XXXX [out of bound read and write issues]
 	- giflib <unfixed>
 	[jessie] - giflib <no-dsa> (Minor issue)
@@ -10,6 +12,7 @@
 	- libxml2 <unfixed> (bug #812807)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/25/6
 CVE-2016-2070 [division by zero in TCP code]
+	RESERVED
 	- linux <unfixed>
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -75,6 +78,7 @@
 CVE-2015-8780
 	RESERVED
 CVE-2016-2069 [x86 Linux TLB flush bug]
+	RESERVED
 	- linux <unfixed>
 	- linux-2.6 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/25/1
@@ -1928,8 +1932,8 @@
 	RESERVED
 CVE-2016-1299
 	RESERVED
-CVE-2016-1298
-	RESERVED
+CVE-2016-1298 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified ...)
+	TODO: check
 CVE-2016-1297
 	RESERVED
 CVE-2016-1296 (The proxy engine on Cisco Web Security Appliance (WSA) devices with ...)
@@ -1992,9 +1996,11 @@
 	NOTE: Affects: >= 2014.2 <= 2015.1.2, ==12.0.0
 CVE-2015-8748 [Prevent regex injection in rights management]
 	RESERVED
+	{DLA-403-1}
 	- radicale 1.1.1-1 (bug #809920)
 CVE-2015-8747 [The multifilesystem backend allows access to arbitrary files on all platforms]
 	RESERVED
+	{DLA-403-1}
 	- radicale 1.1.1-1 (bug #809920)
 CVE-2015-8746 [when NFSv4 migration is executed, kernel oops occurs at NFS client]
 	RESERVED
@@ -11848,8 +11854,8 @@
 	RESERVED
 CVE-2015-6338
 	RESERVED
-CVE-2015-6337
-	RESERVED
+CVE-2015-6337 (Cross-site scripting (XSS) vulnerability in Cisco Application Policy ...)
+	TODO: check
 CVE-2015-6336 (Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), ...)
 	TODO: check
 CVE-2015-6335 (The policy implementation in Cisco FireSIGHT Management Center ...)

More information about the Secure-testing-commits mailing list