[Secure-testing-commits] r43683 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Sun Jul 31 21:10:14 UTC 2016
Author: sectracker
Date: 2016-07-31 21:10:14 +0000 (Sun, 31 Jul 2016)
New Revision: 43683
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-31 20:48:42 UTC (rev 43682)
+++ data/CVE/list 2016-07-31 21:10:14 UTC (rev 43683)
@@ -4432,38 +4432,49 @@
CVE-2016-5138
RESERVED
CVE-2016-5137 (The CSPSource::schemeMatches function in ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-5136 (Use-after-free vulnerability in ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-5135 (WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-5134 (net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC) feature in ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-5133 (Google Chrome before 52.0.2743.82 mishandles origin information during ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-5132 (The Service Workers subsystem in Google Chrome before 52.0.2743.82 ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-5131 (Use-after-free vulnerability in libxml2 through 2.9.4, as used in ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- libxml2 <undetermined>
TODO: check libxml2
CVE-2016-5130 (content/renderer/history_controller.cc in Google Chrome before ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-5129 (Google V8 before 5.2.361.32, as used in Google Chrome before ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-5128 (objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-5127 (Use-after-free vulnerability in ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2015-8899 (Dnsmasq before 2.76 allows remote servers to cause a denial of service ...)
@@ -9210,6 +9221,7 @@
CVE-2016-3607 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
- glassfish <not-affected> (Full application server not packaged)
CVE-2016-3606 (Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE ...)
+ {DLA-579-1}
- openjdk-8 8u102-b14-1
[experimental] - openjdk-7 7u111-2.6.7-1
- openjdk-7 <removed>
@@ -9327,6 +9339,7 @@
CVE-2016-3551
RESERVED
CVE-2016-3550 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and ...)
+ {DLA-579-1}
- openjdk-8 8u102-b14-1
[experimental] - openjdk-7 7u111-2.6.7-1
- openjdk-7 <removed>
@@ -9422,6 +9435,7 @@
CVE-2016-3509 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
TODO: check
CVE-2016-3508 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; ...)
+ {DLA-579-1}
- openjdk-8 8u102-b14-1
[experimental] - openjdk-7 7u111-2.6.7-1
- openjdk-7 <removed>
@@ -9445,6 +9459,7 @@
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
CVE-2016-3500 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; ...)
+ {DLA-579-1}
- openjdk-8 8u102-b14-1
[experimental] - openjdk-7 7u111-2.6.7-1
- openjdk-7 <removed>
@@ -9550,6 +9565,7 @@
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
CVE-2016-3458 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; ...)
+ {DLA-579-1}
- openjdk-8 8u102-b14-1
[experimental] - openjdk-7 7u111-2.6.7-1
- openjdk-7 <removed>
@@ -15384,26 +15400,34 @@
CVE-2015-8769 (SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows ...)
- joomla <itp> (bug #571794)
CVE-2016-1711 (WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-1710 (The ChromeClientImpl::createWindow method in ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-1709 (Heap-based buffer overflow in the ByteArray::Get method in ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-1708 (The Chrome Web Store inline-installation implementation in the ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-1707 (ios/web/web_state/ui/crw_web_controller.mm in Google Chrome before ...)
+ {DSA-3637-1}
- chromium-browser <not-affected> (Only affects chromium-browser on iOS)
CVE-2016-1706 (The PPAPI implementation in Google Chrome before 52.0.2743.82 does not ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-1705 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-1704 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+ {DSA-3637-1}
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-1703 (Multiple unspecified vulnerabilities in Google Chrome before ...)
More information about the Secure-testing-commits
mailing list