[Secure-testing-commits] r42557 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Wed Jun 15 21:10:10 UTC 2016 

Author: sectracker
Date: 2016-06-15 21:10:10 +0000 (Wed, 15 Jun 2016)
New Revision: 42557

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-06-15 15:01:48 UTC (rev 42556)
+++ data/CVE/list	2016-06-15 21:10:10 UTC (rev 42557)
@@ -1,4 +1,7 @@
+CVE-2016-5433
+	RESERVED
 CVE-2016-5434
+	RESERVED
 	NOT-FOR-US: libalpm (Arch Linux Package Management (ALPM) library)
 CVE-2016-5432
 	RESERVED
@@ -130,12 +133,12 @@
 	RESERVED
 CVE-2016-5368
 	RESERVED
-CVE-2016-5367
-	RESERVED
-CVE-2016-5366
-	RESERVED
-CVE-2016-5365
-	RESERVED
+CVE-2016-5367 (Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow ...)
+	TODO: check
+CVE-2016-5366 (Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow ...)
+	TODO: check
+CVE-2016-5365 (Stack-based buffer overflow in Huawei Honor WS851 routers with ...)
+	TODO: check
 CVE-2016-5364
 	RESERVED
 	{DLA-512-1}
@@ -188,8 +191,7 @@
 	- haproxy 1.6.5-2 (bug #826869)
 	[jessie] - haproxy <not-affected> (Issue introduced in 1.6.0)
 	NOTE: Fixed by: http://git.haproxy.org/?p=haproxy-1.6.git;a=commit;h=60f01f8c89e4fb2723d5a9f2046286e699567e0b
-CVE-2016-5338 [scsi: esp: OOB r/w access while processing ESP_FIFO]
-	RESERVED
+CVE-2016-5338 (The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c ...)
 	- qemu 1:2.6+dfsg-2 (bug #827024)
 	[jessie] - qemu <no-dsa> (Minor issue)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -198,8 +200,7 @@
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1343323
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01507.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ff589551c8e8e9e95e211b9d8daafb4ed39f1aec
-CVE-2016-5337 [scsi: megasas: information leakage in megasas_ctrl_get_info]
-	RESERVED
+CVE-2016-5337 (The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows ...)
 	- qemu 1:2.6+dfsg-2 (bug #827026)
 	[jessie] - qemu <no-dsa> (Minor issue)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -761,8 +762,7 @@
 	- graphicsmagick 1.3.24-1
 	- imagemagick <unfixed>
 	NOTE: http://git.imagemagick.org/repos/ImageMagick/commit/70a2cf326ed32bedee144b961005c63846541a16
-CVE-2016-5238 [scsi: esp: OOB write when using non-DMA mode in get_cmd]
-	RESERVED
+CVE-2016-5238 (The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest ...)
 	- qemu 1:2.6+dfsg-3 (bug #826152)
 	[jessie] - qemu <no-dsa> (Minor issue)
 	[wheezy] - qemu <no-dsa> (Minor issue)

More information about the Secure-testing-commits mailing list