[Secure-testing-commits] r40281 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Wed Mar 9 21:10:13 UTC 2016
Author: sectracker
Date: 2016-03-09 21:10:13 +0000 (Wed, 09 Mar 2016)
New Revision: 40281
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-09 21:09:39 UTC (rev 40280)
+++ data/CVE/list 2016-03-09 21:10:13 UTC (rev 40281)
@@ -1,3 +1,5 @@
+CVE-2016-2859
+ RESERVED
CVE-2016-XXXX [Information leakage issue in the sanitycheck module]
- simplesamlphp 1.14.1-1 (bug #817162)
[jessie] - simplesamlphp <no-dsa> (Minor issue)
@@ -12,6 +14,7 @@
RESERVED
CVE-2016-2851
RESERVED
+ {DSA-3512-1}
- libotr <unfixed>
NOTE: https://lists.cypherpunks.ca/pipermail/otr-announce/2016-March/000062.html
NOTE: https://www.x41-dsec.de/lab/advisories/x41-2016-001-libotr/
@@ -185,66 +188,79 @@
RESERVED
CVE-2016-2802
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2801
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2800
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2799
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2798
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2797
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2796
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2795
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2794
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2793
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2792
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2791
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2790
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
@@ -332,8 +348,7 @@
RESERVED
CVE-2016-2775
RESERVED
-CVE-2016-2774 [An attacker who is allowed to connect to DHCP inter-server communications and control channels can exhaust server resources]
- RESERVED
+CVE-2016-2774 (ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 ...)
- isc-dhcp <unfixed> (bug #817158)
NOTE: https://kb.isc.org/article/AA-01354
CVE-2016-2773
@@ -2296,7 +2311,7 @@
RESERVED
- libapache2-mod-auth-mellon 0.12.0-1
CVE-2016-2144
- RESERVED
+ REJECTED
CVE-2016-2143
RESERVED
CVE-2016-2142
@@ -2395,6 +2410,7 @@
RESERVED
CVE-2016-2098 [Possible remote code execution vulnerability in Action Pack]
RESERVED
+ {DSA-3509-1}
- rails 2:4.2.5.2-1
[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
[squeeze] - rails <end-of-life> (Not supported in Squeeze LTS)
@@ -2406,6 +2422,7 @@
TODO: check
CVE-2016-2097
RESERVED
+ {DSA-3509-1}
- rails 2:4.2.5.2-1
[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
[squeeze] - rails <end-of-life> (Not supported in Squeeze LTS)
@@ -2570,8 +2587,8 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/01/29/2
NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=fc3d8e1138cd0c843d6fd75272633a31be6554ef (v2.3.0-rc2)
CVE-2016-2088
+ RESERVED
- bind9 <not-affected> (Introduced in Bind 9.10)
- RESERVED
CVE-2016-2087
RESERVED
CVE-2016-2086
@@ -2960,6 +2977,7 @@
- nss 2:3.21-1
CVE-2016-1977
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
@@ -2971,6 +2989,7 @@
- iceweasel <not-affected> (Windows-specific)
CVE-2016-1974
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/
CVE-2016-1973
@@ -3007,14 +3026,17 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-29/
CVE-2016-1966
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/
CVE-2016-1965
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/
CVE-2016-1964
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/
CVE-2016-1963
@@ -3025,14 +3047,17 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-26/
CVE-2016-1962
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/
CVE-2016-1961
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/
CVE-2016-1960
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/
CVE-2016-1959
@@ -3043,10 +3068,12 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-22/
CVE-2016-1958
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/
CVE-2016-1957
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/
CVE-2016-1956
@@ -3063,6 +3090,7 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/
CVE-2016-1954
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/
CVE-2016-1953
@@ -3073,12 +3101,14 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/
CVE-2016-1952
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/
CVE-2016-1951
RESERVED
CVE-2016-1950
RESERVED
+ {DSA-3510-1}
- iceweasel <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/
- nss 2:3.23-1
@@ -4907,11 +4937,13 @@
CVE-2016-1287 (Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA ...)
NOT-FOR-US: Cisco ASA
CVE-2016-1286
+ RESERVED
+ {DSA-3511-1}
- bind9 <unfixed>
+CVE-2016-1285
RESERVED
-CVE-2016-1285
+ {DSA-3511-1}
- bind9 <unfixed>
- RESERVED
CVE-2016-1284 (rdataset.c in ISC BIND 9 Supported Preview Edition 9.9.8-S before ...)
- bind9 <not-affected> (Only Supported Preview Edition/Subscription Edition)
NOTE: https://kb.isc.org/article/AA-01348
@@ -6085,12 +6117,12 @@
RESERVED
CVE-2016-1010
RESERVED
-CVE-2016-1009
- RESERVED
-CVE-2016-1008
- RESERVED
-CVE-2016-1007
- RESERVED
+CVE-2016-1009 (Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1008 (Untrusted search path vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1007 (Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC ...)
+ TODO: check
CVE-2016-1006
RESERVED
CVE-2016-1005
@@ -6195,8 +6227,8 @@
NOT-FOR-US: Apache Sling
CVE-2016-0955 (Cross-site scripting (XSS) vulnerability in Adobe Experience Manager ...)
NOT-FOR-US: Adobe
-CVE-2016-0954
- RESERVED
+CVE-2016-0954 (Adobe Digital Editions before 4.5.1 allows attackers to execute ...)
+ TODO: check
CVE-2016-0953 (Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before ...)
NOT-FOR-US: Adobe
CVE-2016-0952 (Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before ...)
@@ -8725,102 +8757,102 @@
RESERVED
CVE-2016-0135
RESERVED
-CVE-2016-0134
- RESERVED
-CVE-2016-0133
- RESERVED
-CVE-2016-0132
- RESERVED
+CVE-2016-0134 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+ TODO: check
+CVE-2016-0133 (The USB Mass Storage Class driver in Microsoft Windows Vista SP2, ...)
+ TODO: check
+CVE-2016-0132 (Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and ...)
+ TODO: check
CVE-2016-0131
RESERVED
-CVE-2016-0130
- RESERVED
-CVE-2016-0129
- RESERVED
+CVE-2016-0130 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+ TODO: check
+CVE-2016-0129 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+ TODO: check
CVE-2016-0128
RESERVED
CVE-2016-0127
RESERVED
CVE-2016-0126
RESERVED
-CVE-2016-0125
- RESERVED
-CVE-2016-0124
- RESERVED
-CVE-2016-0123
- RESERVED
+CVE-2016-0125 (Microsoft Edge mishandles the Referer policy, which allows remote ...)
+ TODO: check
+CVE-2016-0124 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+ TODO: check
+CVE-2016-0123 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+ TODO: check
CVE-2016-0122
RESERVED
-CVE-2016-0121
- RESERVED
-CVE-2016-0120
- RESERVED
+CVE-2016-0121 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
+ TODO: check
+CVE-2016-0120 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
+ TODO: check
CVE-2016-0119
RESERVED
-CVE-2016-0118
- RESERVED
-CVE-2016-0117
- RESERVED
-CVE-2016-0116
- RESERVED
+CVE-2016-0118 (The PDF library in Microsoft Windows 10 Gold and 1511 allows remote ...)
+ TODO: check
+CVE-2016-0117 (The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and ...)
+ TODO: check
+CVE-2016-0116 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
+ TODO: check
CVE-2016-0115
RESERVED
-CVE-2016-0114
- RESERVED
-CVE-2016-0113
- RESERVED
-CVE-2016-0112
- RESERVED
-CVE-2016-0111
- RESERVED
-CVE-2016-0110
- RESERVED
-CVE-2016-0109
- RESERVED
-CVE-2016-0108
- RESERVED
-CVE-2016-0107
- RESERVED
-CVE-2016-0106
- RESERVED
-CVE-2016-0105
- RESERVED
-CVE-2016-0104
- RESERVED
-CVE-2016-0103
- RESERVED
-CVE-2016-0102
- RESERVED
-CVE-2016-0101
- RESERVED
-CVE-2016-0100
- RESERVED
-CVE-2016-0099
- RESERVED
-CVE-2016-0098
- RESERVED
+CVE-2016-0114 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
+CVE-2016-0113 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2016-0112 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2016-0111 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+ TODO: check
+CVE-2016-0110 (Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow ...)
+ TODO: check
+CVE-2016-0109 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+ TODO: check
+CVE-2016-0108 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
+CVE-2016-0107 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2016-0106 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
+CVE-2016-0105 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+ TODO: check
+CVE-2016-0104 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+ TODO: check
+CVE-2016-0103 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
+CVE-2016-0102 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+ TODO: check
+CVE-2016-0101 (Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, ...)
+ TODO: check
+CVE-2016-0100 (Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle library ...)
+ TODO: check
+CVE-2016-0099 (The Secondary Logon Service in Microsoft Windows Vista SP2, Windows ...)
+ TODO: check
+CVE-2016-0098 (Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, ...)
+ TODO: check
CVE-2016-0097
RESERVED
-CVE-2016-0096
- RESERVED
-CVE-2016-0095
- RESERVED
-CVE-2016-0094
- RESERVED
-CVE-2016-0093
- RESERVED
-CVE-2016-0092
- RESERVED
-CVE-2016-0091
- RESERVED
+CVE-2016-0096 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
+ TODO: check
+CVE-2016-0095 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
+ TODO: check
+CVE-2016-0094 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
+ TODO: check
+CVE-2016-0093 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
+ TODO: check
+CVE-2016-0092 (OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 ...)
+ TODO: check
+CVE-2016-0091 (OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 ...)
+ TODO: check
CVE-2016-0090
RESERVED
CVE-2016-0089
RESERVED
CVE-2016-0088
RESERVED
-CVE-2016-0087
- RESERVED
+CVE-2016-0087 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and ...)
+ TODO: check
CVE-2016-0086
RESERVED
CVE-2016-0085
@@ -8879,8 +8911,8 @@
NOT-FOR-US: Microsoft
CVE-2016-0058 (Buffer overflow in the PDF Library in Microsoft Windows 8.1, Windows ...)
NOT-FOR-US: Microsoft
-CVE-2016-0057
- RESERVED
+CVE-2016-0057 (Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 does not ...)
+ TODO: check
CVE-2016-0056 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
NOT-FOR-US: Microsoft
CVE-2016-0055 (Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary ...)
@@ -8951,8 +8983,8 @@
RESERVED
CVE-2016-0022 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
NOT-FOR-US: Microsoft
-CVE-2016-0021
- RESERVED
+CVE-2016-0021 (Microsoft InfoPath 2007 SP3, 2010 SP2, and 2013 SP1 allows remote ...)
+ TODO: check
CVE-2016-0020 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and ...)
NOT-FOR-US: Microsoft
CVE-2016-0019 (The Remote Desktop Protocol (RDP) service implementation in Microsoft ...)
More information about the Secure-testing-commits
mailing list