[Secure-testing-commits] r40528 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Tue Mar 22 21:10:14 UTC 2016 

Author: sectracker
Date: 2016-03-22 21:10:14 +0000 (Tue, 22 Mar 2016)
New Revision: 40528

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-03-22 20:09:25 UTC (rev 40527)
+++ data/CVE/list	2016-03-22 21:10:14 UTC (rev 40528)
@@ -1,3 +1,25 @@
+CVE-2016-3630
+	RESERVED
+CVE-2016-3629
+	RESERVED
+CVE-2016-3628
+	RESERVED
+CVE-2016-3626
+	RESERVED
+CVE-2016-3625
+	RESERVED
+CVE-2016-3624
+	RESERVED
+CVE-2016-3623
+	RESERVED
+CVE-2016-3622
+	RESERVED
+CVE-2016-3621
+	RESERVED
+CVE-2016-3620
+	RESERVED
+CVE-2016-3619
+	RESERVED
 CVE-2016-3618
 	RESERVED
 CVE-2016-3617
@@ -5,6 +27,7 @@
 CVE-2016-3616
 	RESERVED
 CVE-2016-3627 [stack exhaustion in libxml2 parsing xml files in recover mode]
+	RESERVED
 	- libxml2 <unfixed> (bug #819006)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/21/3
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=762100
@@ -1598,15 +1621,13 @@
 	- cacti <unfixed> (bug #818647)
 	NOTE: http://bugs.cacti.net/view.php?id=2667
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/13
-CVE-2016-3116 [Validate X11 forwarding input]
-	RESERVED
+CVE-2016-3116 (CRLF injection vulnerability in Dropbear SSH before 2016.72 allows ...)
 	- dropbear 2016.72-1
 	[jessie] - dropbear <no-dsa> (Minor issue)
 	[wheezy] - dropbear <no-dsa> (Minor issue)
 	NOTE: https://matt.ucc.asn.au/dropbear/CHANGES
 	NOTE: Fixed in 2016.72 upstream
-CVE-2016-3115 [xauth command injection]
-	RESERVED
+CVE-2016-3115 (Multiple CRLF injection vulnerabilities in session.c in sshd in ...)
 	- openssh 1:7.2p2-1
 	[jessie] - openssh <no-dsa> (Minor issue)
 	[wheezy] - openssh <no-dsa> (Minor issue)
@@ -3751,7 +3772,7 @@
 	RESERVED
 CVE-2014-9766 [create_bits(): Cast the result of height * stride to size_t]
 	RESERVED
-	{DLA-429-1}
+	{DSA-3525-1 DLA-429-1}
 	- pixman 0.32.6-1
 	NOTE: https://lists.freedesktop.org/archives/pixman/2014-April/003244.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=972647
@@ -4661,11 +4682,9 @@
 	RESERVED
 CVE-2016-1999
 	RESERVED
-CVE-2016-1998
-	RESERVED
+CVE-2016-1998 (HPE Service Manager (SM) 9.3x before 9.35 P4 and 9.4x before 9.41.P2 ...)
 	NOT-FOR-US: HPE Service Manager
-CVE-2016-1997
-	RESERVED
+CVE-2016-1997 (HPE Operations Orchestration 10.x before 10.51 and Operations ...)
 	NOT-FOR-US: HP Operations Orchestration
 CVE-2016-1996 (HPE System Management Homepage before 7.5.4 allows local users to ...)
 	NOT-FOR-US: HPE System Management Homepage
@@ -14128,8 +14147,8 @@
 	NOT-FOR-US: IBM
 CVE-2015-7455 (IBM WebSphere Portal 7.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 ...)
 	NOT-FOR-US: IBM
-CVE-2015-7454
-	RESERVED
+CVE-2015-7454 (Business Space in IBM WebSphere Process Server 6.1.2.0 through 7.0.0.5 ...)
+	TODO: check
 CVE-2015-7453
 	RESERVED
 CVE-2015-7452 (IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before ...)

More information about the Secure-testing-commits mailing list