[Secure-testing-commits] r41430 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Wed May 4 21:10:11 UTC 2016
Author: sectracker
Date: 2016-05-04 21:10:10 +0000 (Wed, 04 May 2016)
New Revision: 41430
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-04 20:54:06 UTC (rev 41429)
+++ data/CVE/list 2016-05-04 21:10:10 UTC (rev 41430)
@@ -1,3 +1,119 @@
+CVE-2016-4484
+ RESERVED
+CVE-2016-4481
+ RESERVED
+CVE-2016-4480
+ RESERVED
+CVE-2016-4479
+ RESERVED
+CVE-2016-4475
+ RESERVED
+CVE-2016-4474
+ RESERVED
+CVE-2016-4473
+ RESERVED
+CVE-2016-4472
+ RESERVED
+CVE-2016-4471
+ RESERVED
+CVE-2016-4470
+ RESERVED
+CVE-2016-4469
+ RESERVED
+CVE-2016-4468
+ RESERVED
+CVE-2016-4467
+ RESERVED
+CVE-2016-4466
+ RESERVED
+CVE-2016-4465
+ RESERVED
+CVE-2016-4464
+ RESERVED
+CVE-2016-4463
+ RESERVED
+CVE-2016-4462
+ RESERVED
+CVE-2016-4461
+ RESERVED
+CVE-2016-4460
+ RESERVED
+CVE-2016-4459
+ RESERVED
+CVE-2016-4458
+ RESERVED
+CVE-2016-4457
+ RESERVED
+CVE-2016-4456
+ RESERVED
+CVE-2016-4455
+ RESERVED
+CVE-2016-4454
+ RESERVED
+CVE-2016-4453
+ RESERVED
+CVE-2016-4452
+ RESERVED
+CVE-2016-4451
+ RESERVED
+CVE-2016-4450
+ RESERVED
+CVE-2016-4449
+ RESERVED
+CVE-2016-4448
+ RESERVED
+CVE-2016-4447
+ RESERVED
+CVE-2016-4446
+ RESERVED
+CVE-2016-4445
+ RESERVED
+CVE-2016-4444
+ RESERVED
+CVE-2016-4443
+ RESERVED
+CVE-2016-4442
+ RESERVED
+CVE-2016-4441
+ RESERVED
+CVE-2016-4440
+ RESERVED
+CVE-2016-4439
+ RESERVED
+CVE-2016-4438
+ RESERVED
+CVE-2016-4437
+ RESERVED
+CVE-2016-4436
+ RESERVED
+CVE-2016-4435
+ RESERVED
+CVE-2016-4434
+ RESERVED
+CVE-2016-4433
+ RESERVED
+CVE-2016-4432
+ RESERVED
+CVE-2016-4431
+ RESERVED
+CVE-2016-4430
+ RESERVED
+CVE-2016-4429
+ RESERVED
+CVE-2016-4428
+ RESERVED
+CVE-2016-4427
+ RESERVED
+CVE-2016-4426
+ RESERVED
+CVE-2016-4424
+ RESERVED
+CVE-2016-4423
+ RESERVED
+CVE-2015-8870
+ RESERVED
+CVE-2013-7455
+ RESERVED
CVE-2016-XXXX [XSS]
- dotclear <unfixed>
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/05/04/9
@@ -2,11 +118,15 @@
CVE-2016-4482 [information leak in devio]
+ RESERVED
- linux <unfixed>
NOTE: http://www.spinics.net/lists/linux-usb/msg140243.html
NOTE: http://www.openwall.com/lists/oss-security/2016/05/04/2
CVE-2016-4483
+ RESERVED
- libxml2 <unfixed> (bug #823405)
CVE-2016-4477
+ RESERVED
- wpa <unfixed> (bug #823411)
NOTE: http://w1.fi/security/2016-1/
CVE-2016-4476
+ RESERVED
- wpa <unfixed> (bug #823411)
@@ -132,6 +252,7 @@
CVE-2016-4350
RESERVED
CVE-2014-9773 [A remote attacker could change Atheme's behavior by registering/dropping certain accounts/nicks]
+ RESERVED
- atheme-services 7.0.7-2
[jessie] - atheme-services <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/atheme/atheme/issues/397
@@ -139,16 +260,19 @@
NOTE: Introduced in: https://github.com/atheme/atheme/commit/5c734f28068cf47b9b450af4dcf37195734b15be
NOTE: http://www.openwall.com/lists/oss-security/2016/05/02/2
CVE-2016-4478 [denial of service due to a buffer overflow in the XMLRPC response encoding code]
+ RESERVED
- atheme-services 7.0.7-2
NOTE: https://github.com/atheme/atheme/commit/87580d767868360d2fed503980129504da84b63e
NOTE: http://www.openwall.com/lists/oss-security/2016/05/02/2
CVE-2016-4425 [stack exhaustion parsing a JSON file]
+ RESERVED
- jansson <unfixed> (bug #823238)
NOTE: https://github.com/akheron/jansson/issues/282
NOTE: https://github.com/akheron/jansson/pull/284
NOTE: http://www.openwall.com/lists/oss-security/2016/05/01/5
CVE-2016-4422 [local root privilege escalation]
RESERVED
+ {DSA-3567-1}
- libpam-sshauth 0.4.1-2
NOTE: Introduced in: https://bazaar.launchpad.net/~ltsp-upstream/ltsp/libpam-sshauth/revision/93/src/pam_sshauth.c
NOTE: Fixed in: https://bazaar.launchpad.net/~ltsp-upstream/ltsp/libpam-sshauth/revision/114
@@ -166,6 +290,7 @@
NOT-FOR-US: Cisco
CVE-2016-4352 [Mplayer/Mencoder integer overflow parsing gif files]
RESERVED
+ {DLA-457-1}
- mplayer <unfixed>
- mplayer2 <removed>
NOTE: https://trac.mplayerhq.hu/ticket/2295
@@ -6324,7 +6449,6 @@
RESERVED
CVE-2016-2176 [EBCDIC overread]
RESERVED
- {DSA-3566-1 DLA-456-1}
- openssl <not-affected> (Only applies to EBCDIC systems)
NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=ea96ad5a206b7b5f25dad230333e8ff032df3219
NOTE: https://www.openssl.org/news/secadv/20160503.txt
@@ -10767,14 +10891,14 @@
RESERVED
CVE-2016-0896
RESERVED
-CVE-2016-0895
- RESERVED
-CVE-2016-0894
- RESERVED
-CVE-2016-0893
- RESERVED
-CVE-2016-0892
- RESERVED
+CVE-2016-0895 (EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers ...)
+ TODO: check
+CVE-2016-0894 (EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote ...)
+ TODO: check
+CVE-2016-0893 (EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote ...)
+ TODO: check
+CVE-2016-0892 (Cross-site scripting (XSS) vulnerability in EMC RSA Data Loss ...)
+ TODO: check
CVE-2016-0891 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
NOT-FOR-US: EMC ViPR SRM
CVE-2016-0890
More information about the Secure-testing-commits
mailing list