[Secure-testing-commits] r41689 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu May 12 21:10:12 UTC 2016
Author: sectracker
Date: 2016-05-12 21:10:12 +0000 (Thu, 12 May 2016)
New Revision: 41689
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-12 20:04:42 UTC (rev 41688)
+++ data/CVE/list 2016-05-12 21:10:12 UTC (rev 41689)
@@ -1,3 +1,419 @@
+CVE-2016-4785
+ RESERVED
+CVE-2016-4784
+ RESERVED
+CVE-2016-4783
+ RESERVED
+CVE-2016-4782
+ RESERVED
+CVE-2016-4781
+ RESERVED
+CVE-2016-4780
+ RESERVED
+CVE-2016-4779
+ RESERVED
+CVE-2016-4778
+ RESERVED
+CVE-2016-4777
+ RESERVED
+CVE-2016-4776
+ RESERVED
+CVE-2016-4775
+ RESERVED
+CVE-2016-4774
+ RESERVED
+CVE-2016-4773
+ RESERVED
+CVE-2016-4772
+ RESERVED
+CVE-2016-4771
+ RESERVED
+CVE-2016-4770
+ RESERVED
+CVE-2016-4769
+ RESERVED
+CVE-2016-4768
+ RESERVED
+CVE-2016-4767
+ RESERVED
+CVE-2016-4766
+ RESERVED
+CVE-2016-4765
+ RESERVED
+CVE-2016-4764
+ RESERVED
+CVE-2016-4763
+ RESERVED
+CVE-2016-4762
+ RESERVED
+CVE-2016-4761
+ RESERVED
+CVE-2016-4760
+ RESERVED
+CVE-2016-4759
+ RESERVED
+CVE-2016-4758
+ RESERVED
+CVE-2016-4757
+ RESERVED
+CVE-2016-4756
+ RESERVED
+CVE-2016-4755
+ RESERVED
+CVE-2016-4754
+ RESERVED
+CVE-2016-4753
+ RESERVED
+CVE-2016-4752
+ RESERVED
+CVE-2016-4751
+ RESERVED
+CVE-2016-4750
+ RESERVED
+CVE-2016-4749
+ RESERVED
+CVE-2016-4748
+ RESERVED
+CVE-2016-4747
+ RESERVED
+CVE-2016-4746
+ RESERVED
+CVE-2016-4745
+ RESERVED
+CVE-2016-4744
+ RESERVED
+CVE-2016-4743
+ RESERVED
+CVE-2016-4742
+ RESERVED
+CVE-2016-4741
+ RESERVED
+CVE-2016-4740
+ RESERVED
+CVE-2016-4739
+ RESERVED
+CVE-2016-4738
+ RESERVED
+CVE-2016-4737
+ RESERVED
+CVE-2016-4736
+ RESERVED
+CVE-2016-4735
+ RESERVED
+CVE-2016-4734
+ RESERVED
+CVE-2016-4733
+ RESERVED
+CVE-2016-4732
+ RESERVED
+CVE-2016-4731
+ RESERVED
+CVE-2016-4730
+ RESERVED
+CVE-2016-4729
+ RESERVED
+CVE-2016-4728
+ RESERVED
+CVE-2016-4727
+ RESERVED
+CVE-2016-4726
+ RESERVED
+CVE-2016-4725
+ RESERVED
+CVE-2016-4724
+ RESERVED
+CVE-2016-4723
+ RESERVED
+CVE-2016-4722
+ RESERVED
+CVE-2016-4721
+ RESERVED
+CVE-2016-4720
+ RESERVED
+CVE-2016-4719
+ RESERVED
+CVE-2016-4718
+ RESERVED
+CVE-2016-4717
+ RESERVED
+CVE-2016-4716
+ RESERVED
+CVE-2016-4715
+ RESERVED
+CVE-2016-4714
+ RESERVED
+CVE-2016-4713
+ RESERVED
+CVE-2016-4712
+ RESERVED
+CVE-2016-4711
+ RESERVED
+CVE-2016-4710
+ RESERVED
+CVE-2016-4709
+ RESERVED
+CVE-2016-4708
+ RESERVED
+CVE-2016-4707
+ RESERVED
+CVE-2016-4706
+ RESERVED
+CVE-2016-4705
+ RESERVED
+CVE-2016-4704
+ RESERVED
+CVE-2016-4703
+ RESERVED
+CVE-2016-4702
+ RESERVED
+CVE-2016-4701
+ RESERVED
+CVE-2016-4700
+ RESERVED
+CVE-2016-4699
+ RESERVED
+CVE-2016-4698
+ RESERVED
+CVE-2016-4697
+ RESERVED
+CVE-2016-4696
+ RESERVED
+CVE-2016-4695
+ RESERVED
+CVE-2016-4694
+ RESERVED
+CVE-2016-4693
+ RESERVED
+CVE-2016-4692
+ RESERVED
+CVE-2016-4691
+ RESERVED
+CVE-2016-4690
+ RESERVED
+CVE-2016-4689
+ RESERVED
+CVE-2016-4688
+ RESERVED
+CVE-2016-4687
+ RESERVED
+CVE-2016-4686
+ RESERVED
+CVE-2016-4685
+ RESERVED
+CVE-2016-4684
+ RESERVED
+CVE-2016-4683
+ RESERVED
+CVE-2016-4682
+ RESERVED
+CVE-2016-4681
+ RESERVED
+CVE-2016-4680
+ RESERVED
+CVE-2016-4679
+ RESERVED
+CVE-2016-4678
+ RESERVED
+CVE-2016-4677
+ RESERVED
+CVE-2016-4676
+ RESERVED
+CVE-2016-4675
+ RESERVED
+CVE-2016-4674
+ RESERVED
+CVE-2016-4673
+ RESERVED
+CVE-2016-4672
+ RESERVED
+CVE-2016-4671
+ RESERVED
+CVE-2016-4670
+ RESERVED
+CVE-2016-4669
+ RESERVED
+CVE-2016-4668
+ RESERVED
+CVE-2016-4667
+ RESERVED
+CVE-2016-4666
+ RESERVED
+CVE-2016-4665
+ RESERVED
+CVE-2016-4664
+ RESERVED
+CVE-2016-4663
+ RESERVED
+CVE-2016-4662
+ RESERVED
+CVE-2016-4661
+ RESERVED
+CVE-2016-4660
+ RESERVED
+CVE-2016-4659
+ RESERVED
+CVE-2016-4658
+ RESERVED
+CVE-2016-4657
+ RESERVED
+CVE-2016-4656
+ RESERVED
+CVE-2016-4655
+ RESERVED
+CVE-2016-4654
+ RESERVED
+CVE-2016-4653
+ RESERVED
+CVE-2016-4652
+ RESERVED
+CVE-2016-4651
+ RESERVED
+CVE-2016-4650
+ RESERVED
+CVE-2016-4649
+ RESERVED
+CVE-2016-4648
+ RESERVED
+CVE-2016-4647
+ RESERVED
+CVE-2016-4646
+ RESERVED
+CVE-2016-4645
+ RESERVED
+CVE-2016-4644
+ RESERVED
+CVE-2016-4643
+ RESERVED
+CVE-2016-4642
+ RESERVED
+CVE-2016-4641
+ RESERVED
+CVE-2016-4640
+ RESERVED
+CVE-2016-4639
+ RESERVED
+CVE-2016-4638
+ RESERVED
+CVE-2016-4637
+ RESERVED
+CVE-2016-4636
+ RESERVED
+CVE-2016-4635
+ RESERVED
+CVE-2016-4634
+ RESERVED
+CVE-2016-4633
+ RESERVED
+CVE-2016-4632
+ RESERVED
+CVE-2016-4631
+ RESERVED
+CVE-2016-4630
+ RESERVED
+CVE-2016-4629
+ RESERVED
+CVE-2016-4628
+ RESERVED
+CVE-2016-4627
+ RESERVED
+CVE-2016-4626
+ RESERVED
+CVE-2016-4625
+ RESERVED
+CVE-2016-4624
+ RESERVED
+CVE-2016-4623
+ RESERVED
+CVE-2016-4622
+ RESERVED
+CVE-2016-4621
+ RESERVED
+CVE-2016-4620
+ RESERVED
+CVE-2016-4619
+ RESERVED
+CVE-2016-4618
+ RESERVED
+CVE-2016-4617
+ RESERVED
+CVE-2016-4616
+ RESERVED
+CVE-2016-4615
+ RESERVED
+CVE-2016-4614
+ RESERVED
+CVE-2016-4613
+ RESERVED
+CVE-2016-4612
+ RESERVED
+CVE-2016-4611
+ RESERVED
+CVE-2016-4610
+ RESERVED
+CVE-2016-4609
+ RESERVED
+CVE-2016-4608
+ RESERVED
+CVE-2016-4607
+ RESERVED
+CVE-2016-4606
+ RESERVED
+CVE-2016-4605
+ RESERVED
+CVE-2016-4604
+ RESERVED
+CVE-2016-4603
+ RESERVED
+CVE-2016-4602
+ RESERVED
+CVE-2016-4601
+ RESERVED
+CVE-2016-4600
+ RESERVED
+CVE-2016-4599
+ RESERVED
+CVE-2016-4598
+ RESERVED
+CVE-2016-4597
+ RESERVED
+CVE-2016-4596
+ RESERVED
+CVE-2016-4595
+ RESERVED
+CVE-2016-4594
+ RESERVED
+CVE-2016-4593
+ RESERVED
+CVE-2016-4592
+ RESERVED
+CVE-2016-4591
+ RESERVED
+CVE-2016-4590
+ RESERVED
+CVE-2016-4589
+ RESERVED
+CVE-2016-4588
+ RESERVED
+CVE-2016-4587
+ RESERVED
+CVE-2016-4586
+ RESERVED
+CVE-2016-4585
+ RESERVED
+CVE-2016-4584
+ RESERVED
+CVE-2016-4583
+ RESERVED
+CVE-2016-4582
+ RESERVED
+CVE-2016-4580
+ RESERVED
+CVE-2016-4577
+ RESERVED
+CVE-2016-4576
+ RESERVED
+CVE-2016-4575
+ RESERVED
CVE-2016-XXXX [OpenJPEG Heap Buffer Overflow in function color_cmyk_to_rgb of color.c]
- openjpeg2 <unfixed>
NOTE: https://github.com/uclouvain/openjpeg/commit/162f6199c0cd3ec1c6c6dc65e41b2faab92b2d91
@@ -9,9 +425,11 @@
CVE-2016-4573
RESERVED
CVE-2016-4581
+ RESERVED
- linux <unfixed>
NOTE: https://git.kernel.org/linus/5ec0811d30378ae104f250bfc9b3640242d81e3f (v4.6-rc7)
CVE-2016-4579
+ RESERVED
- libksba 1.3.4-3
NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=a7eed17a0b2a1c09ef986f3b4b323cd31cea2b64
CVE-2016-4572
@@ -24,6 +442,7 @@
NOTE: Fixed by: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=6be61daac047d8e6aa941eb103f8e71a1d4e3c75
NOTE: Introduced by: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=243d12fdec66a4360fbb3e307a046b39b5b4ffc3
CVE-2016-4578 [information leak]
+ RESERVED
- linux <unfixed>
NOTE: https://git.kernel.org/cgit/linux/kernel/git/tiwai/sound.git/commit/?h=for-next&id=9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6
NOTE: https://git.kernel.org/cgit/linux/kernel/git/tiwai/sound.git/commit/?h=for-next&id=e4ec8cc8039a7063e24204299b462bd1383184a5
@@ -226,14 +645,14 @@
RESERVED
CVE-2016-4500
RESERVED
-CVE-2016-4499
- RESERVED
-CVE-2016-4498
- RESERVED
-CVE-2016-4497
- RESERVED
-CVE-2016-4496
- RESERVED
+CVE-2016-4499 (Heap-based buffer overflow in Panasonic FPWIN Pro 5.x through 7.x ...)
+ TODO: check
+CVE-2016-4498 (Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an ...)
+ TODO: check
+CVE-2016-4497 (Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to ...)
+ TODO: check
+CVE-2016-4496 (Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to ...)
+ TODO: check
CVE-2016-4495
RESERVED
CVE-2016-4494
@@ -2439,8 +2858,7 @@
NOTE: https://sourceforge.net/p/graphicsmagick/code/ci/45998a25992d1142df201d8cf024b6c948b40748/
CVE-2016-3713
RESERVED
-CVE-2016-3712 [Out-of-bounds read when creating weird vga screen surface]
- RESERVED
+CVE-2016-3712 (Integer overflow in the VGA module in QEMU allows local guest OS users ...)
{DSA-3573-1}
- qemu <unfixed> (bug #823830)
[wheezy] - qemu <end-of-life> (Not supported in Wheezy LTS)
@@ -2450,8 +2868,7 @@
CVE-2016-3711 [Setting cookie containing internal IP address of a pod]
RESERVED
NOT-FOR-US: OpenShift
-CVE-2016-3710 [incorrect banked access bounds checking in vga module]
- RESERVED
+CVE-2016-3710 (The VGA module in QEMU improperly performs bounds checking on banked ...)
{DSA-3573-1}
- qemu <unfixed> (bug #823830)
[wheezy] - qemu <end-of-life> (Not supported in Wheezy LTS)
@@ -2567,6 +2984,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/03/26/1
CVE-2016-3674 [XXE vulnerability]
RESERVED
+ {DSA-3575-1}
- libxstream-java 1.4.9-1 (bug #819455)
NOTE: http://x-stream.github.io/changes.html#1.4.9
CVE-2016-3671
@@ -9614,8 +10032,8 @@
RESERVED
CVE-2016-1394
RESERVED
-CVE-2016-1393
- RESERVED
+CVE-2016-1393 (SQL injection vulnerability in Cisco Cloud Network Automation ...)
+ TODO: check
CVE-2016-1392 (Open redirect vulnerability in Cisco Prime Collaboration Assurance ...)
TODO: check
CVE-2016-1391
@@ -10357,8 +10775,7 @@
RESERVED
CVE-2016-1237
RESERVED
-CVE-2016-1236 [XSS via directory or file in a repository containing XSS payload]
- RESERVED
+CVE-2016-1236 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
{DSA-3572-1 DLA-462-1}
- websvn <removed>
NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/22
@@ -17119,6 +17536,7 @@
NOTE: https://quickgit.kde.org/?p=kdelibs.git&a=blobdiff&h=8c0f6401271c495c68e340e06b09239eb755ce5e&hp=45b72f0d5c3421b571e9515497352a0a9942a075&hb=cc5515ed7ce8884c9b18169158ba29ab2f7a3db7&f=kinit%2Flnusertemp.c
CVE-2015-7542 [Uses outdated bundled CA certificates]
RESERVED
+ {DLA-469-1}
- libgwenhywfar 4.12.0beta-3 (bug #748955; medium)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1272503
NOTE: Debian packaging fix: http://source.lenk.info/git/pkg-libgwenhywfar.git/commitdiff/86dacaae3a233f6ca3b420e0bfdb12eb5ef40b91
@@ -29122,8 +29540,10 @@
NOTE: Referenced Bug with Details from Red Hat is currently private
NOTE: Patch: https://git.centos.org/blob/rpms!spice.git/11e32f6dd156a3c4847da29d989837437e973ccc/SOURCES!0038-Avoid-race-conditions-reading-monitor-configs-from-g.patch
CVE-2015-3246 (libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the ...)
+ {DLA-468-1}
- libuser <unfixed> (bug #793465)
CVE-2015-3245 (Incomplete blacklist vulnerability in the chfn function in libuser ...)
+ {DLA-468-1}
- libuser <unfixed> (bug #793465)
NOTE: initially attributed to usermode package, root-cause fixed in libuser instead
CVE-2015-3244 (The Portlet Bridge for JavaServer Faces in Red Hat JBoss Portal 6.2.0, ...)
More information about the Secure-testing-commits
mailing list