[Secure-testing-commits] r41713 - data/CVE

[security tracker role]

Author: sectracker
Date: 2016-05-13 21:10:12 +0000 (Fri, 13 May 2016)
New Revision: 41713

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-05-13 19:25:03 UTC (rev 41712)
+++ data/CVE/list	2016-05-13 21:10:12 UTC (rev 41713)
@@ -1,3 +1,33 @@
+CVE-2016-4799
+	RESERVED
+CVE-2016-4798
+	RESERVED
+CVE-2016-4795
+	RESERVED
+CVE-2016-4793
+	RESERVED
+CVE-2016-4792
+	RESERVED
+CVE-2016-4791
+	RESERVED
+CVE-2016-4790
+	RESERVED
+CVE-2016-4789
+	RESERVED
+CVE-2016-4788
+	RESERVED
+CVE-2016-4787
+	RESERVED
+CVE-2016-4786
+	RESERVED
+CVE-2014-9776
+	RESERVED
+CVE-2014-9775
+	RESERVED
+CVE-2014-9774
+	RESERVED
+CVE-2010-5326 (The Invoker Servlet on SAP NetWeaver Application Server Java ...)
+	TODO: check
 CVE-2016-4785
 	RESERVED
 CVE-2016-4784
@@ -415,14 +445,17 @@
 CVE-2016-4575
 	RESERVED
 CVE-2016-4796 [OpenJPEG Heap Buffer Overflow in function color_cmyk_to_rgb of color.c]
+	RESERVED
 	- openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
 	- openjpeg <undetermined>
 	NOTE: https://github.com/uclouvain/openjpeg/commit/162f6199c0cd3ec1c6c6dc65e41b2faab92b2d91
 CVE-2016-4797 [OpenJPEG division-by-zero in function opj_tcd_init_tile of tcd.c]
+	RESERVED
 	- openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/8f9cc62b3f9a1da9712329ddcedb9750d585505c
 	NOTE: CVE-2016-4797 exists because of an incorrect fix for CVE-2014-7947
 CVE-2016-4794
+	RESERVED
 	- linux <unfixed>
 CVE-2016-4573
 	RESERVED
@@ -434,6 +467,7 @@
 	NOTE: Introduced by: https://git.kernel.org/linus/f2ebb3a921c1ca1e2ddd9242e95a1989a50c4c68 (v3.15-rc1)
 CVE-2016-4579
 	RESERVED
+	{DLA-470-1}
 	- libksba 1.3.4-3
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=a7eed17a0b2a1c09ef986f3b4b323cd31cea2b64
 CVE-2016-4572
@@ -1124,6 +1158,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/02/2
 CVE-2016-4425 [stack exhaustion parsing a JSON file]
 	RESERVED
+	{DLA-471-1}
 	- jansson <unfixed> (bug #823238)
 	NOTE: https://github.com/akheron/jansson/issues/282
 	NOTE: https://github.com/akheron/jansson/pull/284
@@ -5180,7 +5215,7 @@
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-47/
 CVE-2016-2807 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
-	{DSA-3559-1}
+	{DSA-3576-1 DSA-3559-1}
 	- iceweasel <removed>
 	- firefox-esr 45.1.0esr-1
 	- firefox 46.0-1
@@ -5192,7 +5227,7 @@
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/
 CVE-2016-2805 (Unspecified vulnerability in the browser engine in Mozilla Firefox ESR ...)
-	{DSA-3559-1}
+	{DSA-3576-1 DSA-3559-1}
 	- iceweasel <removed>
 	- firefox-esr <not-affected> (Only affects Firefox ESR 38.x)
 	- firefox <not-affected> (Only affects Firefox ESR 38.x)
@@ -8170,6 +8205,7 @@
 CVE-2016-1980
 	RESERVED
 CVE-2016-1979 (Use-after-free vulnerability in the ...)
+	{DSA-3576-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
@@ -19118,6 +19154,7 @@
 CVE-2015-6931
 	RESERVED
 CVE-2015-8871 [Use-after-free in opj_j2k_write_mco]
+	RESERVED
 	- openjpeg2 <unfixed> (bug #800149)
 	- openjpeg <not-affected> (Vulnerable code not present; opj_j2k_write_mco function)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/940100c28ae28931722290794889cf84a92c5f6f