[Secure-testing-commits] r41975 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon May 23 21:10:11 UTC 2016
Author: sectracker
Date: 2016-05-23 21:10:11 +0000 (Mon, 23 May 2016)
New Revision: 41975
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-23 21:03:09 UTC (rev 41974)
+++ data/CVE/list 2016-05-23 21:10:11 UTC (rev 41975)
@@ -1,3 +1,25 @@
+CVE-2016-4950
+ RESERVED
+CVE-2016-4949
+ RESERVED
+CVE-2016-4948
+ RESERVED
+CVE-2016-4947
+ RESERVED
+CVE-2016-4946
+ RESERVED
+CVE-2016-4945
+ RESERVED
+CVE-2015-8880 (Double free vulnerability in the format printer in PHP 7.x before ...)
+ TODO: check
+CVE-2015-8879 (The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 ...)
+ TODO: check
+CVE-2015-8878 (main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before ...)
+ TODO: check
+CVE-2015-8877 (The gdImageScaleTwoPass function in gd_interpolation.c in the GD ...)
+ TODO: check
+CVE-2015-8876 (Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and ...)
+ TODO: check
CVE-2016-XXXX [mediawiki issues from 1.26.3, 1.25.6 and 1.23.14]
- mediawiki <removed>
NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-May/000188.html
@@ -7,7 +29,7 @@
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03774.html
TODO: check versions
-CVE-2016-4951 [Null pointer dereference in tipc_nl_publ_dump]
+CVE-2016-4951 (The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux ...)
- linux <unfixed>
[jessie] - linux <not-affected> (Introduced in 3.19)
[wheezy] - linux <not-affected> (Introduced in 3.19)
@@ -282,8 +304,7 @@
RESERVED
CVE-2016-4810
RESERVED
-CVE-2016-4913 [information leak in Rock Ridge Extensions to iso9660]
- RESERVED
+CVE-2016-4913 (The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux ...)
- linux 4.5.4-1
NOTE: Fixed by: https://git.kernel.org/linus/99d825822eade8d827a1817357cbf3f889a552d6 (v4.6)
CVE-2016-4912
@@ -328,8 +349,7 @@
[wheezy] - php5 5.4.44-0+deb7u1
NOTE: Fixed in 5.6.12, 5.5.28, 5.4.44
NOTE: PHP bug: https://bugs.php.net/bug.php?id=69793
-CVE-2016-4805 [ppp: take reference on channels netns]
- RESERVED
+CVE-2016-4805 (Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the ...)
- linux 4.5.2-1
NOTE: Fixed by: https://git.kernel.org/linus/1f461dcdd296eecedaffffc6bae2bfa90bd7eb89 (v4.6-rc1)
NOTE: Introduced by: https://git.kernel.org/linus/273ec51dd7ceaa76e038875d85061ec856d8905e (v2.6.30)
@@ -779,8 +799,8 @@
RESERVED
CVE-2016-4582
RESERVED
-CVE-2016-4580
- RESERVED
+CVE-2016-4580 (The x25_negotiate_facilities function in net/x25/x25_facilities.c in ...)
+ TODO: check
CVE-2016-4577
RESERVED
CVE-2016-4576
@@ -797,13 +817,11 @@
- openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
NOTE: https://github.com/uclouvain/openjpeg/commit/8f9cc62b3f9a1da9712329ddcedb9750d585505c
NOTE: CVE-2016-4797 exists because of an incorrect fix for CVE-2014-7947
-CVE-2016-4794
- RESERVED
+CVE-2016-4794 (Use-after-free vulnerability in mm/percpu.c in the Linux kernel ...)
- linux <unfixed>
CVE-2016-4573
RESERVED
-CVE-2016-4581
- RESERVED
+CVE-2016-4581 (fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse ...)
- linux 4.5.4-1
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by: https://git.kernel.org/linus/5ec0811d30378ae104f250bfc9b3640242d81e3f (v4.6-rc7)
@@ -823,14 +841,12 @@
[wheezy] - libksba <not-affected> (Incomplete fix not applied)
NOTE: Fixed by: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=6be61daac047d8e6aa941eb103f8e71a1d4e3c75
NOTE: Introduced by: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=243d12fdec66a4360fbb3e307a046b39b5b4ffc3
-CVE-2016-4578 [information leak]
- RESERVED
+CVE-2016-4578 (sound/core/timer.c in the Linux kernel through 4.6 does not initialize ...)
- linux <unfixed>
NOTE: https://git.kernel.org/cgit/linux/kernel/git/tiwai/sound.git/commit/?h=for-next&id=9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6
NOTE: https://git.kernel.org/cgit/linux/kernel/git/tiwai/sound.git/commit/?h=for-next&id=e4ec8cc8039a7063e24204299b462bd1383184a5
NOTE: Both commits not yet in Linus tree
-CVE-2016-4569 [information leak]
- RESERVED
+CVE-2016-4569 (The snd_timer_user_params function in sound/core/timer.c in the Linux ...)
- linux <unfixed>
NOTE: http://comments.gmane.org/gmane.linux.kernel/2214250
NOTE: https://git.kernel.org/cgit/linux/kernel/git/tiwai/sound.git/commit/?h=for-next&id=cec8f96e49d9be372fdb0c3836dcf31ec71e457e (not yet merged in Linus tree)
@@ -849,31 +865,27 @@
CVE-2016-XXXX [Multiple security problems]
- imagemagick <unfixed> (bug #823750)
NOTE: This really should be split up in individual cases otherwise hard to act on
-CVE-2016-4567 [XSS]
- RESERVED
+CVE-2016-4567 (Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as ...)
- mediaelement <unfixed> (unimportant; bug #823649)
NOTE: https://core.trac.wordpress.org/changeset/37370
NOTE: Fixed by: https://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06e
NOTE: Vulnerable code present, but Flash Player disabled in Debian
NOTE: See 0004-Deactivate-Flash-and-Silverlight.patch
NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/2
-CVE-2016-4566 [XSS]
- RESERVED
+CVE-2016-4566 (Cross-site scripting (XSS) vulnerability in plupload.flash.swf in ...)
- wordpress 4.5.2+dfsg-1 (bug #823640)
[jessie] - wordpress <not-affected> (Vulnerable code not present)
[wheezy] - wordpress <not-affected> (Vulnerable code not present)
NOTE: https://wordpress.org/news/2016/05/wordpress-4-5-2/
NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37382
NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/2
-CVE-2016-4568 [videobuf2-v4l2: Verify planes array in buffer dequeueing]
- RESERVED
+CVE-2016-4568 (drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before ...)
- linux 4.5.3-1
[jessie] - linux <not-affected> (Vulnerable code introduced in 4.4)
[wheezy] - linux <not-affected> (Vulnerable code introduced in 4.4)
NOTE: Fixed by: https://git.kernel.org/linus/2c1f6951a8a82e6de0d82b1158b5e493fc6c54ab (v4.6-rc6)
NOTE: Introduced by: https://git.kernel.org/linus/b0e0e1f83de31aa0428c38b692c590cc0ecd3f03 (v4.4-rc1)
-CVE-2016-4565 [IB/security: Restrict use of the write() interface]
- RESERVED
+CVE-2016-4565 (The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 ...)
- linux 4.5.3-1
NOTE: Fixed by: https://git.kernel.org/linus/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3 (v4.6-rc6)
CVE-2016-4551
@@ -909,14 +921,12 @@
- mxml <unfixed>
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/05/06/6
TODO: check
-CVE-2016-4558 [bpf: fix refcnt overflow]
- RESERVED
+CVE-2016-4558 (The BPF subsystem in the Linux kernel before 4.5.5 mishandles ...)
- linux 4.5.3-1
NOTE: Fixed by: https://git.kernel.org/linus/92117d8443bc5afacc8d5ba82e541946310f106e
NOTE: Introduced by: https://git.kernel.org/linus/1be7f75d1668d6296b80bf35dcf6762393530afc(v4.4-rc1)
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=809
-CVE-2016-4557 [UAF via double-fdput() in bpf(BPF_PROG_LOAD) error path]
- RESERVED
+CVE-2016-4557 (The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in ...)
- linux 4.5.3-1 (bug #823603)
[jessie] - linux <not-affected> (Issue introduced later)
[wheezy] - linux <not-affected> (Issue introduced later)
@@ -1156,64 +1166,56 @@
NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70481
NOTE: https://gcc.gnu.org/ml/gcc-patches/2016-03/msg01687.html
TODO: check
-CVE-2016-4539 [xml_parse_into_struct segmentation fault]
- RESERVED
+CVE-2016-4539 (The xml_parse_into_struct function in ext/xml/xml.c in PHP before ...)
- php7.0 7.0.6-1
- php5 5.6.21+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=72099
NOTE: https://git.php.net/?p=php-src.git;a=commit;h=dccda88f27a084bcbbb30198ace12b4e7ae961cc
NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4537 [bcpowmod accepting negative scale]
- RESERVED
+CVE-2016-4537 (The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, ...)
- php7.0 7.0.6-1
- php5 5.6.21+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=72093
NOTE: https://git.php.net/?p=php-src.git;a=commit;h=d650063a0457aec56364e4005a636dc6c401f9cd
NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4538 [_one_ definition being overridden by scale adjustment]
- RESERVED
+CVE-2016-4538 (The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, ...)
- php7.0 7.0.6-1
- php5 5.6.21+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=72093
NOTE: https://git.php.net/?p=php-src.git;a=commit;h=d650063a0457aec56364e4005a636dc6c401f9cd
NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4540
- RESERVED
+CVE-2016-4540 (The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c ...)
- php7.0 7.0.6-1
- php5 5.6.21+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=72061
NOTE: https://git.php.net/?p=php-src.git;a=commit;h=fd9689745c44341b1bd6af4756f324be8abba2fb
NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4541
- RESERVED
+CVE-2016-4541 (The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in ...)
- php7.0 7.0.6-1
- php5 5.6.21+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=72061
NOTE: https://git.php.net/?p=php-src.git;a=commit;h=fd9689745c44341b1bd6af4756f324be8abba2fb
NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4542 [issue associated with the spprintf call]
- RESERVED
+CVE-2016-4542 (The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before ...)
- php7.0 7.0.6-1
- php5 5.6.21+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=72094
NOTE: https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92
NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4543 [issues in which "Illegal IFD size" validation was added]
- RESERVED
+CVE-2016-4543 (The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before ...)
- php7.0 7.0.6-1
- php5 5.6.21+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=72094
NOTE: https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92
NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4544 [issue in which "Invalid TIFF start" validation was added]
- RESERVED
+CVE-2016-4544 (The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP ...)
- php7.0 7.0.6-1
- php5 5.6.21+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=72094
@@ -1224,12 +1226,10 @@
- openafs 1.6.17-1
[jessie] - openafs <no-dsa> (Minor issue, can be included in a future DSA or via jessie-pu)
NOTE: https://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt
-CVE-2016-4486 [information leak vulnerability in rtnetlink]
- RESERVED
+CVE-2016-4486 (The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux ...)
- linux 4.5.4-1
NOTE: https://git.kernel.org/linus/5f8e44741f9f216e33736ea4ec65ca9ac03036e6
-CVE-2016-4485 [information leak vulnerability in llc module]
- RESERVED
+CVE-2016-4485 (The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel ...)
- linux 4.5.4-1
NOTE: https://git.kernel.org/linus/b8670c09f37bdf2847cc44f36511a53afc6161fd
CVE-2016-4484
@@ -1310,8 +1310,7 @@
RESERVED
CVE-2016-4442
RESERVED
-CVE-2016-4441 [scsi: esp: OOB write while writing to 's->cmdbuf' in get_cmd]
- RESERVED
+CVE-2016-4441 (The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI ...)
- qemu <unfixed> (bug #824856)
[jessie] - qemu <no-dsa> (Minor issue; can be fixed along with a future DSA)
- qemu-kvm <removed>
@@ -1325,8 +1324,7 @@
NOTE: Upstream patch: http://permalink.gmane.org/gmane.comp.emulators.kvm.devel/152191
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1337806
NOTE: http://comments.gmane.org/gmane.comp.emulators.kvm.devel/152100
-CVE-2016-4439 [scsi: esp: OOB write while writing to 's->cmdbuf' in esp_reg_write]
- RESERVED
+CVE-2016-4439 (The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI ...)
- qemu <unfixed> (bug #824856)
[jessie] - qemu <no-dsa> (Minor issue; can be fixed along with a future DSA)
- qemu-kvm <removed>
@@ -1391,8 +1389,7 @@
- dotclear <removed>
[jessie] - dotclear <no-dsa> (Minor issue)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/05/04/9
-CVE-2016-4482 [information leak in devio]
- RESERVED
+CVE-2016-4482 (The proc_connectinfo function in drivers/usb/core/devio.c in the Linux ...)
- linux <unfixed>
NOTE: http://www.spinics.net/lists/linux-usb/msg140243.html
NOTE: http://www.openwall.com/lists/oss-security/2016/05/04/2
@@ -1541,6 +1538,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/05/02/2
CVE-2016-4478 [denial of service due to a buffer overflow in the XMLRPC response encoding code]
RESERVED
+ {DSA-3586-1}
- atheme-services 7.0.7-2
NOTE: https://github.com/atheme/atheme/commit/87580d767868360d2fed503980129504da84b63e
NOTE: http://www.openwall.com/lists/oss-security/2016/05/02/2
@@ -2274,8 +2272,7 @@
NOTE: upstream commit: https://github.com/tmux/tmux/commit/2ffbd5b5f05dded1564ba32a6a00b0b417439b2f (2.1)
NOTE: upstream fixed in 2.1
NOTE: https://bugs.gentoo.org/show_bug.cgi?id=564400
-CVE-2015-8866 [libxml_disable_entity_loader setting is shared between threads]
- RESERVED
+CVE-2015-8866 (ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when ...)
- php5 5.6.6+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=64938
NOTE: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1509817
@@ -2283,8 +2280,7 @@
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=de31324c221c1791b26350ba106cc26bad23ace9
NOTE: Fixed in 5.6.6, 5.5.22
NOTE: http://www.openwall.com/lists/oss-security/2016/04/21/8
-CVE-2015-8867 [openssl_random_pseudo_bytes() is not cryptographically secure]
- RESERVED
+CVE-2015-8867 (The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in ...)
- php7.0 7.0.0-1
- php5 5.6.12+dfsg-1
[jessie] - php5 5.6.12+dfsg-0+deb8u1
@@ -3199,8 +3195,7 @@
RESERVED
CVE-2016-3740
RESERVED
-CVE-2016-3739
- RESERVED
+CVE-2016-3739 (The (1) mbed_connect_step1 function in lib/vtls/mbedtls.c and (2) ...)
- curl <unfixed> (unimportant)
NOTE: only relevant when built with mbedTLS/PolarSSL
NOTE: Source-wise fixed in 7.49.0
@@ -3236,8 +3231,7 @@
RESERVED
- moodle 2.7.14+dfsg-1
NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53954
-CVE-2016-3728
- RESERVED
+CVE-2016-3728 (Eval injection vulnerability in tftp_api.rb in the TFTP module in the ...)
- foreman <itp> (bug #663101)
CVE-2016-3727 (The API URL computer/(master)/api/xml in CloudBees Jenkins before 2.3 ...)
- jenkins <removed>
@@ -3387,8 +3381,7 @@
RESERVED
CVE-2016-3694
RESERVED
-CVE-2016-3693
- RESERVED
+CVE-2016-3693 (The Safemode gem before 1.2.4 for Ruby, when initialized with a ...)
- foreman <itp> (bug #663101)
CVE-2016-3692
RESERVED
@@ -3486,8 +3479,8 @@
[wheezy] - php5 5.4.44-0+deb7u1
NOTE: Fixed in 5.6.11, 5.5.27, 5.4.43
NOTE: https://bugs.php.net/bug.php?id=69669
-CVE-2015-8834
- RESERVED
+CVE-2015-8834 (Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in ...)
+ TODO: check
CVE-2016-3661
RESERVED
CVE-2016-3660
@@ -4613,8 +4606,7 @@
NOTE: https://bugs.php.net/bug.php?id=70480
NOTE: https://github.com/facebook/hhvm/commit/3fa7e73055855c409d48e8aa1dc416a76d3dd764
NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=629e4da7cc8b174acdeab84969cbfc606a019b31
-CVE-2014-9767 [ZipArchive::extractTo allows for directory traversal when creating directories]
- RESERVED
+CVE-2014-9767 (Directory traversal vulnerability in the ZipArchive::extractTo ...)
- hhvm 3.12.1+dfsg-1
- php5 5.6.13+dfsg-1
[jessie] - php5 5.6.13+dfsg-0+deb8u1
@@ -7243,8 +7235,7 @@
NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
- hhvm 3.12.1+dfsg-1
NOTE: https://github.com/facebook/hhvm/commit/eae73029336e4d577707cb8a0527f22cb8a4588a
-CVE-2016-4348
- RESERVED
+CVE-2016-4348 (The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows ...)
{DSA-3584-1 DLA-477-1}
- librsvg 2.40.12-1
NOTE: https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2 (2.40.12)
@@ -7255,30 +7246,25 @@
NOTE: https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61 (2.40.12)
NOTE: Gustavo Grieco confirmed that this is probably the same issue as CVE-2015-7558
NOTE: Possibly CVE-2016-4347 will/should be rejected or still be used.
-CVE-2016-4346 [Multiple Heap Overflow due to integer overflows | xml/filter_url/addcslashes -- ext/standard/string.c]
- RESERVED
+CVE-2016-4346 (Integer overflow in the str_pad function in ext/standard/string.c in ...)
- php7.0 7.0.4-1
- php5 <undetermined>
NOTE: https://bugs.php.net/bug.php?id=71637
-CVE-2016-4345 [Multiple Heap Overflow due to integer overflows | xml/filter_url/addcslashes -- ext/filter/sanitizing_filters.c]
- RESERVED
+CVE-2016-4345 (Integer overflow in the php_filter_encode_url function in ...)
- php7.0 7.0.4-1
- php5 <undetermined>
NOTE: https://bugs.php.net/bug.php?id=71637
-CVE-2016-4344 [Multiple Heap Overflow due to integer overflows | xml/filter_url/addcslashes -- ext/xml/xml.c]
- RESERVED
+CVE-2016-4344 (Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in ...)
- php7.0 7.0.4-1
- php5 <undetermined>
NOTE: https://bugs.php.net/bug.php?id=71637
-CVE-2016-4343 [Uninitialized pointer in phar_make_dirstream()]
- RESERVED
+CVE-2016-4343 (The phar_make_dirstream function in ext/phar/dirstream.c in PHP before ...)
- php7.0 7.0.3-1
- php5 5.6.18+dfsg-1
[jessie] - php5 5.6.18+dfsg-0+deb8u1
NOTE: https://bugs.php.net/bug.php?id=71331
NOTE: Fixed in 7.0.3, 5.6.18
-CVE-2016-4342 [Heap corruption in tar/zip/phar parser]
- RESERVED
+CVE-2016-4342 (ext/phar/phar_object.c in PHP before 5.5.32, 5.6.x before 5.6.18, and ...)
- php5 5.6.18+dfsg-1
[jessie] - php5 5.6.19+dfsg-0+deb8u1
[wheezy] - php5 <no-dsa> (Minor issue, can be fixed in next update round)
@@ -7793,8 +7779,7 @@
- optipng 0.7.6-1 (bug #820068)
NOTE: https://sourceforge.net/p/optipng/bugs/59/
NOTE: http://www.openwall.com/lists/oss-security/2016/04/04/2
-CVE-2016-2190 [MSA-16-0011: Add no referrer to links with _blank target attribute]
- RESERVED
+CVE-2016-2190 (Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x ...)
- moodle 2.7.13+dfsg-1
CVE-2016-2189
REJECTED
@@ -7894,32 +7879,23 @@
CVE-2016-2160
RESERVED
NOT-FOR-US: OpenShift
-CVE-2016-2159 [MSA-16-0012: External function mod_assign_save_submission does not check due dates]
- RESERVED
+CVE-2016-2159 (The save_submission function in mod/assign/externallib.php in Moodle ...)
- moodle 2.7.13+dfsg-1
-CVE-2016-2158 [MSA-16-0010: Enumeration of category details possible without authentication]
- RESERVED
+CVE-2016-2158 (lib/ajax/getnavbranch.php in Moodle through 2.6.11, 2.7.x before ...)
- moodle 2.7.13+dfsg-1
-CVE-2016-2157 [MSA-16-0009: CSRF in Assignment plugin management page]
- RESERVED
+CVE-2016-2157 (Cross-site request forgery (CSRF) vulnerability in ...)
- moodle 2.7.13+dfsg-1
-CVE-2016-2156 [MSA-16-0008: External function get_calendar_events return events that pertains to hidden activities]
- RESERVED
+CVE-2016-2156 (calendar/externallib.php in Moodle through 2.6.11, 2.7.x before ...)
- moodle 2.7.13+dfsg-1
-CVE-2016-2155 [MSA-16-0007: Non-Editing Instructor role can edit exclude checkbox in Single View]
- RESERVED
+CVE-2016-2155 (The grade-reporting feature in Singleview (aka Single View) in Moodle ...)
- moodle <not-affected> (Only affects 2.8 and later)
-CVE-2016-2154 [MSA-16-0006: Hidden courses are shown to students in Event Monitor]
- RESERVED
+CVE-2016-2154 (admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before ...)
- moodle <not-affected> (Only affects 2.8 and later)
-CVE-2016-2153 [MSA-16-0005: Reflected XSS in mod_data advanced search]
- RESERVED
+CVE-2016-2153 (Cross-site scripting (XSS) vulnerability in the advanced-search ...)
- moodle 2.7.13+dfsg-1
-CVE-2016-2152 [MSA-16-0004: XSS from profile fields from external db]
- RESERVED
+CVE-2016-2152 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- moodle 2.7.13+dfsg-1
-CVE-2016-2151 [MSA-16-0003: Incorrect capability check when displaying users emails in Participants list]
- RESERVED
+CVE-2016-2151 (user/index.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x ...)
- moodle 2.7.13+dfsg-1
CVE-2016-2150
RESERVED
@@ -8076,8 +8052,7 @@
- tripleo-image-elements <not-affected> (Configuration not found in Debian's version)
CVE-2016-2101
RESERVED
-CVE-2016-2100
- RESERVED
+CVE-2016-2100 (Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote ...)
- foreman <itp> (bug #663101)
CVE-2016-2099 (Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in ...)
{DSA-3579-1 DLA-467-1}
@@ -8181,15 +8156,13 @@
NOTE: https://github.com/python-pillow/Pillow/pull/1706
NOTE: http://www.openwall.com/lists/oss-security/2016/02/02/5
NOTE: https://github.com/python-pillow/Pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4
-CVE-2016-2221 [open redirect vulnerability]
- RESERVED
+CVE-2016-2221 (Open redirect vulnerability in the wp_validate_redirect function in ...)
{DSA-3472-1 DLA-418-1}
- wordpress 4.4.2+dfsg-1 (bug #813697)
NOTE: https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
NOTE: https://core.trac.wordpress.org/changeset/36444
NOTE: http://www.openwall.com/lists/oss-security/2016/02/04/4
-CVE-2016-2222 [SSRF for certain local URIs]
- RESERVED
+CVE-2016-2222 (The wp_http_validate_url function in wp-includes/http.php in WordPress ...)
{DSA-3472-1 DLA-418-1}
- wordpress 4.4.2+dfsg-1 (bug #813697)
NOTE: https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
@@ -10305,8 +10278,7 @@
NOT-FOR-US: Huawei
CVE-2016-1495 (Integer overflow in the graphics drivers in Huawei Mate S smartphones ...)
NOT-FOR-US: Huawei
-CVE-2016-1564 [cross-site scripting vulnerability]
- RESERVED
+CVE-2016-1564 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
{DSA-3444-1}
- wordpress 4.4.1+dfsg-1 (bug #810325)
[squeeze] - wordpress <not-affected> (Vulnerable code not present)
@@ -10541,10 +10513,10 @@
RESERVED
CVE-2016-1403
RESERVED
-CVE-2016-1402
- RESERVED
-CVE-2016-1401
- RESERVED
+CVE-2016-1402 (The Active Directory (AD) integration component in Cisco Identity ...)
+ TODO: check
+CVE-2016-1401 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+ TODO: check
CVE-2016-1400
RESERVED
CVE-2016-1399 (The packet-processing microcode in Cisco IOS 15.2(2)EA, 15.2(2)EA1, ...)
@@ -17983,15 +17955,13 @@
NOTE: https://www.samba.org/samba/security/CVE-2015-7560.html
CVE-2015-7559
RESERVED
-CVE-2015-7558 [Stack exhaustion]
- RESERVED
+CVE-2015-7558 (librsvg before 2.40.12 allows context-dependent attackers to cause a ...)
{DSA-3584-1 DLA-477-1}
- librsvg 2.40.12-1
[squeeze] - librsvg <no-dsa> (Too intrusive to backport)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1268243
NOTE: https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61 (2.40.12)
-CVE-2015-7557 [Out-of-bounds heap read in librsvg2 was found when parsing SVG file]
- RESERVED
+CVE-2015-7557 (The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg ...)
{DLA-395-1}
- librsvg 2.40.9-2
[jessie] - librsvg 2.40.5-1+deb8u1
@@ -19604,8 +19574,7 @@
NOTE: https://github.com/twangboy/salt/commit/c0689e32154c41f59840ae10ffc5fbfa30618710
CVE-2015-6940 (The GetResource servlet in Pentaho Business Analytics (BA) Suite ...)
NOT-FOR-US: Pentaho
-CVE-2015-7989 [Cross-site scripting vulnerability in the user list table]
- RESERVED
+CVE-2015-7989 (Cross-site scripting (XSS) vulnerability in the user list table in ...)
{DSA-3383-1 DSA-3375-1 DLA-321-1}
- wordpress 4.3.1+dfsg-1 (bug #799140)
NOTE: https://github.com/WordPress/WordPress/commit/f91a5fd10ea7245e5b41e288624819a37adf290a
@@ -22710,14 +22679,12 @@
NOT-FOR-US: Siemens
CVE-2015-5716
RESERVED
-CVE-2015-5715
- RESERVED
+CVE-2015-5715 (The mw_editPost function in wp-includes/class-wp-xmlrpc-server.php in ...)
{DSA-3383-1 DSA-3375-1 DLA-321-1}
- wordpress 4.3.1+dfsg-1 (bug #799140)
NOTE: https://wordpress.org/news/2015/09/wordpress-4-3-1/
NOTE: https://github.com/WordPress/WordPress/commit/9c57f3a4291f2311ae05f22c10eedeb0f69337ab
-CVE-2015-5714
- RESERVED
+CVE-2015-5714 (Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 ...)
{DSA-3383-1 DSA-3375-1 DLA-321-1}
- wordpress 4.3.1+dfsg-1 (bug #799140)
NOTE: https://wordpress.org/news/2015/09/wordpress-4-3-1/
More information about the Secure-testing-commits
mailing list