[Secure-testing-commits] r46255 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Wed Nov 16 21:10:51 UTC 2016
Author: sectracker
Date: 2016-11-16 21:10:27 +0000 (Wed, 16 Nov 2016)
New Revision: 46255
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-16 21:07:57 UTC (rev 46254)
+++ data/CVE/list 2016-11-16 21:10:27 UTC (rev 46255)
@@ -1,3 +1,23 @@
+CVE-2016-9331
+ RESERVED
+CVE-2016-9330
+ RESERVED
+CVE-2016-9329
+ RESERVED
+CVE-2016-9328
+ RESERVED
+CVE-2016-9327
+ RESERVED
+CVE-2016-9326
+ RESERVED
+CVE-2016-9325
+ RESERVED
+CVE-2016-9324
+ RESERVED
+CVE-2016-9323
+ RESERVED
+CVE-2016-9322
+ RESERVED
CVE-2016-XXXX [possible remote code execution on the client]
- teeworlds <unfixed> (bug #844546)
NOTE: https://www.teeworlds.com/?page=news&id=12086
@@ -9,8 +29,7 @@
RESERVED
CVE-2016-9319
RESERVED
-CVE-2016-9318 [XML External Entity vulnerability]
- RESERVED
+CVE-2016-9318 (libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and ...)
- libxml2 <unfixed>
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=772726
CVE-2016-9317
@@ -1867,8 +1886,8 @@
RESERVED
CVE-2016-8662
RESERVED
-CVE-2016-8661
- RESERVED
+CVE-2016-8661 (Little Snitch version 3.0 through 3.6.1 suffer from a buffer overflow ...)
+ TODO: check
CVE-2016-8657
RESERVED
CVE-2016-8656
@@ -2689,14 +2708,14 @@
NOTE: Reproducer: http://www.openwall.com/lists/oss-security/2016/09/30/8
NOTE: Patch: http://git.ghostscript.com/?p=ghostpdl.git;h=6d444c273da5499a4cd72f21cb6d4c9a5256807d
NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/7
-CVE-2015-8964
- RESERVED
-CVE-2015-8963
- RESERVED
-CVE-2015-8962
- RESERVED
-CVE-2015-8961
- RESERVED
+CVE-2015-8964 (The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the ...)
+ TODO: check
+CVE-2015-8963 (Race condition in kernel/events/core.c in the Linux kernel before 4.4 ...)
+ TODO: check
+CVE-2015-8962 (Double free vulnerability in the sg_common_write function in ...)
+ TODO: check
+CVE-2015-8961 (The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux ...)
+ TODO: check
CVE-2014-9908
RESERVED
CVE-2016-1000247 [mpg123 memory overread]
@@ -4580,22 +4599,22 @@
- moodle <undetermined>
CVE-2016-7918
RESERVED
-CVE-2016-7917
- RESERVED
-CVE-2016-7916
- RESERVED
-CVE-2016-7915
- RESERVED
-CVE-2016-7914
- RESERVED
-CVE-2016-7913
- RESERVED
-CVE-2016-7912
- RESERVED
-CVE-2016-7911
- RESERVED
-CVE-2016-7910
- RESERVED
+CVE-2016-7917 (The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the ...)
+ TODO: check
+CVE-2016-7916 (Race condition in the environ_read function in fs/proc/base.c in the ...)
+ TODO: check
+CVE-2016-7915 (The hid_input_field function in drivers/hid/hid-core.c in the Linux ...)
+ TODO: check
+CVE-2016-7914 (The assoc_array_insert_into_terminal_node function in ...)
+ TODO: check
+CVE-2016-7913 (The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c ...)
+ TODO: check
+CVE-2016-7912 (Use-after-free vulnerability in the ffs_user_copy_worker function in ...)
+ TODO: check
+CVE-2016-7911 (Race condition in the get_task_ioprio function in block/ioprio.c in ...)
+ TODO: check
+CVE-2016-7910 (Use-after-free vulnerability in the disk_seqf_stop function in ...)
+ TODO: check
CVE-2016-7909 (The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick ...)
{DLA-698-1 DLA-689-1}
- qemu <unfixed> (bug #839834)
@@ -5651,7 +5670,7 @@
RESERVED
CVE-2016-7440
RESERVED
- {DSA-3711-1 DSA-3706-1}
+ {DSA-3711-1 DSA-3706-1 DLA-708-1}
- mariadb-10.0 10.0.28-1
- mysql-5.7 5.7.16-1 (bug #841163)
- mysql-5.6 5.6.34-1 (bug #841049)
@@ -6403,8 +6422,8 @@
NOTE: Upstream patch: https://curl.haxx.se/CVE-2016-7167.patch
NOTE: Affected versions: libcurl 7.11.1 to and including 7.50.2
NOTE: Not affected versions: libcurl < 7.11.1 and libcurl >= 7.50.3
-CVE-2016-7165
- RESERVED
+CVE-2016-7165 (Unquoted Windows search path vulnerability in Siemens SIMATIC WinCC ...)
+ TODO: check
CVE-2016-7162 (The _g_file_remove_directory function in file-utils.c in File Roller ...)
- file-roller 3.20.3-1
[jessie] - file-roller <no-dsa> (Minor issue)
@@ -11098,8 +11117,8 @@
RESERVED
CVE-2016-5764 (Micro Focus Rumba FTP 4.X client buffer overflow makes it possible to ...)
NOT-FOR-US: Micro Focus Rumba
-CVE-2016-5763
- RESERVED
+CVE-2016-5763 (Vulnerability in Novell Open Enterprise Server (OES2015 SP1 before ...)
+ TODO: check
CVE-2016-5762
RESERVED
CVE-2016-5761
@@ -11909,7 +11928,7 @@
CVE-2016-5585 (Unspecified vulnerability in the Oracle Interaction Center ...)
TODO: check
CVE-2016-5584 (Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 ...)
- {DSA-3711-1 DSA-3706-1}
+ {DSA-3711-1 DSA-3706-1 DLA-708-1}
- mariadb-10.0 10.0.28-1
- mysql-5.7 5.7.16-1 (bug #841163)
- mysql-5.6 5.6.34-1 (bug #841049)
@@ -27843,8 +27862,8 @@
NOT-FOR-US: EMC Data Domain OS
CVE-2016-0910 (EMC Data Domain OS 5.5 before 5.5.4.0, 5.6 before 5.6.1.004, and 5.7 ...)
NOT-FOR-US: EMC Data Domain OS
-CVE-2016-0909
- RESERVED
+CVE-2016-0909 (EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions ...)
+ TODO: check
CVE-2016-0908 (EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows ...)
NOT-FOR-US: EMC Isilon
CVE-2016-0907 (EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3 and 8.0.x before ...)
More information about the Secure-testing-commits
mailing list