[Secure-testing-commits] r45616 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Tue Oct 25 21:10:11 UTC 2016
Author: sectracker
Date: 2016-10-25 21:10:11 +0000 (Tue, 25 Oct 2016)
New Revision: 45616
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-25 21:00:50 UTC (rev 45615)
+++ data/CVE/list 2016-10-25 21:10:11 UTC (rev 45616)
@@ -1,3 +1,211 @@
+CVE-2016-9015
+ RESERVED
+CVE-2016-9014
+ RESERVED
+CVE-2016-9013
+ RESERVED
+CVE-2016-9012
+ RESERVED
+CVE-2016-9010
+ RESERVED
+CVE-2016-9009
+ RESERVED
+CVE-2016-9008
+ RESERVED
+CVE-2016-9007
+ RESERVED
+CVE-2016-9006
+ RESERVED
+CVE-2016-9005
+ RESERVED
+CVE-2016-9004
+ RESERVED
+CVE-2016-9003
+ RESERVED
+CVE-2016-9002
+ RESERVED
+CVE-2016-9001
+ RESERVED
+CVE-2016-9000
+ RESERVED
+CVE-2016-8999
+ RESERVED
+CVE-2016-8998
+ RESERVED
+CVE-2016-8997
+ RESERVED
+CVE-2016-8996
+ RESERVED
+CVE-2016-8995
+ RESERVED
+CVE-2016-8994
+ RESERVED
+CVE-2016-8993
+ RESERVED
+CVE-2016-8992
+ RESERVED
+CVE-2016-8991
+ RESERVED
+CVE-2016-8990
+ RESERVED
+CVE-2016-8989
+ RESERVED
+CVE-2016-8988
+ RESERVED
+CVE-2016-8987
+ RESERVED
+CVE-2016-8986
+ RESERVED
+CVE-2016-8985
+ RESERVED
+CVE-2016-8984
+ RESERVED
+CVE-2016-8983
+ RESERVED
+CVE-2016-8982
+ RESERVED
+CVE-2016-8981
+ RESERVED
+CVE-2016-8980
+ RESERVED
+CVE-2016-8979
+ RESERVED
+CVE-2016-8978
+ RESERVED
+CVE-2016-8977
+ RESERVED
+CVE-2016-8976
+ RESERVED
+CVE-2016-8975
+ RESERVED
+CVE-2016-8974
+ RESERVED
+CVE-2016-8973
+ RESERVED
+CVE-2016-8972
+ RESERVED
+CVE-2016-8971
+ RESERVED
+CVE-2016-8970
+ RESERVED
+CVE-2016-8969
+ RESERVED
+CVE-2016-8968
+ RESERVED
+CVE-2016-8967
+ RESERVED
+CVE-2016-8966
+ RESERVED
+CVE-2016-8965
+ RESERVED
+CVE-2016-8964
+ RESERVED
+CVE-2016-8963
+ RESERVED
+CVE-2016-8962
+ RESERVED
+CVE-2016-8961
+ RESERVED
+CVE-2016-8960
+ RESERVED
+CVE-2016-8959
+ RESERVED
+CVE-2016-8958
+ RESERVED
+CVE-2016-8957
+ RESERVED
+CVE-2016-8956
+ RESERVED
+CVE-2016-8955
+ RESERVED
+CVE-2016-8954
+ RESERVED
+CVE-2016-8953
+ RESERVED
+CVE-2016-8952
+ RESERVED
+CVE-2016-8951
+ RESERVED
+CVE-2016-8950
+ RESERVED
+CVE-2016-8949
+ RESERVED
+CVE-2016-8948
+ RESERVED
+CVE-2016-8947
+ RESERVED
+CVE-2016-8946
+ RESERVED
+CVE-2016-8945
+ RESERVED
+CVE-2016-8944
+ RESERVED
+CVE-2016-8943
+ RESERVED
+CVE-2016-8942
+ RESERVED
+CVE-2016-8941
+ RESERVED
+CVE-2016-8940
+ RESERVED
+CVE-2016-8939
+ RESERVED
+CVE-2016-8938
+ RESERVED
+CVE-2016-8937
+ RESERVED
+CVE-2016-8936
+ RESERVED
+CVE-2016-8935
+ RESERVED
+CVE-2016-8934
+ RESERVED
+CVE-2016-8933
+ RESERVED
+CVE-2016-8932
+ RESERVED
+CVE-2016-8931
+ RESERVED
+CVE-2016-8930
+ RESERVED
+CVE-2016-8929
+ RESERVED
+CVE-2016-8928
+ RESERVED
+CVE-2016-8927
+ RESERVED
+CVE-2016-8926
+ RESERVED
+CVE-2016-8925
+ RESERVED
+CVE-2016-8924
+ RESERVED
+CVE-2016-8923
+ RESERVED
+CVE-2016-8922
+ RESERVED
+CVE-2016-8921
+ RESERVED
+CVE-2016-8920
+ RESERVED
+CVE-2016-8919
+ RESERVED
+CVE-2016-8918
+ RESERVED
+CVE-2016-8917
+ RESERVED
+CVE-2016-8916
+ RESERVED
+CVE-2016-8915
+ RESERVED
+CVE-2016-8914
+ RESERVED
+CVE-2016-8913
+ RESERVED
+CVE-2016-8912
+ RESERVED
+CVE-2016-8911
+ RESERVED
CVE-2016-9016 [sandbox escape (similar to CVE-2016-7545]
- firejail 0.9.44-1
NOTE: https://github.com/netblue30/firejail/commit/46dc2b34f1fbbc4597b4ff9f6a3cb28b2d500d1b
@@ -3,4 +211,5 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/10/25/3
CVE-2016-9011 [memory allocation failure in wmf_malloc (api.c)]
+ RESERVED
- libwmf <unfixed> (bug #842090)
[jessie] - libwmf <no-dsa> (Minor issue)
@@ -400,15 +609,17 @@
RESERVED
CVE-2016-1000034
RESERVED
-CVE-2016-1000032
+CVE-2016-1000032 (TGCaptcha2 version 0.3.0 is vulnerable to a replay attack due to a ...)
+ TODO: check
+CVE-2016-8910 [net: rtl8139: infinite loop while transmit in C+ mode]
RESERVED
-CVE-2016-8910 [net: rtl8139: infinite loop while transmit in C+ mode]
- qemu <unfixed> (bug #841955)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html
NOTE: http://www.openwall.com/lists/oss-security/2016/10/24/2
TODO: check affected versions
CVE-2016-8909 [audio: intel-hda: infinite loop in processing dma buffer stream]
+ RESERVED
- qemu <unfixed> (bug #841950)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg04717.html
@@ -679,6 +890,7 @@
NOTE: https://blog.fuzzing-project.org/54-Update-on-MatrixSSL-miscalculation-incomplete-fix-for-CVE-2016-6887.html
CVE-2016-8669 [char: divide by zero error in serial_update_parameters]
RESERVED
+ {DLA-679-1 DLA-678-1}
- qemu <unfixed> (bug #840945)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02461.html
@@ -1139,18 +1351,21 @@
NOTE: https://gist.github.com/marcograss/40850adb3c599ac38e0beac31617d56b
CVE-2016-8578 [9pfs: potential NULL dereferencein 9pfs routines]
RESERVED
+ {DLA-679-1 DLA-678-1}
- qemu <unfixed> (bug #840340)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07143.html
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ba42ebb863ab7d40adc79298422ed9596df8f73a
CVE-2016-8577 [9pfs: host memory leakage in v9fs_read]
RESERVED
+ {DLA-679-1 DLA-678-1}
- qemu <unfixed> (bug #840341)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07127.html
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=e95c9a493a5a8d6f969e86c9f19f80ffe6587e19
CVE-2016-8576 [usb: xHCI: infinite loop vulnerability in xhci_ring_fetch]
RESERVED
+ {DLA-679-1 DLA-678-1}
- qemu <unfixed> (bug #840343)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01265.html
@@ -1626,52 +1841,45 @@
RESERVED
CVE-2016-8297
RESERVED
-CVE-2016-8296
- RESERVED
-CVE-2016-8295
- RESERVED
-CVE-2016-8294
- RESERVED
-CVE-2016-8293
- RESERVED
-CVE-2016-8292
- RESERVED
-CVE-2016-8291
- RESERVED
-CVE-2016-8290
- RESERVED
+CVE-2016-8296 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+ TODO: check
+CVE-2016-8295 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+ TODO: check
+CVE-2016-8294 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+ TODO: check
+CVE-2016-8293 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+ TODO: check
+CVE-2016-8292 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+ TODO: check
+CVE-2016-8291 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+ TODO: check
+CVE-2016-8290 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-8289
- RESERVED
+CVE-2016-8289 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-8288
- RESERVED
+CVE-2016-8288 (Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <unfixed>
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-8287
- RESERVED
+CVE-2016-8287 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-8286
- RESERVED
+CVE-2016-8286 (Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-8285
- RESERVED
-CVE-2016-8284
- RESERVED
+CVE-2016-8285 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+ TODO: check
+CVE-2016-8284 (Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <unfixed> (bug #841049)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-8283
- RESERVED
+CVE-2016-8283 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 ...)
- mariadb-10.0 <undetermined>
- mysql-5.7 5.7.15-1
- mysql-5.6 <unfixed> (bug #841049)
@@ -1680,8 +1888,8 @@
[wheezy] - mysql-5.5 5.5.52-0+deb7u1
CVE-2016-8282
RESERVED
-CVE-2016-8281
- RESERVED
+CVE-2016-8281 (Unspecified vulnerability in the Oracle Platform Security for Java ...)
+ TODO: check
CVE-2016-1000244
RESERVED
CVE-2016-1000243
@@ -1741,8 +1949,8 @@
RESERVED
CVE-2016-1000223
RESERVED
-CVE-2016-1000031
- RESERVED
+CVE-2016-1000031 (Apache Commons FileUpload DiskFileItem File Manipulation Remote Code ...)
+ TODO: check
CVE-2016-7466 [usb: xhci memory leakage during device unplug]
RESERVED
- qemu <unfixed> (bug #838687)
@@ -4956,16 +5164,17 @@
NOT-FOR-US: WordPress plugin zotpress
CVE-2016-1000216 (Ruckus Wireless H500 web management interface authenticated command ...)
NOT-FOR-US: Ruckus Wireless H500
-CVE-2016-1000215
- RESERVED
-CVE-2016-1000214
- RESERVED
-CVE-2016-1000213
- RESERVED
+CVE-2016-1000215 (Ruckus Wireless H500 web management interface denial of service ...)
+ TODO: check
+CVE-2016-1000214 (Ruckus Wireless H500 web management interface authentication bypass ...)
+ TODO: check
+CVE-2016-1000213 (Ruckus Wireless H500 web management interface CSRF ...)
+ TODO: check
CVE-2010-5327
RESERVED
CVE-2016-7551 [AST-2016-007]
RESERVED
+ {DSA-3700-1}
- asterisk <unfixed> (bug #838832)
NOTE: http://downloads.asterisk.org/pub/security/AST-2016-007.html
CVE-2016-7550 [AST-2016-006]
@@ -10190,71 +10399,59 @@
NOTE: https://bugs.python.org/issue22928
NOTE: Fixed in 3.4 / 3.5: revision 94952: https://hg.python.org/cpython/rev/bf3e1c9b80e9
NOTE: Fixed in 2.7: revision 94951: https://hg.python.org/cpython/rev/1c45047c5102
-CVE-2016-5635
- RESERVED
+CVE-2016-5635 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5634
- RESERVED
+CVE-2016-5634 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5633
- RESERVED
+CVE-2016-5633 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5632
- RESERVED
+CVE-2016-5632 (Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5631
- RESERVED
+CVE-2016-5631 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5630
- RESERVED
+CVE-2016-5630 (Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and ...)
- mariadb-10.0 10.0.27-1
[jessie] - mariadb-10.0 10.0.27-0+deb8u1
- mysql-5.7 5.7.15-1
- mysql-5.6 <unfixed> (bug #841049)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-5629
- RESERVED
+CVE-2016-5629 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 ...)
- mariadb-10.0 <undetermined>
- mysql-5.7 5.7.15-1
- mysql-5.6 <unfixed> (bug #841049)
- mysql-5.5 <removed>
[jessie] - mysql-5.5 5.5.52-0+deb8u1
[wheezy] - mysql-5.5 5.5.52-0+deb7u1
-CVE-2016-5628
- RESERVED
+CVE-2016-5628 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5627
- RESERVED
+CVE-2016-5627 (Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <unfixed> (bug #841049)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-5626
- RESERVED
+CVE-2016-5626 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 ...)
- mariadb-10.0 <undetermined>
- mysql-5.7 5.7.15-1
- mysql-5.6 <unfixed> (bug #841049)
- mysql-5.5 <removed>
[jessie] - mysql-5.5 5.5.52-0+deb8u1
[wheezy] - mysql-5.5 5.5.52-0+deb7u1
-CVE-2016-5625
- RESERVED
+CVE-2016-5625 (Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5624
- RESERVED
+CVE-2016-5624 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows ...)
- mariadb-10.0 <undetermined>
- mysql-5.7 <not-affected> (Only affects MySQL 5.5)
- mysql-5.6 <not-affected> (Only affects MySQL 5.5)
@@ -10263,43 +10460,38 @@
[wheezy] - mysql-5.5 5.5.52-0+deb7u1
CVE-2016-5623
RESERVED
-CVE-2016-5622
- RESERVED
-CVE-2016-5621
- RESERVED
-CVE-2016-5620
- RESERVED
-CVE-2016-5619
- RESERVED
-CVE-2016-5618
- RESERVED
-CVE-2016-5617
- RESERVED
+CVE-2016-5622 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+ TODO: check
+CVE-2016-5621 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+ TODO: check
+CVE-2016-5620 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+ TODO: check
+CVE-2016-5619 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+ TODO: check
+CVE-2016-5618 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+ TODO: check
+CVE-2016-5617 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 ...)
- mariadb-10.0 <undetermined>
- mysql-5.7 5.7.15-1
- mysql-5.6 <unfixed> (bug #841049)
- mysql-5.5 <removed>
[jessie] - mysql-5.5 5.5.52-0+deb8u1
[wheezy] - mysql-5.5 5.5.52-0+deb7u1
-CVE-2016-5616
- RESERVED
+CVE-2016-5616 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <unfixed> (bug #841049)
- mysql-5.5 <removed>
[jessie] - mysql-5.5 5.5.52-0+deb8u1
[wheezy] - mysql-5.5 5.5.52-0+deb7u1
-CVE-2016-5615
- RESERVED
+CVE-2016-5615 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local ...)
NOT-FOR-US: Solaris
CVE-2016-5614
RESERVED
-CVE-2016-5613
- RESERVED
+CVE-2016-5613 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
- virtualbox 5.1.8-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5612
- RESERVED
+CVE-2016-5612 (Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 ...)
- mariadb-10.0 10.0.27-1
[jessie] - mariadb-10.0 10.0.27-0+deb8u1
- mysql-5.7 5.7.15-1
@@ -10307,172 +10499,152 @@
- mysql-5.5 <removed>
[jessie] - mysql-5.5 5.5.52-0+deb8u1
[wheezy] - mysql-5.5 5.5.52-0+deb7u1
-CVE-2016-5611
- RESERVED
+CVE-2016-5611 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
- virtualbox 5.1.8-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5610
- RESERVED
+CVE-2016-5610 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
- virtualbox 5.1.8-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5609
- RESERVED
+CVE-2016-5609 (Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <unfixed> (bug #841049)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-5608
- RESERVED
+CVE-2016-5608 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
- virtualbox 5.1.8-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5607
- RESERVED
-CVE-2016-5606
- RESERVED
+CVE-2016-5607 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+ TODO: check
+CVE-2016-5606 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local ...)
NOT-FOR-US: Solaris
-CVE-2016-5605
- RESERVED
+CVE-2016-5605 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
- virtualbox 5.1.4-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5604
- RESERVED
-CVE-2016-5603
- RESERVED
-CVE-2016-5602
- RESERVED
-CVE-2016-5601
- RESERVED
-CVE-2016-5600
- RESERVED
-CVE-2016-5599
- RESERVED
-CVE-2016-5598
- RESERVED
+CVE-2016-5604 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
+ TODO: check
+CVE-2016-5603 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+ TODO: check
+CVE-2016-5602 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
+ TODO: check
+CVE-2016-5601 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2016-5600 (Unspecified vulnerability in the PeopleSoft Enterprise SCM Services ...)
+ TODO: check
+CVE-2016-5599 (Unspecified vulnerability in the Oracle Advanced Supply Chain Planning ...)
+ TODO: check
+CVE-2016-5598 (Unspecified vulnerability in the MySQL Connector component 2.1.3 and ...)
- mysql-connector-python <unfixed> (bug #841677)
NOTE: "administrators should plan on patching for CVE-2016-6304, CVE-2016-5598 and CVE-2010-5312 as they are remotely exploitable"
NOTE: https://blog.qualys.com/laws-of-vulnerabilities/2016/10/18/oracle-october-2016-critical-patch-update
-CVE-2016-5597
- RESERVED
+CVE-2016-5597 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and ...)
- openjdk-8 8u111-b14-1
- openjdk-7 <removed>
NOTE: #841692 tracks openjdk-7
- openjdk-6 <removed>
-CVE-2016-5596
- RESERVED
-CVE-2016-5595
- RESERVED
-CVE-2016-5594
- RESERVED
-CVE-2016-5593
- RESERVED
-CVE-2016-5592
- RESERVED
-CVE-2016-5591
- RESERVED
+CVE-2016-5596 (Unspecified vulnerability in the Oracle CRM Technical Foundation ...)
+ TODO: check
+CVE-2016-5595 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
+ TODO: check
+CVE-2016-5594 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+ TODO: check
+CVE-2016-5593 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
+ TODO: check
+CVE-2016-5592 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
+ TODO: check
+CVE-2016-5591 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
+ TODO: check
CVE-2016-5590
RESERVED
-CVE-2016-5589
- RESERVED
-CVE-2016-5588
- RESERVED
-CVE-2016-5587
- RESERVED
-CVE-2016-5586
- RESERVED
-CVE-2016-5585
- RESERVED
-CVE-2016-5584
- RESERVED
+CVE-2016-5589 (Unspecified vulnerability in the Oracle CRM Technical Foundation ...)
+ TODO: check
+CVE-2016-5588 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+ TODO: check
+CVE-2016-5587 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
+ TODO: check
+CVE-2016-5586 (Unspecified vulnerability in the Oracle Email Center component in ...)
+ TODO: check
+CVE-2016-5585 (Unspecified vulnerability in the Oracle Interaction Center ...)
+ TODO: check
+CVE-2016-5584 (Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 ...)
- mariadb-10.0 <undetermined>
- mysql-5.7 <unfixed> (bug #841163)
- mysql-5.6 <unfixed> (bug #841049)
- mysql-5.5 <removed> (bug #841050)
-CVE-2016-5583
- RESERVED
-CVE-2016-5582
- RESERVED
+CVE-2016-5583 (Unspecified vulnerability in the Oracle One-to-One Fulfillment ...)
+ TODO: check
+CVE-2016-5582 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and ...)
- openjdk-8 8u111-b14-1
- openjdk-7 <removed>
NOTE: #841692 tracks openjdk-7
- openjdk-6 <removed>
-CVE-2016-5581
- RESERVED
-CVE-2016-5580
- RESERVED
+CVE-2016-5581 (Unspecified vulnerability in the Oracle iRecruitment component in ...)
+ TODO: check
+CVE-2016-5580 (Unspecified vulnerability in the Secure Global Desktop component in ...)
NOT-FOR-US: Secure Global Desktop
-CVE-2016-5579
- RESERVED
-CVE-2016-5578
- RESERVED
-CVE-2016-5577
- RESERVED
-CVE-2016-5576
- RESERVED
+CVE-2016-5579 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+ TODO: check
+CVE-2016-5578 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+ TODO: check
+CVE-2016-5577 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+ TODO: check
+CVE-2016-5576 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local ...)
NOT-FOR-US: Solaris
-CVE-2016-5575
- RESERVED
-CVE-2016-5574
- RESERVED
-CVE-2016-5573
- RESERVED
+CVE-2016-5575 (Unspecified vulnerability in the Oracle Common Applications Calendar ...)
+ TODO: check
+CVE-2016-5574 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+ TODO: check
+CVE-2016-5573 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and ...)
- openjdk-8 8u111-b14-1
- openjdk-7 <removed>
NOTE: #841692 tracks openjdk-7
- openjdk-6 <removed>
-CVE-2016-5572
- RESERVED
-CVE-2016-5571
- RESERVED
-CVE-2016-5570
- RESERVED
-CVE-2016-5569
- RESERVED
-CVE-2016-5568
- RESERVED
+CVE-2016-5572 (Unspecified vulnerability in the Kernel PDB component in Oracle ...)
+ TODO: check
+CVE-2016-5571 (Unspecified vulnerability in the Oracle Applications DBA component in ...)
+ TODO: check
+CVE-2016-5570 (Unspecified vulnerability in the Oracle Applications DBA component in ...)
+ TODO: check
+CVE-2016-5569 (Unspecified vulnerability in the Oracle FLEXCUBE Enterprise Limits and ...)
+ TODO: check
+CVE-2016-5568 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 ...)
- openjdk-8 <not-affected> (Only affects Windows)
- openjdk-7 <not-affected> (Only affects Windows)
- openjdk-6 <not-affected> (Only affects Windows)
-CVE-2016-5567
- RESERVED
-CVE-2016-5566
- RESERVED
+CVE-2016-5567 (Unspecified vulnerability in the Oracle Applications DBA component in ...)
+ TODO: check
+CVE-2016-5566 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote ...)
NOT-FOR-US: Solaris
-CVE-2016-5565
- RESERVED
-CVE-2016-5564
- RESERVED
-CVE-2016-5563
- RESERVED
-CVE-2016-5562
- RESERVED
-CVE-2016-5561
- RESERVED
+CVE-2016-5565 (Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property ...)
+ TODO: check
+CVE-2016-5564 (Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property ...)
+ TODO: check
+CVE-2016-5563 (Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property ...)
+ TODO: check
+CVE-2016-5562 (Unspecified vulnerability in the Oracle iProcurement component in ...)
+ TODO: check
+CVE-2016-5561 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote ...)
NOT-FOR-US: Solaris
-CVE-2016-5560
- RESERVED
-CVE-2016-5559
- RESERVED
+CVE-2016-5560 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+ TODO: check
+CVE-2016-5559 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows ...)
NOT-FOR-US: Solaris
-CVE-2016-5558
- RESERVED
-CVE-2016-5557
- RESERVED
-CVE-2016-5556
- RESERVED
+CVE-2016-5558 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+ TODO: check
+CVE-2016-5557 (Unspecified vulnerability in the Oracle Advanced Pricing component in ...)
+ TODO: check
+CVE-2016-5556 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 ...)
TODO: Possibly specific to Oracle Java
-CVE-2016-5555
- RESERVED
-CVE-2016-5554
- RESERVED
+CVE-2016-5555 (Unspecified vulnerability in the OJVM component in Oracle Database ...)
+ TODO: check
+CVE-2016-5554 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and ...)
- openjdk-8 8u111-b14-1
- openjdk-7 <removed>
NOTE: #841692 tracks openjdk-7
- openjdk-6 <removed>
-CVE-2016-5553
- RESERVED
+CVE-2016-5553 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows ...)
NOT-FOR-US: Solaris
CVE-2016-5552
RESERVED
@@ -10490,155 +10662,147 @@
RESERVED
CVE-2016-5545
RESERVED
-CVE-2016-5544
- RESERVED
+CVE-2016-5544 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows ...)
NOT-FOR-US: Solaris
-CVE-2016-5543
- RESERVED
-CVE-2016-5542
- RESERVED
+CVE-2016-5543 (Unspecified vulnerability in the Oracle FLEXCUBE Enterprise Limits and ...)
+ TODO: check
+CVE-2016-5542 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and ...)
- openjdk-8 8u111-b14-1
- openjdk-7 <removed>
NOTE: #841692 tracks openjdk-7
- openjdk-6 <removed>
CVE-2016-5541
RESERVED
-CVE-2016-5540
- RESERVED
-CVE-2016-5539
- RESERVED
-CVE-2016-5538
- RESERVED
+CVE-2016-5540 (Unspecified vulnerability in the Oracle Retail Xstore Payment ...)
+ TODO: check
+CVE-2016-5539 (Unspecified vulnerability in the Oracle Retail Xstore Payment ...)
+ TODO: check
+CVE-2016-5538 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
- virtualbox 5.1.8-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5537
- RESERVED
-CVE-2016-5536
- RESERVED
-CVE-2016-5535
- RESERVED
-CVE-2016-5534
- RESERVED
-CVE-2016-5533
- RESERVED
-CVE-2016-5532
- RESERVED
-CVE-2016-5531
- RESERVED
-CVE-2016-5530
- RESERVED
-CVE-2016-5529
- RESERVED
+CVE-2016-5537 (Unspecified vulnerability in the NetBeans component in Oracle Fusion ...)
+ TODO: check
+CVE-2016-5536 (Unspecified vulnerability in the Oracle Platform Security for Java ...)
+ TODO: check
+CVE-2016-5535 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2016-5534 (Unspecified vulnerability in the Siebel Apps - Customer Order ...)
+ TODO: check
+CVE-2016-5533 (Unspecified vulnerability in the Primavera P6 Enterprise Project ...)
+ TODO: check
+CVE-2016-5532 (Unspecified vulnerability in the Oracle Shipping Execution component ...)
+ TODO: check
+CVE-2016-5531 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2016-5530 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+ TODO: check
+CVE-2016-5529 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+ TODO: check
CVE-2016-5528
RESERVED
-CVE-2016-5527
- RESERVED
-CVE-2016-5526
- RESERVED
-CVE-2016-5525
- RESERVED
-CVE-2016-5524
- RESERVED
-CVE-2016-5523
- RESERVED
-CVE-2016-5522
- RESERVED
-CVE-2016-5521
- RESERVED
+CVE-2016-5527 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+ TODO: check
+CVE-2016-5526 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+ TODO: check
+CVE-2016-5525 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
+ TODO: check
+CVE-2016-5524 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+ TODO: check
+CVE-2016-5523 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+ TODO: check
+CVE-2016-5522 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+ TODO: check
+CVE-2016-5521 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+ TODO: check
CVE-2016-5520
RESERVED
-CVE-2016-5519
- RESERVED
-CVE-2016-5518
- RESERVED
-CVE-2016-5517
- RESERVED
-CVE-2016-5516
- RESERVED
-CVE-2016-5515
- RESERVED
-CVE-2016-5514
- RESERVED
-CVE-2016-5513
- RESERVED
-CVE-2016-5512
- RESERVED
-CVE-2016-5511
- RESERVED
-CVE-2016-5510
- RESERVED
+CVE-2016-5519 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+ TODO: check
+CVE-2016-5518 (Unspecified vulnerability in the Oracle Agile Engineering Data ...)
+ TODO: check
+CVE-2016-5517 (Unspecified vulnerability in the Oracle Applications DBA component in ...)
+ TODO: check
+CVE-2016-5516 (Unspecified vulnerability in the Kernel PDB component in Oracle ...)
+ TODO: check
+CVE-2016-5515 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+ TODO: check
+CVE-2016-5514 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+ TODO: check
+CVE-2016-5513 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+ TODO: check
+CVE-2016-5512 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+ TODO: check
+CVE-2016-5511 (Unspecified vulnerability in the Oracle WebCenter Sites component in ...)
+ TODO: check
+CVE-2016-5510 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
+ TODO: check
CVE-2016-5509
RESERVED
-CVE-2016-5508
- RESERVED
+CVE-2016-5508 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
NOT-FOR-US: Solaris
-CVE-2016-5507
- RESERVED
+CVE-2016-5507 (Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <unfixed> (bug #841049)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-5506
- RESERVED
-CVE-2016-5505
- RESERVED
-CVE-2016-5504
- RESERVED
-CVE-2016-5503
- RESERVED
-CVE-2016-5502
- RESERVED
-CVE-2016-5501
- RESERVED
+CVE-2016-5506 (Unspecified vulnerability in the Oracle Identity Manager component in ...)
+ TODO: check
+CVE-2016-5505 (Unspecified vulnerability in the RDBMS Programmable Interface ...)
+ TODO: check
+CVE-2016-5504 (Unspecified vulnerability in the Oracle Agile Product Lifecycle ...)
+ TODO: check
+CVE-2016-5503 (Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) ...)
+ TODO: check
+CVE-2016-5502 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+ TODO: check
+CVE-2016-5501 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
- virtualbox 5.1.8-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5500
- RESERVED
-CVE-2016-5499
- RESERVED
-CVE-2016-5498
- RESERVED
-CVE-2016-5497
- RESERVED
+CVE-2016-5500 (Unspecified vulnerability in the Oracle Discoverer component in Oracle ...)
+ TODO: check
+CVE-2016-5499 (Unspecified vulnerability in the RDBMS Security component in Oracle ...)
+ TODO: check
+CVE-2016-5498 (Unspecified vulnerability in the RDBMS Security component in Oracle ...)
+ TODO: check
+CVE-2016-5497 (Unspecified vulnerability in the RDBMS Security component in Oracle ...)
+ TODO: check
CVE-2016-5496
RESERVED
-CVE-2016-5495
- RESERVED
+CVE-2016-5495 (Unspecified vulnerability in the Oracle Discoverer component in Oracle ...)
+ TODO: check
CVE-2016-5494
RESERVED
-CVE-2016-5493
- RESERVED
-CVE-2016-5492
- RESERVED
-CVE-2016-5491
- RESERVED
-CVE-2016-5490
- RESERVED
-CVE-2016-5489
- RESERVED
-CVE-2016-5488
- RESERVED
-CVE-2016-5487
- RESERVED
+CVE-2016-5493 (Unspecified vulnerability in the Oracle FLEXCUBE Private Banking ...)
+ TODO: check
+CVE-2016-5492 (Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) ...)
+ TODO: check
+CVE-2016-5491 (Unspecified vulnerability in the Oracle Commerce Service Center ...)
+ TODO: check
+CVE-2016-5490 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+ TODO: check
+CVE-2016-5489 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
+ TODO: check
+CVE-2016-5488 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2016-5487 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local ...)
NOT-FOR-US: Solaris
-CVE-2016-5486
- RESERVED
+CVE-2016-5486 (Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) ...)
+ TODO: check
CVE-2016-5485
RESERVED
CVE-2016-5484
RESERVED
CVE-2016-5483
RESERVED
-CVE-2016-5482
- RESERVED
-CVE-2016-5481
- RESERVED
-CVE-2016-5480
- RESERVED
+CVE-2016-5482 (Unspecified vulnerability in the Oracle Commerce Guided Search ...)
+ TODO: check
+CVE-2016-5481 (Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) ...)
+ TODO: check
+CVE-2016-5480 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
NOT-FOR-US: Solaris
-CVE-2016-5479
- RESERVED
+CVE-2016-5479 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
+ TODO: check
CVE-2016-5478
RESERVED
CVE-2016-5477 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
@@ -17116,8 +17280,8 @@
TODO: check
CVE-2016-3563 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
TODO: check
-CVE-2016-3562
- RESERVED
+CVE-2016-3562 (Unspecified vulnerability in the RDBMS Security and SQL*Plus ...)
+ TODO: check
CVE-2016-3561 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
TODO: check
CVE-2016-3560 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
@@ -17138,8 +17302,8 @@
TODO: check
CVE-2016-3552 (Unspecified vulnerability in Oracle Java SE 8u92 allows local users to ...)
- openjdk-8 <not-affected> (Installation component of Oracle Java doesn't apply to IcedTea/OpenJDK)
-CVE-2016-3551
- RESERVED
+CVE-2016-3551 (Unspecified vulnerability in the Oracle Web Services component in ...)
+ TODO: check
CVE-2016-3550 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and ...)
{DSA-3641-1 DLA-579-1}
- openjdk-8 8u102-b14-1
@@ -17248,8 +17412,8 @@
TODO: check
CVE-2016-3506 (Unspecified vulnerability in the JDBC component in Oracle Database ...)
NOT-FOR-US: Oracle Database
-CVE-2016-3505
- RESERVED
+CVE-2016-3505 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
CVE-2016-3504 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
TODO: check
CVE-2016-3503 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 ...)
@@ -17277,8 +17441,7 @@
TODO: check
CVE-2016-3496 (Unspecified vulnerability in the Enterprise Manager for Fusion ...)
TODO: check
-CVE-2016-3495
- RESERVED
+CVE-2016-3495 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows ...)
- mysql-5.7 5.7.15-1
- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
@@ -17286,8 +17449,7 @@
TODO: check
CVE-2016-3493 (Unspecified vulnerability in the Hyperion Financial Reporting ...)
TODO: check
-CVE-2016-3492
- RESERVED
+CVE-2016-3492 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 ...)
- mariadb-10.0 <undetermined>
- mysql-5.7 5.7.15-1
- mysql-5.6 <unfixed> (bug #841049)
@@ -17338,8 +17500,8 @@
TODO: check
CVE-2016-3474 (Unspecified vulnerability in the BI Publisher (formerly XML Publisher) ...)
TODO: check
-CVE-2016-3473
- RESERVED
+CVE-2016-3473 (Unspecified vulnerability in the BI Publisher (formerly XML Publisher) ...)
+ TODO: check
CVE-2016-3472 (Unspecified vulnerability in the Siebel Engineering - Installer and ...)
NOT-FOR-US: Oracle Siebel CRM
CVE-2016-3471 (Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and ...)
@@ -21320,6 +21482,7 @@
NOTE: https://github.com/python-pillow/Pillow/pull/1714
NOTE: https://github.com/python-pillow/Pillow/issues/1737
CVE-2016-2232 (Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before ...)
+ {DSA-3700-1}
- asterisk 1:13.7.2~dfsg-1
[wheezy] - asterisk <no-dsa> (Minor issue)
[squeeze] - asterisk <end-of-life> (Not supported in Squeeze LTS)
@@ -21329,6 +21492,7 @@
NOTE: patch for 11 / jessie: https://code.asterisk.org/code/changelog/asterisk?cs=da2573a3779425654543d6ac4c4dd6871ce16720
NOTE: all versions vulnerable, backport required for wheezy
CVE-2016-2316 (chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and ...)
+ {DSA-3700-1}
- asterisk 1:13.7.2~dfsg-1
[wheezy] - asterisk <no-dsa> (Minor issue)
[squeeze] - asterisk <end-of-life> (Not supported in Squeeze LTS)
@@ -25066,6 +25230,7 @@
RESERVED
CVE-2016-1247
RESERVED
+ {DSA-3701-1}
- nginx <unfixed>
NOTE: Issue introduced with the Debian specific fix for CVE-2013-0337 / #701112
CVE-2016-1246 (Buffer overflow in the DBD::mysql module before 4.037 for Perl allows ...)
@@ -28907,8 +29072,7 @@
NOTE: https://github.com/redmine/redmine/commit/7e423fb4538247d59e01958c48b491f196a1de56
NOTE: upstream fixed in 2.6.9, 3.0.6 and 3.1.3
NOTE: http://www.openwall.com/lists/oss-security/2015/12/08/8
-CVE-2016-1000033 [Shotwell does not verify TLS certificates]
- RESERVED
+CVE-2016-1000033 (Shotwell version 0.22.0 (and possibly other versions) is vulnerable to ...)
- shotwell 0.22.0-3 (low; bug #807110)
[jessie] - shotwell <no-dsa> (Minor issue)
[wheezy] - shotwell <no-dsa> (Minor issue)
@@ -44722,7 +44886,7 @@
NOTE: Patch: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=55199296N2gFqH1Hm5GOnhrk9Ypygg
NOTE: http://www.openwall.com/lists/oss-security/2015/04/09/5
CVE-2015-3008 (Asterisk Open Source 1.8 before 1.8.32.3, 11.x before 11.17.1, 12.x ...)
- {DLA-455-1}
+ {DSA-3700-1 DLA-455-1}
- asterisk 1:13.7.2~dfsg-1 (bug #782411)
[squeeze] - asterisk <end-of-life> (Not supported in Squeeze LTS)
NOTE: http://downloads.asterisk.org/pub/security/AST-2015-003.html
More information about the Secure-testing-commits
mailing list