[Secure-testing-commits] r45679 - data/CVE

Thu Oct 27 21:10:16 UTC 2016

Author: sectracker
Date: 2016-10-27 21:10:16 +0000 (Thu, 27 Oct 2016)
New Revision: 45679

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2016-10-27 20:29:11 UTC (rev 45678)
+++ data/CVE/list	2016-10-27 21:10:16 UTC (rev 45679)
@@ -1,16 +1,128 @@
+CVE-2016-9088
+	RESERVED
+CVE-2016-9087
+	RESERVED
+CVE-2016-9086
+	RESERVED
+CVE-2016-9081
+	RESERVED
+CVE-2016-9080
+	RESERVED
+CVE-2016-9079
+	RESERVED
+CVE-2016-9078
+	RESERVED
+CVE-2016-9077
+	RESERVED
+CVE-2016-9076
+	RESERVED
+CVE-2016-9075
+	RESERVED
+CVE-2016-9074
+	RESERVED
+CVE-2016-9073
+	RESERVED
+CVE-2016-9072
+	RESERVED
+CVE-2016-9071
+	RESERVED
+CVE-2016-9070
+	RESERVED
+CVE-2016-9069
+	RESERVED
+CVE-2016-9068
+	RESERVED
+CVE-2016-9067
+	RESERVED
+CVE-2016-9066
+	RESERVED
+CVE-2016-9065
+	RESERVED
+CVE-2016-9064
+	RESERVED
+CVE-2016-9063
+	RESERVED
+CVE-2016-9062
+	RESERVED
+CVE-2016-9061
+	RESERVED
+CVE-2016-9060
+	RESERVED
+CVE-2016-9059
+	RESERVED
+CVE-2016-9058
+	RESERVED
+CVE-2016-9057
+	RESERVED
+CVE-2016-9056
+	RESERVED
+CVE-2016-9055
+	RESERVED
+CVE-2016-9054
+	RESERVED
+CVE-2016-9053
+	RESERVED
+CVE-2016-9052
+	RESERVED
+CVE-2016-9051
+	RESERVED
+CVE-2016-9050
+	RESERVED
+CVE-2016-9049
+	RESERVED
+CVE-2016-9048
+	RESERVED
+CVE-2016-9047
+	RESERVED
+CVE-2016-9046
+	RESERVED
+CVE-2016-9045
+	RESERVED
+CVE-2016-9044
+	RESERVED
+CVE-2016-9043
+	RESERVED
+CVE-2016-9042
+	RESERVED
+CVE-2016-9041
+	RESERVED
+CVE-2016-9040
+	RESERVED
+CVE-2016-9039
+	RESERVED
+CVE-2016-9038
+	RESERVED
+CVE-2016-9037
+	RESERVED
+CVE-2016-9036
+	RESERVED
+CVE-2016-9035
+	RESERVED
+CVE-2016-9034
+	RESERVED
+CVE-2016-9033
+	RESERVED
+CVE-2016-9032
+	RESERVED
+CVE-2016-9031
+	RESERVED
 CVE-2016-9085
+	RESERVED
 	- libwebp <unfixed>
 	NOTE: https://chromium.googlesource.com/webm/libwebp/+/e2affacc35f1df6cc3b1a9fa0ceff5ce2d0cce83
 	NOTE: Report: https://bugs.chromium.org/p/webp/issues/detail?id=314 (private)
 	NOTE: For libwebp only in examples, but other projects seem to use the gifdec.c
 	TODO: check other projects
 CVE-2016-9084 [... "kzalloc is changed to a kcalloc."]
+	RESERVED
 	- linux <unfixed>
 	NOTE: https://patchwork.kernel.org/patch/9373631/
 CVE-2016-9083 [state machine confusion bug]
+	RESERVED
 	- linux <unfixed>
 	NOTE: https://patchwork.kernel.org/patch/9373631/
 CVE-2016-9082 [Out of bounds read in read_png/write_png in cairo-png.c]
+	RESERVED
 	- cairo <unfixed> (bug #842289)
 	NOTE: Upstream bug: https://bugs.freedesktop.org/show_bug.cgi?id=98165
 	NOTE: Proposed patch upstream: https://bugs.freedesktop.org/attachment.cgi?id=127421
@@ -733,6 +845,7 @@
 	NOTE: https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/
 CVE-2016-8859 [Regex integer overflow in buffer size computations]
 	RESERVED
+	{DLA-687-1}
 	- tre 0.8.0-5 (bug #842169)
 	- musl 1.1.15-2 (bug #842171)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/19/1
@@ -1292,18 +1405,18 @@
 	RESERVED
 CVE-2016-8507
 	RESERVED
-CVE-2016-8506
-	RESERVED
-CVE-2016-8505
-	RESERVED
-CVE-2016-8504
-	RESERVED
-CVE-2016-8503
-	RESERVED
-CVE-2016-8502
-	RESERVED
-CVE-2016-8501
-	RESERVED
+CVE-2016-8506 (XSS in Yandex Browser Translator in Yandex browser for desktop for ...)
+	TODO: check
+CVE-2016-8505 (XSS in Yandex Browser BookReader in Yandex browser for desktop for ...)
+	TODO: check
+CVE-2016-8504 (CSRF of synchronization form in Yandex Browser for desktop before ...)
+	TODO: check
+CVE-2016-8503 (Yandex Protect Anti-phishing warning in Yandex Browser for desktop ...)
+	TODO: check
+CVE-2016-8502 (Yandex Protect Anti-phishing warning in Yandex Browser for desktop ...)
+	TODO: check
+CVE-2016-8501 (Security WiFi bypass in Yandex Browser from version 15.10 to 15.12 ...)
+	TODO: check
 CVE-2016-8500
 	RESERVED
 CVE-2016-8499


