[Secure-testing-commits] r44376 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Tue Sep 6 21:10:14 UTC 2016
Author: sectracker
Date: 2016-09-06 21:10:13 +0000 (Tue, 06 Sep 2016)
New Revision: 44376
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-06 16:39:50 UTC (rev 44375)
+++ data/CVE/list 2016-09-06 21:10:13 UTC (rev 44376)
@@ -1,3 +1,23 @@
+CVE-2016-7153 (The HTTP/2 protocol does not consider the role of the TCP congestion ...)
+ TODO: check
+CVE-2016-7152 (The HTTPS protocol does not consider the role of the TCP congestion ...)
+ TODO: check
+CVE-2016-7151
+ RESERVED
+CVE-2016-7150
+ RESERVED
+CVE-2016-7149
+ RESERVED
+CVE-2016-7148
+ RESERVED
+CVE-2016-7147
+ RESERVED
+CVE-2016-7146
+ RESERVED
+CVE-2016-7122
+ RESERVED
+CVE-2016-7121
+ RESERVED
CVE-2016-XXXX [scsi: pvscsi: OOB read and infinite loop while setting descriptor rings]
- qemu <unfixed>
- qemu-kvm <removed>
@@ -20,39 +40,51 @@
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/09/06/4
TODO: check
CVE-2016-7140
+ RESERVED
NOT-FOR-US: Plone
CVE-2016-7139
+ RESERVED
NOT-FOR-US: Plone
CVE-2016-7138
+ RESERVED
NOT-FOR-US: Plone
CVE-2016-7137
+ RESERVED
NOT-FOR-US: Plone
CVE-2016-7136
+ RESERVED
NOT-FOR-US: Plone
CVE-2016-7135
+ RESERVED
NOT-FOR-US: Plone
CVE-2016-7141
+ RESERVED
- curl <unfixed>
NOTE: Only affects libcurl3-nss
NOTE: http://seclists.org/oss-sec/2016/q3/419
CVE-2016-7145 [certificate fingerprint spoofing through crafted SASL messages]
+ RESERVED
NOT-FOR-US: Nefarious 2
CVE-2016-7144 [certificate fingerprint spoofing through crafted SASL messages]
+ RESERVED
- unrealircd <itp> (bug #515130)
NOTE: http://www.openwall.com/lists/oss-security/2016/09/04/3
NOTE: unrealircd reportedly vulnerable, and ircd-seven reportedly not vulnerable
CVE-2016-7143 [certificate fingerprint spoofing through crafted SASL messages]
+ RESERVED
- charybdis 3.5.3-1 (bug #836714)
- [wheezy] - charybdis <no-dsa> (unsupported)
+ [wheezy] - charybdis <no-dsa> (unsupported)
NOTE: charybdis patch: https://github.com/charybdis-ircd/charybdis/commit/818a3fda944b26d4814132cee14cfda4ea4aa824
NOTE: http://www.openwall.com/lists/oss-security/2016/09/04/3
CVE-2016-7142 [certificate fingerprint spoofing through crafted SASL messages]
+ RESERVED
- inspircd <unfixed> (bug #836706)
NOTE: http://www.inspircd.org/2016/09/03/v2023-released.html
NOTE: http://www.openwall.com/lists/oss-security/2016/09/04/3
CVE-2016-7120
RESERVED
CVE-2016-7134 [Heap overflow in curl_escape]
+ RESERVED
- php7.0 7.0.10-1
- php5 <not-affected> (Only affects PHP 7)
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72674
@@ -60,6 +92,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
NOTE: https://github.com/php/php-src/commit/72dbb7f416160f490c4e9987040989a10ad431c7?w=1
CVE-2016-7133 [memory allocator fails to realloc small block to large one]
+ RESERVED
- php7.0 7.0.10-1
- php5 <not-affected> (Only affects PHP 7)
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72742
@@ -67,6 +100,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
NOTE: https://github.com/php/php-src/commit/c2a13ced4272f2e65d2773e2ea6ca11c1ce4a911?w=1
CVE-2016-7132 [wddx_deserialize null dereference in php_wddx_pop_element]
+ RESERVED
- php7.0 7.0.10-1
- php5 <unfixed>
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72799
@@ -76,6 +110,7 @@
NOTE: 72790 and 72799 are associated with the same commit. Not all of the
NOTE: commit is about the pop issue in 72799.
CVE-2016-7131 [wddx_deserialize null dereference with invalid xml]
+ RESERVED
- php7.0 7.0.10-1
- php5 <unfixed>
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72790
@@ -86,6 +121,7 @@
NOTE: 72790 and 72799 are associated with the same commit. Not all of the
NOTE: commit is about the pop issue in 72799.
CVE-2016-7130 [wddx_deserialize null dereference]
+ RESERVED
- php7.0 7.0.10-1
- php5 <unfixed>
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72750
@@ -93,6 +129,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
NOTE: https://github.com/php/php-src/commit/698a691724c0a949295991e5df091ce16f899e02?w=1
CVE-2016-7129 [wddx_deserialize allows illegal memory access]
+ RESERVED
- php7.0 7.0.10-1
- php5 <unfixed>
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72749
@@ -100,6 +137,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
NOTE: https://github.com/php/php-src/commit/426aeb2808955ee3d3f52e0cfb102834cdb836a5?w=1
CVE-2016-7128 [Memory Leakage In exif_process_IFD_in_TIFF]
+ RESERVED
- php7.0 7.0.10-1
- php5 <unfixed>
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72627
@@ -107,6 +145,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
NOTE: https://github.com/php/php-src/commit/6dbb1ee46b5f4725cc6519abf91e512a2a10dfed?w=1
CVE-2016-7127 [imagegammacorrect allows arbitrary write access]
+ RESERVED
- libgd2 <not-affected> (gamma correction is only implemented in PHP)
- php7.0 7.0.10-1 (unimportant)
- php5 <unfixed> (unimportant)
@@ -115,6 +154,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
NOTE: https://github.com/php/php-src/commit/1bd103df00f49cf4d4ade2cfe3f456ac058a4eae?w=1
CVE-2016-7126 [select_colors write out-of-bounds]
+ RESERVED
- libgd2 <not-affected> (libgd upstream not affected, overflow2 function check prevents the issue)
- php7.0 7.0.10-1 (unimportant)
- php5 <unfixed> (unimportant)
@@ -123,6 +163,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
NOTE: https://github.com/php/php-src/commit/b6f13a5ef9d6280cf984826a5de012a32c396cd4?w=1
CVE-2016-7125 [PHP Session Data Injection Vulnerability]
+ RESERVED
- php7.0 7.0.10-1
- php5 <unfixed>
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72681
@@ -132,13 +173,14 @@
NOTE: Scope of CVE also includes the "The similar issue also exist in session php_binary
NOTE: handler" part of 72681.
CVE-2016-7124 [Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization]
+ RESERVED
- php7.0 7.0.10-1
- php5 <unfixed>
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72663
NOTE: Fixed in 7.0.10, 5.6.25
NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
NOTE: https://github.com/php/php-src/commit/20ce2fe8e3c211a42fee05a461a5881be9a8790e?w=1
-CVE-2016-7123 [Missing CSRF protection in admin web interface]
+CVE-2016-7123 (Cross-site request forgery (CSRF) vulnerability in the admin web ...)
- mailman 2.1.15-1
NOTE: https://bugs.launchpad.net/mailman/+bug/1614841/comments/8
NOTE: https://bugs.launchpad.net/mailman/+bug/775294
@@ -150,12 +192,12 @@
- mactelnet <unfixed> (bug #836320)
[jessie] - mactelnet <no-dsa> (Minor issue, can be fixed via point release)
NOTE: https://github.com/haakonnessjoen/MAC-Telnet/commit/b69d11727d4f0f8cf719c79e3fb700f55ca03e9a
-CVE-2016-7114
- RESERVED
-CVE-2016-7113
- RESERVED
-CVE-2016-7112
- RESERVED
+CVE-2016-7114 (The EN100 Ethernet module before 4.29 for Siemens SIPROTEC 4 and ...)
+ TODO: check
+CVE-2016-7113 (The EN100 Ethernet module before 4.29 for Siemens SIPROTEC 4 and ...)
+ TODO: check
+CVE-2016-7112 (The EN100 Ethernet module before 4.29 for Siemens SIPROTEC 4 and ...)
+ TODO: check
CVE-2015-8956
RESERVED
CVE-2015-8955
@@ -673,8 +715,7 @@
NOTE: http://seclists.org/oss-sec/2016/q3/347
NOTE: https://sumofpwn.nl/advisory/2016/path_traversal_vulnerability_in_wordpress_core_ajax_handlers.html
TODO: check
-CVE-2016-6893 [CSRF protection needs to be extended to the user options page]
- RESERVED
+CVE-2016-6893 (Cross-site request forgery (CSRF) vulnerability in the user options ...)
{DLA-608-1}
- mailman <unfixed> (bug #835970)
NOTE: https://mail.python.org/pipermail/mailman-announce/2016-August/000225.html
@@ -2251,8 +2292,8 @@
RESERVED
CVE-2016-6378
RESERVED
-CVE-2016-6377
- RESERVED
+CVE-2016-6377 (Media Origination System Suite Software 2.6 and earlier in Cisco ...)
+ TODO: check
CVE-2016-6376 (The Adaptive Wireless Intrusion Prevention System (wIPS) feature on ...)
TODO: check
CVE-2016-6375
@@ -3991,8 +4032,8 @@
RESERVED
CVE-2016-5880
RESERVED
-CVE-2016-5879
- RESERVED
+CVE-2016-5879 (MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local users ...)
+ TODO: check
CVE-2016-5878 (Open redirect vulnerability in IBM FileNet Workplace 4.0.2 before ...)
NOT-FOR-US: IBM
CVE-2016-5877
@@ -4837,8 +4878,7 @@
- imagemagick <unfixed> (bug #832890)
NOTE: https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html
TODO: check, referenced fix does not seem the one fixing the issue
-CVE-2016-5699
- RESERVED
+CVE-2016-5699 (CRLF injection vulnerability in the HTTPConnection.putheader function ...)
{DLA-522-1}
- python3.5 <not-affected> (Fixed with initial upload to Debian)
- python3.4 3.4.4~rc1-1
@@ -5280,8 +5320,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/4
NOTE: https://gist.github.com/lamby/4697fea399f3f01ca6de3ce9ed79fce7 tarball diff
NOTE: https://gist.github.com/lamby/dbeda4d49f48a32aa0dd4b3ed7f06a13 filtered diff
-CVE-2016-5636 [heap overflow in Python zipimport module]
- RESERVED
+CVE-2016-5636 (Integer overflow in the get_data function in zipimport.c in CPython ...)
{DLA-522-1}
- python3.5 3.5.2~rc1-1
- python3.4 <removed>
@@ -5299,10 +5338,10 @@
NOT-FOR-US: ovirt-engine
CVE-2016-5431
RESERVED
-CVE-2016-5430
- RESERVED
-CVE-2016-5429
- RESERVED
+CVE-2016-5430 (The RSA 1.5 algorithm implementation in the JOSE_JWE class in JWE.php ...)
+ TODO: check
+CVE-2016-5429 (jose-php before 2.2.1 does not use constant-time operations for HMAC ...)
+ TODO: check
CVE-2016-5428
RESERVED
CVE-2016-5427
@@ -7245,8 +7284,7 @@
[jessie] - asterisk <not-affected> (Only affects 13.x)
[wheezy] - asterisk <not-affected> (Only affects 13.x)
NOTE: http://downloads.asterisk.org/pub/security/AST-2016-005.html
-CVE-2016-5107 [scsi: megasas: out-of-bounds read in megasas_lookup_frame() function]
- RESERVED
+CVE-2016-5107 (The megasas_lookup_frame function in QEMU, when built with MegaRAID ...)
- qemu 1:2.6+dfsg-2 (bug #825616)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -7254,16 +7292,14 @@
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04424.html
NOTE: Introduced after: http://git.qemu.org/?p=qemu.git;a=commit;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09 (v1.2.0-rc0)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1336461
-CVE-2016-5106 [scsi: megasas: out-of-bounds write while setting controller properties]
- RESERVED
+CVE-2016-5106 (The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, ...)
- qemu 1:2.6+dfsg-2 (bug #825615)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <not-affected> (Vulnerable code not present)
NOTE: Introduced after: http://git.qemu.org/?p=qemu.git;a=commit;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09 (v1.2.0-rc0)
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04340.html
-CVE-2016-5105 [scsi: megasas: stack information leakage while reading configuration]
- RESERVED
+CVE-2016-5105 (The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when ...)
- qemu 1:2.6+dfsg-2 (bug #825614)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -7553,8 +7589,7 @@
- mediawiki 1:1.27.0-1
[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-May/000188.html
-CVE-2016-4952 [scsi: pvscsi: out-of-bounds access issue in pvsci_ring_init_msg/data routines]
- RESERVED
+CVE-2016-4952 (QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual ...)
- qemu 1:2.6+dfsg-2 (bug #825210)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <not-affected> (VMWare PVSCSI paravirtual device implementation introduced later)
@@ -18629,8 +18664,8 @@
TODO: check
CVE-2016-1465 (Cisco Nexus 1000v Application Virtual Switch (AVS) devices before ...)
TODO: check
-CVE-2016-1464
- RESERVED
+CVE-2016-1464 (Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, ...)
+ TODO: check
CVE-2016-1463 (Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 ...)
TODO: check
CVE-2016-1462 (Cross-site scripting (XSS) vulnerability in the web-based management ...)
@@ -18727,8 +18762,8 @@
RESERVED
CVE-2016-1416 (Cisco Prime Collaboration Provisioning 10.6 SP2 (aka 10.6.0.10602) ...)
NOT-FOR-US: Cisco Prime
-CVE-2016-1415
- RESERVED
+CVE-2016-1415 (Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, ...)
+ TODO: check
CVE-2016-1414
RESERVED
CVE-2016-1413 (The web interface in Cisco Firepower Management Center 5.4.0 through ...)
@@ -20950,8 +20985,7 @@
- postgresql-9.1 <removed>
[jessie] - postgresql-9.1 <no-dsa> (postgresql-9.1 in jessie only provides PL/Perl)
NOTE: http://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=3bb3f42f3749d40b8d4de65871e8d828b18d4a45
-CVE-2016-0772 [TLS stripping vulnerability in smtplib]
- RESERVED
+CVE-2016-0772 (The smtplib library in CPython (aka Python) before 2.7.12, 3.x before ...)
{DLA-522-1}
- python3.5 3.5.2~rc1-1
- python3.4 <removed>
@@ -30905,12 +30939,12 @@
{DSA-3350-1 DLA-308-1}
- bind9 1:9.9.5.dfsg-12
NOTE: https://kb.isc.org/article/AA-01287
-CVE-2015-5721
- RESERVED
-CVE-2015-5720
- RESERVED
-CVE-2015-5719
- RESERVED
+CVE-2015-5721 (Malware Information Sharing Platform (MISP) before 2.3.90 allows ...)
+ TODO: check
+CVE-2015-5720 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+ TODO: check
+CVE-2015-5719 (app/Controller/TemplatesController.php in Malware Information Sharing ...)
+ TODO: check
CVE-2015-5718 (Stack-based buffer overflow in the handle_debug_network function in ...)
NOT-FOR-US: Websense Content Gateway
CVE-2015-5734 (Cross-site scripting (XSS) vulnerability in the legacy theme preview ...)
More information about the Secure-testing-commits
mailing list