[Secure-testing-commits] r44832 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu Sep 22 21:10:12 UTC 2016
Author: sectracker
Date: 2016-09-22 21:10:12 +0000 (Thu, 22 Sep 2016)
New Revision: 44832
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-22 20:04:11 UTC (rev 44831)
+++ data/CVE/list 2016-09-22 21:10:12 UTC (rev 44832)
@@ -1,3 +1,45 @@
+CVE-2016-1000242
+ RESERVED
+CVE-2016-1000241
+ RESERVED
+CVE-2016-1000240
+ RESERVED
+CVE-2016-1000239
+ RESERVED
+CVE-2016-1000238
+ RESERVED
+CVE-2016-1000237
+ RESERVED
+CVE-2016-1000236
+ RESERVED
+CVE-2016-1000235
+ RESERVED
+CVE-2016-1000234
+ RESERVED
+CVE-2016-1000233
+ RESERVED
+CVE-2016-1000232
+ RESERVED
+CVE-2016-1000231
+ RESERVED
+CVE-2016-1000230
+ RESERVED
+CVE-2016-1000229
+ RESERVED
+CVE-2016-1000228
+ RESERVED
+CVE-2016-1000227
+ RESERVED
+CVE-2016-1000226
+ RESERVED
+CVE-2016-1000225
+ RESERVED
+CVE-2016-1000224
+ RESERVED
+CVE-2016-1000223
+ RESERVED
+CVE-2016-1000031
+ RESERVED
CVE-2016-7466 [usb: xhci memory leakage during device unplug]
RESERVED
- qemu <unfixed>
@@ -2984,12 +3026,14 @@
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=167d97a3def77ee2dbf6e908b0ecbfe2103977db
CVE-2016-7169 [a path traversal vulnerability in the upgrade package uploader]
RESERVED
+ {DLA-633-1}
- wordpress 4.6.1+dfsg-1
NOTE: https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
NOTE: Fixed in 4.6.1 release upstream
NOTE: Fixed by: https://core.trac.wordpress.org/changeset/38524
CVE-2016-7168 [a cross-site scripting vulnerability via image filename]
RESERVED
+ {DLA-633-1}
- wordpress 4.6.1+dfsg-1
NOTE: https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
NOTE: Fixed in 4.6.1 release upstream
@@ -3036,16 +3080,14 @@
NOTE: Issue only with the PDO driver and only if queries built by inlining
NOTE: the quoted string (not recommended).
NOTE: http://www.openwall.com/lists/oss-security/2016/09/07/8
-CVE-2016-7154 [use after free in FIFO event channel code]
- RESERVED
+CVE-2016-7154 (Use-after-free vulnerability in the FIFO event channel code in Xen ...)
{DSA-3663-1}
- xen 4.6.0-1
[wheezy] - xen <not-affected> (Versions 4.3 and earlier are not vulnerable)
NOTE: http://xenbits.xen.org/xsa/advisory-188.html
NOTE: Only affects Xen 4.4, as workaround it is marked as fixed in the first xen version entering unstable
NOTE: after the 4.4 series.
-CVE-2016-7166 [denial of service with gzip quine]
- RESERVED
+CVE-2016-7166 (libarchive before 3.2.0 does not limit the number of recursive ...)
{DLA-617-1}
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/660
@@ -3060,8 +3102,7 @@
NOTE: https://github.com/arvidn/libtorrent/pull/1022
NOTE: https://github.com/arvidn/libtorrent/commit/debf3c6e3688aab8394fe5c47737625faffe6f9e
NOTE: Fixed upstream in 1.1.1.
-CVE-2016-7163 [Integer overflow in opj_pi_create_decode]
- RESERVED
+CVE-2016-7163 (Integer overflow in the opj_pi_create_decode function in pi.c in ...)
{DSA-3665-1}
- openjpeg2 <unfixed> (bug #837604)
NOTE: https://github.com/uclouvain/openjpeg/commit/c16bc057ba3f125051c9966cf1f5b68a05681de4
@@ -3155,8 +3196,7 @@
- unrealircd <itp> (bug #515130)
NOTE: http://www.openwall.com/lists/oss-security/2016/09/04/3
NOTE: unrealircd reportedly vulnerable, and ircd-seven reportedly not vulnerable
-CVE-2016-7143 [certificate fingerprint spoofing through crafted SASL messages]
- RESERVED
+CVE-2016-7143 (The m_authenticate function in modules/m_sasl.c in Charybdis before ...)
{DSA-3661-1}
- charybdis 3.5.3-1 (bug #836714)
[wheezy] - charybdis <no-dsa> (unsupported)
@@ -3274,7 +3314,7 @@
NOT-FOR-US: Siemens
CVE-2016-7112 (The EN100 Ethernet module before 4.29 for Siemens SIPROTEC 4 and ...)
NOT-FOR-US: Siemens
-CVE-2015-8960
+CVE-2015-8960 (The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, ...)
NOTE: Vulnerability "in the TLS documentation", not assigned to a specific source/implentation
NOTE: https://www.usenix.org/system/files/conference/woot15/woot15-paper-hlauschek.pdf
CVE-2015-8956
@@ -3341,17 +3381,14 @@
NOTE: https://github.com/jquery/jquery-ui/pull/1622
NOTE: https://github.com/jquery/jquery-ui/pull/1632
NOTE: https://github.com/jquery/api.jqueryui.com/issues/281
-CVE-2016-7094 [x86 HVM: Overflow of sh_ctxt->seg_reg[]]
- RESERVED
+CVE-2016-7094 (Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS ...)
{DSA-3663-1 DLA-614-1}
- xen <unfixed>
NOTE: http://xenbits.xen.org/xsa/advisory-187.html
-CVE-2016-7093 [x86: Mishandling of instruction pointer truncation during emulation]
- RESERVED
+CVE-2016-7093 (Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to ...)
- xen <not-affected> (Affects only 4.7.0 and later; 4.6.3 and 4.5.3)
NOTE: http://xenbits.xen.org/xsa/advisory-186.html
-CVE-2016-7092 [Disallow L3 recursive pagetable for 32-bit PV guests]
- RESERVED
+CVE-2016-7092 (The get_page_from_l3e function in arch/x86/mm.c in Xen allows local ...)
{DSA-3663-1 DLA-614-1}
- xen <unfixed>
NOTE: http://xenbits.xen.org/xsa/advisory-185.html
@@ -4026,13 +4063,11 @@
RESERVED
CVE-2016-6803
RESERVED
-CVE-2016-6802
- RESERVED
+CVE-2016-6802 (Apache Shiro before 1.3.2 allows attackers to bypass intended servlet ...)
- shiro <unfixed>
[jessie] - shiro <no-dsa> (Minor issue)
TODO: check if affecting versions in Debian, issue fixed upstream with 1.3.2 release,
-CVE-2016-6801 [CSRF in Jackrabbit-Webdav using empty content-type]
- RESERVED
+CVE-2016-6801 (Cross-site request forgery (CSRF) vulnerability in the CSRF ...)
{DLA-629-1}
- jackrabbit 2.12.4-1 (bug #838204)
NOTE: http://svn.apache.org/r1758791 (2.4.x)
@@ -4389,8 +4424,7 @@
RESERVED
CVE-2016-6663
RESERVED
-CVE-2016-6662 [privilege escalation through ld_preload hijacking and my.cnf rewrite]
- RESERVED
+CVE-2016-6662 (Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through ...)
{DSA-3666-1 DLA-624-1}
- mariadb-10.0 10.0.27-1
[jessie] - mariadb-10.0 10.0.27-0+deb8u1
@@ -4503,10 +4537,12 @@
RESERVED
- matrixssl <removed>
CVE-2016-6635 (Cross-site request forgery (CSRF) vulnerability in the ...)
+ {DLA-633-1}
- wordpress 4.5+dfsg-1
NOTE: https://github.com/WordPress/WordPress/commit/9b7a7754133c50b82bd9d976fb5b24094f658aab
NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37143
CVE-2016-6634 (Cross-site scripting (XSS) vulnerability in the network settings page ...)
+ {DLA-633-1}
- wordpress 4.5+dfsg-1
NOTE: http://codex.wordpress.org/Version_4.5
NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37124
@@ -4691,6 +4727,7 @@
NOTE: https://github.com/ImageMagick/ImageMagick/commit/2ad6d33493750a28a5a655d319a8e0b16c392de1
NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2015-8957 [buffer overflow in sun file handling]
+ RESERVED
{DSA-3652-1}
[experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832464)
@@ -4700,6 +4737,7 @@
NOTE: https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4
NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2015-8958 [potential DOS in sun file handling due to malformed files]
+ RESERVED
{DSA-3652-1}
[experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832465)
@@ -4915,6 +4953,7 @@
NOTE: https://github.com/ImageMagick/ImageMagick/commit/53c1dcd34bed85181b901bfce1a2322f85a59472
NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2015-8959 [DOS due to corrupted DDS files]
+ RESERVED
{DSA-3652-1}
- imagemagick <unfixed> (bug #832944)
NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26861
@@ -4922,6 +4961,7 @@
NOTE: https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4
NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2014-9907 [DOS due to corrupted DDS files]
+ RESERVED
{DSA-3652-1}
[experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832942)
@@ -5089,8 +5129,8 @@
RESERVED
CVE-2016-6531
RESERVED
-CVE-2016-6530
- RESERVED
+CVE-2016-6530 (Dentsply Sirona (formerly Schick) CDR Dicom 5 and earlier has default ...)
+ TODO: check
CVE-2016-6529
RESERVED
CVE-2016-6528
@@ -5764,6 +5804,7 @@
NOTE: https://www.openssl.org/news/secadv/20160922.txt
CVE-2016-6306
RESERVED
+ {DSA-3673-1}
- openssl 1.0.2i-1
NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=ff553f837172ecb2b5c8eca257ec3c5619a4b299
NOTE: https://www.openssl.org/news/secadv/20160922.txt
@@ -5775,16 +5816,19 @@
NOTE: Fixed in 1.1.0a
CVE-2016-6304 [OCSP Status Request extension unbounded memory growth]
RESERVED
+ {DSA-3673-1}
[experimental] - openssl 1.1.0a-1
- openssl 1.0.2i-1
NOTE: https://www.openssl.org/news/secadv/20160922.txt
NOTE: Fixed in 1.1.0a, 1.0.2i, 1.0.1u
CVE-2016-6303 (Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c ...)
+ {DSA-3673-1}
- openssl 1.0.2i-1
NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=55d83bf7c10c7b205fffa23fa7c3977491e56c07
NOTE: https://www.openssl.org/news/secadv/20160922.txt
NOTE: Fixed in 1.0.2i, 1.0.1u
CVE-2016-6302 (The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before ...)
+ {DSA-3673-1}
- openssl 1.0.2i-1
NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=e97763c92c655dcf4af2860b3abd2bc4c8a267f9
NOTE: https://www.openssl.org/news/secadv/20160922.txt
@@ -5808,8 +5852,7 @@
NOTE: https://github.com/latchset/jwcrypto/pull/66
NOTE: https://github.com/latchset/jwcrypto/commit/eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba
NOTE: Code moved around in git, for 0.3.2 it is in jwe.py
-CVE-2016-6354 [Buffer overflow in generated code (yy_get_next_buffer); related to num_to_read]
- RESERVED
+CVE-2016-6354 (Heap-based buffer overflow in the yy_get_next_buffer function in Flex ...)
{DSA-3653-2 DSA-3653-1}
- flex 2.6.1-1 (bug #832768)
[wheezy] - flex <not-affected> (Issue introduced with 2.5.36)
@@ -6246,8 +6289,7 @@
NOTE: Following reverse dependencies need to be recompiled: minit (wheezy, jessie),
NOTE: util-vserver (jessie, sid), mksh (sid, experimental)
NOTE: http://news.gmane.org/find-root.php?message_id=alpine.DEB.2.20.1607181048300.24083%40tglase.lan.tarent.de
-CVE-2016-6250 [Integer overflow when verifying filename size]
- RESERVED
+CVE-2016-6250 (Integer overflow in the ISO9660 writer in libarchive before 3.2.1 ...)
{DLA-554-1}
- libarchive 3.2.1-1
NOTE: https://github.com/libarchive/libarchive/issues/711
@@ -6716,10 +6758,10 @@
- libgd2 2.2.1-1
NOTE: https://github.com/libgd/libgd/issues/209
NOTE: https://github.com/libgd/libgd/commit/82b80dcb70a7ca8986125ff412bceddafc896842 (gd-2.2.0)
-CVE-2016-6159
- RESERVED
-CVE-2016-6158
- RESERVED
+CVE-2016-6159 (The management interface of Huawei WS331a routers with software before ...)
+ TODO: check
+CVE-2016-6158 (Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei ...)
+ TODO: check
CVE-2016-6157
RESERVED
CVE-2016-6156 (Race condition in the ec_device_ioctl_xcmd function in ...)
@@ -7702,8 +7744,7 @@
TODO: check
CVE-2014-9863 (Integer underflow in the diag driver in the Qualcomm components in ...)
TODO: check
-CVE-2016-5844 [undefined behaviour (integer overflow) in iso parser]
- RESERVED
+CVE-2016-5844 (Integer overflow in the ISO parser in libarchive before 3.2.1 allows ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.1-1
NOTE: Upstream ticket: https://github.com/libarchive/libarchive/issues/717
@@ -7787,6 +7828,7 @@
NOTE: Upstream bug: https://core.trac.wordpress.org/ticket/36379
NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37781
CVE-2016-5836 (The oEmbed protocol implementation in WordPress before 4.5.3 allows ...)
+ {DLA-633-1}
- wordpress 4.5.3+dfsg-1
NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
NOTE: Upstream ticket: https://core.trac.wordpress.org/ticket/36767
@@ -8619,16 +8661,14 @@
TODO: check
CVE-2016-5428
RESERVED
-CVE-2016-5427
- RESERVED
+CVE-2016-5427 (PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not ...)
{DSA-3664-1 DLA-627-1}
- pdns 4.0.0~alpha1-1
NOTE: Only affects PowerDNS Authoritative Server up to and including 3.4.9, 4.x not affected
NOTE: Added workaround to mark first 4.x version in unstable as fixed.
NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/
NOTE: https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3
-CVE-2016-5426
- RESERVED
+CVE-2016-5426 (PowerDNS (aka pdns) Authoritative Server before 3.4.10 allows remote ...)
{DSA-3664-1 DLA-627-1}
- pdns 4.0.0~alpha1-1
NOTE: Only affects PowerDNS Authoritative Server up to and including 3.4.9, 4.x not affected
@@ -8675,8 +8715,7 @@
NOTE: https://curl.haxx.se/docs/adv_20160803A.html
NOTE: Fixed by https://curl.haxx.se/CVE-2016-5419.patch
NOTE: Wheezy: vulnerable code is in lib/sslgen.c
-CVE-2016-5418 [Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite]
- RESERVED
+CVE-2016-5418 (The sandboxing code in libarchive 3.2.0 and earlier mishandles ...)
- libarchive <unfixed> (bug #837714)
NOTE: Centos patch: https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418.patch;jsessionid=1dexz8h9qdewibih5aonbu3
NOTE: Centos additional patch: https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418-variation.patch;jsessionid=1dexz8h9qdewibih5aonbu3
@@ -9140,21 +9179,18 @@
NOTE: https://bugs.php.net/bug.php?id=68978
NOTE: https://github.com/php/php-src/commit/996faf964bba1aec06b153b370a7f20d3dd2bb8b
NOTE: Fixed in 5.6.6, 5.5.22 and 5.4.38
-CVE-2015-8934 [out of bounds heap read in RAR parser]
- RESERVED
+CVE-2015-8934 (The copy_from_lzss_window function in ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.1-1
NOTE: https://github.com/libarchive/libarchive/issues/521
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/603454ec03040c29bd051fcc749e3c1433c11a8e (v3.2.1)
-CVE-2015-8933 [undefined behaviour / signed integer overflow in archive_read_format_tar_skip()]
- RESERVED
+CVE-2015-8933 (Integer overflow in the archive_read_format_tar_skip function in ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/548
NOTE: https://github.com/libarchive/libarchive/issues/582
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/3c7a6dc6694d9b26400d2bd672e04d09ed8a4276 (v3.1.900a)
-CVE-2015-8932
- RESERVED
+CVE-2015-8932 (The compress_bidder_init function in ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/547
@@ -9163,110 +9199,93 @@
NOTE: and https://github.com/libarchive/libarchive/commit/618618c8a6be453f79e0bdbdeab6e1dd8bf429b3 (v3.1.900a)
NOTE: Part of the problematic code was introduced with commit bf4f6ec64ef3edefbc41172692868fb8df514805
NOTE: to fix https://github.com/libarchive/libarchive/issues/356
-CVE-2015-8931
- RESERVED
+CVE-2015-8931 (Multiple integer overflows in the (1) get_time_t_max and (2) ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/539
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/b31744df71084a8734f97199e42418f55d08c6c5 (v3.1.900a)
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/c0c52e9aaafb0860c4151c5374372051e9354301 (v3.1.900a)
-CVE-2015-8930
- RESERVED
+CVE-2015-8930 (bsdtar in libarchive before 3.2.0 allows remote attackers to cause a ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/522
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/39fc59391b7cf2a007bffce280c1e3e66674258f (v3.1.900a)
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/01cfbca4fdae1492a8a09c001b61bbca46f869f2 (v3.1.900a)
-CVE-2015-8929 [memory leak in __archive_read_get_extract]
- RESERVED
+CVE-2015-8929 (Memory leak in the __archive_read_get_extract function in ...)
- libarchive 3.2.0-2
[jessie] - libarchive <not-affected> (Introduced in 3.2.0)
[wheezy] - libarchive <not-affected> (Introduced in 3.2.0)
NOTE: https://github.com/libarchive/libarchive/issues/517
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/d24e79e8f9547ae475a3a0c9516e079a14010838
-CVE-2015-8928
- RESERVED
+CVE-2015-8928 (The process_add_entry function in archive_read_support_format_mtree.c ...)
{DSA-3657-1}
- libarchive 3.2.0-2
[wheezy] - libarchive <not-affected> (vulnerable code not present)
NOTE: https://github.com/libarchive/libarchive/issues/550
NOTE: Fixed by https://github.com/libarchive/libarchive/commit/64d5628
-CVE-2015-8927
- RESERVED
+CVE-2015-8927 (The trad_enc_decrypt_update function in ...)
- libarchive 3.2.0-2
[jessie] - libarchive <not-affected> (vulnerable code not present)
[wheezy] - libarchive <not-affected> (vulnerable code not present)
NOTE: https://github.com/libarchive/libarchive/issues/523
NOTE: Fixed by https://github.com/libarchive/libarchive/commit/eff35d4
-CVE-2015-8926
- RESERVED
+CVE-2015-8926 (The archive_read_format_rar_read_data function in ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/518
NOTE: Fixed by https://github.com/libarchive/libarchive/commit/aab73938
-CVE-2015-8925
- RESERVED
+CVE-2015-8925 (The readline function in archive_read_support_format_mtree.c in ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/516
NOTE: Fixed by https://github.com/libarchive/libarchive/commit/1e18cbb71
-CVE-2015-8924
- RESERVED
+CVE-2015-8924 (The archive_read_format_tar_read_header function in ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/515
NOTE: Fixed by https://github.com/libarchive/libarchive/commit/bb9b157
-CVE-2015-8923
- RESERVED
+CVE-2015-8923 (The process_extra function in libarchive before 3.2.0 uses the size ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/514
NOTE: Fixed by https://github.com/libarchive/libarchive/commit/9e0689c
-CVE-2015-8922
- RESERVED
+CVE-2015-8922 (The read_CodersInfo cuntion in archive_read_support_format_7zip.c in ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/513
NOTE: Fixed by https://github.com/libarchive/libarchive/commit/d094dc
-CVE-2015-8921
- RESERVED
+CVE-2015-8921 (The ae_strtofflags function in archive_entry.c in libarchive before ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/512
NOTE: Fixed by https://github.com/libarchive/libarchive/commit/1cbc76f
-CVE-2015-8920
- RESERVED
+CVE-2015-8920 (The _ar_read_header function in archive_read_support_format_ar.c in ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/511
NOTE: Fixed by https://github.com/libarchive/libarchive/commit/97f964e
-CVE-2015-8919
- RESERVED
+CVE-2015-8919 (The lha_read_file_extended_header function in ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/510
NOTE: Fixed by https://github.com/libarchive/libarchive/commit/e8a2e4d
-CVE-2015-8918
- RESERVED
+CVE-2015-8918 (The archive_string_append function in archive_string.c in libarchive ...)
- libarchive <not-affected> (Vulnerable code not in a released version)
NOTE: Introduced in https://github.com/libarchive/libarchive/commit/cf8e67ffc8a2227b63fc6d3d1569b0214f160f54
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/b6ba56037f0da44efebfa271cc4b1a736a74c62f
NOTE: https://github.com/libarchive/libarchive/issues/506
-CVE-2015-8917
- RESERVED
+CVE-2015-8917 (bsdtar in libarchive before 3.2.0 allows remote attackers to cause a ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/505
NOTE: Fixed by https://github.com/libarchive/libarchive/commit/b2e2abb
-CVE-2015-8916
- RESERVED
+CVE-2015-8916 (bsdtar in libarchive before 3.2.0 returns a success code without ...)
{DSA-3657-1}
- libarchive 3.2.0-2
[wheezy] - libarchive <not-affected> (no segfault, not reproducible with reproducer)
NOTE: https://github.com/libarchive/libarchive/issues/504
NOTE: Fixed by https://github.com/libarchive/libarchive/commit/b2e2abb
-CVE-2015-8915
- RESERVED
+CVE-2015-8915 (bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a ...)
{DLA-617-1}
- libarchive 3.2.0-2 (low; bug #784213)
[jessie] - libarchive <no-dsa> (Minor issue)
@@ -9358,6 +9377,7 @@
RESERVED
CVE-2016-5284
RESERVED
+ {DSA-3674-1}
- firefox 49.0-1
- firefox-esr 45.4.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
@@ -9376,12 +9396,14 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
CVE-2016-5281
RESERVED
+ {DSA-3674-1}
- firefox 49.0-1
- firefox-esr 45.4.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
CVE-2016-5280
RESERVED
+ {DSA-3674-1}
- firefox 49.0-1
- firefox-esr 45.4.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
@@ -9394,18 +9416,21 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
CVE-2016-5278
RESERVED
+ {DSA-3674-1}
- firefox 49.0-1
- firefox-esr 45.4.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
CVE-2016-5277
RESERVED
+ {DSA-3674-1}
- firefox 49.0-1
- firefox-esr 45.4.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
CVE-2016-5276
RESERVED
+ {DSA-3674-1}
- firefox 49.0-1
- firefox-esr 45.4.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
@@ -9418,6 +9443,7 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
CVE-2016-5274
RESERVED
+ {DSA-3674-1}
- firefox 49.0-1
- firefox-esr 45.4.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
@@ -9430,6 +9456,7 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
CVE-2016-5272
RESERVED
+ {DSA-3674-1}
- firefox 49.0-1
- firefox-esr 45.4.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
@@ -9442,6 +9469,7 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
CVE-2016-5270
RESERVED
+ {DSA-3674-1}
- firefox 49.0-1
- firefox-esr 45.4.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
@@ -9481,6 +9509,7 @@
- firefox-esr 45.3.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-76/
CVE-2016-5261 (Integer overflow in the WebSocketChannel class in the WebSockets ...)
+ {DSA-3674-1}
- firefox 48.0-1
- firefox-esr 45.4.0esr-1
NOTE: For Firefox: https://www.mozilla.org/en-US/security/advisories/mfsa2016-75/
@@ -9501,6 +9530,7 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-72/
CVE-2016-5257
RESERVED
+ {DSA-3674-1}
- firefox 49.0-1
- firefox-esr 45.4.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
@@ -9532,6 +9562,7 @@
- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-66/
CVE-2016-5250 (Mozilla Firefox before 48.0 allows remote attackers to obtain ...)
+ {DSA-3674-1}
- firefox 48.0-1
- firefox-esr 45.4.0esr-1
NOTE: For Firefox: https://www.mozilla.org/en-US/security/advisories/mfsa2016-84/
@@ -10466,8 +10497,7 @@
RESERVED
CVE-2016-5018
RESERVED
-CVE-2016-5017 [Buffer overflow vulnerability in ZooKeeper C cli shell]
- RESERVED
+CVE-2016-5017 (Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 ...)
{DLA-630-1}
- zookeeper 3.4.9-1
[jessie] - zookeeper <no-dsa> (Minor issue, can be fixed in point release)
@@ -10652,16 +10682,16 @@
[jessie] - netty <not-affected> (Vulnerable code not present)
[wheezy] - netty <not-affected> (Vulnerable code not present)
NOTE: Versions affected: Netty 4.0.0.Final - 4.0.36.Final and 4.1.0.Final
-CVE-2016-4969
- RESERVED
-CVE-2016-4968
- RESERVED
-CVE-2016-4967
- RESERVED
-CVE-2016-4966
- RESERVED
-CVE-2016-4965
- RESERVED
+CVE-2016-4969 (Cross-site scripting (XSS) vulnerability in Fortinet FortiWan ...)
+ TODO: check
+CVE-2016-4968 (The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly ...)
+ TODO: check
+CVE-2016-4967 (Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote ...)
+ TODO: check
+CVE-2016-4966 (The diagnosis_control.php page in Fortinet FortiWan (formerly ...)
+ TODO: check
+CVE-2016-4965 (Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote ...)
+ TODO: check
CVE-2016-XXXX [AST-2016-005]
- asterisk 1:13.8.2~dfsg-1
[jessie] - asterisk <not-affected> (Only affects 13.x)
@@ -11278,8 +11308,7 @@
[jessie] - keystone <not-affected> (affects only 9.0.0)
[wheezy] - keystone <not-affected> (affects only 9.0.0)
NOTE: https://launchpad.net/bugs/1577558
-CVE-2016-4809 [Memory allocate error with symbolic links in cpio archives]
- RESERVED
+CVE-2016-4809 (The archive_read_format_cpio_read_header function in ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.1-1
NOTE: https://github.com/libarchive/libarchive/issues/705
@@ -12385,8 +12414,7 @@
CVE-2016-4465 (The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and ...)
- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.28.1 and 2.5)
NOTE: https://struts.apache.org/docs/s2-041.html
-CVE-2016-4464
- RESERVED
+CVE-2016-4464 (The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and ...)
NOT-FOR-US: Apache CXF
CVE-2016-4463 (Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows ...)
{DSA-3610-1 DLA-535-1}
@@ -12636,12 +12664,12 @@
RESERVED
CVE-2016-4385
RESERVED
-CVE-2016-4384
- RESERVED
+CVE-2016-4384 (HPE Performance Center before 12.50 and LoadRunner before 12.50 allow ...)
+ TODO: check
CVE-2016-4383
RESERVED
-CVE-2016-4382
- RESERVED
+CVE-2016-4382 (HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows ...)
+ TODO: check
CVE-2016-4381 (HPE XP7 Command View Advanced Edition (CVAE) Suite 6.x through 8.x ...)
TODO: check
CVE-2016-4380 (Cross-site scripting (XSS) vulnerability in the AdminUI in HPE ...)
@@ -12841,16 +12869,14 @@
NOTE: https://raw.githubusercontent.com/esnet/security/master/cve-2016-4303/esnet-secadv-2016-0001.txt.asc
NOTE: https://github.com/esnet/iperf/commit/f01a9ca8f7e878e438a53687dabe30b7f7222912 (3.1.x)
NOTE: http://www.talosintel.com/reports/TALOS-2016-0164/
-CVE-2016-4302 [Libarchive Rar RestartModel Heap Overflow]
- RESERVED
+CVE-2016-4302 (Heap-based buffer overflow in the parse_codes function in ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.1-1
NOTE: http://blog.talosintel.com/2016/06/the-poisoned-archives.html
NOTE: http://www.talosintel.com/reports/TALOS-2016-0154/
NOTE: https://github.com/libarchive/libarchive/issues/719
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700 (v3.2.1)
-CVE-2016-4301 [mtree parse_device Stack Based Buffer Overflow]
- RESERVED
+CVE-2016-4301 (Stack-based buffer overflow in the parse_device function in ...)
- libarchive 3.2.1-1
[jessie] - libarchive <not-affected> (Introduced in 3.2.0)
[wheezy] - libarchive <not-affected> (Introduced in 3.2.0)
@@ -12858,8 +12884,7 @@
NOTE: http://www.talosintel.com/reports/TALOS-2016-0153/
NOTE: https://github.com/libarchive/libarchive/pull/715
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/ecdac4d50db0cf5a0c630ba077729aaa6c5a2dd2
-CVE-2016-4300 [7-Zip read_SubStreamsInfo Integer Overflow]
- RESERVED
+CVE-2016-4300 (Integer overflow in the read_SubStreamsInfo function in ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.1-1
NOTE: http://blog.talosintel.com/2016/06/the-poisoned-archives.html
@@ -13592,6 +13617,7 @@
CVE-2016-4030
RESERVED
CVE-2016-4029 (WordPress before 4.5 does not consider octal and hexadecimal IP ...)
+ {DLA-633-1}
- wordpress 4.5+dfsg-1
NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37115
NOTE: Fixed by: https://github.com/WordPress/WordPress/commit/af9f0520875eda686fd13a427fd3914d7aded049
@@ -13722,8 +13748,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/04/12/1
CVE-2016-3996
RESERVED
-CVE-2016-3991 [tiffcrop: out-of-bounds write in loadImage()]
- RESERVED
+CVE-2016-3991 (Heap-based buffer overflow in the loadImage function in the tiffcrop ...)
{DLA-610-1 DLA-606-1}
- tiff <unfixed>
[jessie] - tiff <no-dsa> (Minor issue)
@@ -13731,8 +13756,7 @@
NOTE: src:tiff3: built binary packages do not contain the TIFF tools
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2543
NOTE: Reproducer http://bugs.fi/media/afl/libtiff/CVE-2016-3991.tif
-CVE-2016-3990 [tiffcp: out-of-bounds write in horizontalDifference8()]
- RESERVED
+CVE-2016-3990 (Heap-based buffer overflow in the horizontalDifference8 function in ...)
{DLA-610-1}
- tiff <unfixed> (bug #836570)
[jessie] - tiff <no-dsa> (Minor issue)
@@ -13954,8 +13978,7 @@
NOTE: https://golang.org/cl/21428
CVE-2016-3946
RESERVED
-CVE-2016-3945 [Out-of-bounds Write in the tiff2rgba tool]
- RESERVED
+CVE-2016-3945 (Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile ...)
{DLA-610-1}
- tiff <unfixed>
[jessie] - tiff <no-dsa> (Minor issue)
@@ -14697,7 +14720,7 @@
NOTE: Fixed in 5.6.11, 5.5.27, 5.4.43
NOTE: https://bugs.php.net/bug.php?id=69669
CVE-2015-8834 (Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in ...)
- {DSA-3639-1}
+ {DSA-3639-1 DLA-633-1}
- wordpress 4.2.2+dfsg-1
NOTE: https://wordpress.org/news/2015/05/wordpress-4-2-2/
NOTE: Follow-up patch from 4.2.1 -> 4.2.2 for wp-includes/wp-db.php seems not applied
@@ -14793,8 +14816,7 @@
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2548
NOTE: Upstream will remove thumbnail from 4.0.7 release
NOTE: No patch available. Issue marked as wontfix by upstream.
-CVE-2016-3632 [Illegal write occurs in the _TIFFVGetField function in tif_dirinfo.c when using thumbnail]
- RESERVED
+CVE-2016-3632 (The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and ...)
- tiff <unfixed>
[jessie] - tiff <no-dsa> (Minor issue)
[wheezy] - tiff <no-dsa> (Minor issue)
@@ -19342,31 +19364,37 @@
NOTE: Python issue: https://bugs.python.org/issue27850
TODO: not clear if this should be assigned to individual source, like openssl and nss (openpvn got a own CVE)
CVE-2016-2182 (The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 ...)
+ {DSA-3673-1}
- openssl 1.0.2i-1
NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=07bed46f332fce8c1d157689a2cdf915a982ae34
NOTE: https://www.openssl.org/news/secadv/20160922.txt
NOTE: Fixed in 1.0.2i, 1.0.1u
CVE-2016-2181 (The Anti-Replay feature in the DTLS implementation in OpenSSL before ...)
+ {DSA-3673-1}
- openssl 1.0.2i-1
NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=1fb9fdc3027b27d8eb6a1e6a846435b070980770
NOTE: https://www.openssl.org/news/secadv/20160922.txt
NOTE: Fixed in 1.0.2i, 1.0.1u
CVE-2016-2180 (The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 ...)
+ {DSA-3673-1}
- openssl 1.0.2i-1
NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=0ed26acce328ec16a3aa635f1ca37365e8c7403a
NOTE: https://www.openssl.org/news/secadv/20160922.txt
NOTE: Fixed in 1.0.2i, 1.0.1u
CVE-2016-2179 (The DTLS implementation in OpenSSL before 1.1.0 does not properly ...)
+ {DSA-3673-1}
- openssl 1.0.2i-1
NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=f5c7f5dfbaf0d2f7d946d0fe86f08e6bcb36ed0d
NOTE: https://www.openssl.org/news/secadv/20160922.txt
NOTE: Fixed in 1.0.2i, 1.0.1u
CVE-2016-2178 (The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL ...)
+ {DSA-3673-1}
- openssl 1.0.2i-1 (low)
NOTE: Fixed in master branch in https://git.openssl.org/?p=openssl.git;a=commit;h=399944622df7bd81af62e67ea967c470534090e2
NOTE: https://www.openssl.org/news/secadv/20160922.txt
NOTE: Fixed in 1.0.2i, 1.0.1u
CVE-2016-2177 (OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for ...)
+ {DSA-3673-1}
- openssl 1.0.2i-1 (low)
NOTE: Fixed in 1.0.2 branch in https://git.openssl.org/?p=openssl.git;a=commit;h=a004e72b95835136d3f1ea90517f706c24c03da7
NOTE: https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/
@@ -24005,8 +24033,7 @@
TODO: check
CVE-2016-0926 (Cross-site scripting (XSS) vulnerability in Apps Manager in Pivotal ...)
TODO: check
-CVE-2016-0925
- RESERVED
+CVE-2016-0925 (Cross-site scripting (XSS) vulnerability in the Case Management ...)
NOT-FOR-US: EMC RSA Adaptive Authentication
CVE-2016-0924 (The TLS 1.2 implementation in EMC RSA BSAFE Micro Edition Suite (MES) ...)
TODO: check
@@ -24014,18 +24041,16 @@
TODO: check
CVE-2016-0922 (EMC ViPR SRM before 3.7.2 does not restrict the number of ...)
TODO: check
-CVE-2016-0921
- RESERVED
+CVE-2016-0921 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...)
NOT-FOR-US: EMC Avamar
-CVE-2016-0920
- RESERVED
+CVE-2016-0920 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...)
NOT-FOR-US: EMC Avamar
CVE-2016-0919
RESERVED
CVE-2016-0918
RESERVED
-CVE-2016-0917
- RESERVED
+CVE-2016-0917 (The SMB service in EMC VNXe, VNX1 File OE before 7.1.80.3, and VNX2 ...)
+ TODO: check
CVE-2016-0916 (EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before ...)
NOT-FOR-US: EMC NetWorker
CVE-2016-0915 (The Self-Service Portal in EMC RSA Authentication Manager (AM) Prime ...)
@@ -24048,14 +24073,11 @@
NOT-FOR-US: EMC Isilon
CVE-2016-0906 (The web-restore interface in Avamar Data Store (ADS) and Avamar ...)
NOT-FOR-US: EMC Avamar
-CVE-2016-0905
- RESERVED
+CVE-2016-0905 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...)
NOT-FOR-US: EMC Avamar
-CVE-2016-0904
- RESERVED
+CVE-2016-0904 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...)
NOT-FOR-US: EMC Avamar
-CVE-2016-0903
- RESERVED
+CVE-2016-0903 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...)
NOT-FOR-US: EMC Avamar
CVE-2016-0902 (CRLF injection vulnerability in EMC RSA Authentication Manager before ...)
NOT-FOR-US: RSA Authentication Manager
@@ -31375,8 +31397,7 @@
NOT-FOR-US: VMware
CVE-2015-6931 (Cross-site scripting (XSS) vulnerability in the vSphere Web Client in ...)
TODO: check
-CVE-2015-8871 [Use-after-free in opj_j2k_write_mco]
- RESERVED
+CVE-2015-8871 (Use-after-free vulnerability in the opj_j2k_write_mco function in ...)
{DSA-3665-1}
- openjpeg2 2.1.1-1 (bug #800149)
- openjpeg <not-affected> (Vulnerable code not present; opj_j2k_write_mco function)
More information about the Secure-testing-commits
mailing list