[Secure-testing-commits] r50463 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sat Apr 8 09:10:18 UTC 2017


Author: sectracker
Date: 2017-04-08 09:10:18 +0000 (Sat, 08 Apr 2017)
New Revision: 50463

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-08 06:53:52 UTC (rev 50462)
+++ data/CVE/list	2017-04-08 09:10:18 UTC (rev 50463)
@@ -1,3 +1,5 @@
+CVE-2017-7587
+	RESERVED
 CVE-2017-7586 (In libsndfile before 1.0.28, an error in the "header_read()" function ...)
 	- libsndfile 1.0.27-2
 	NOTE: https://github.com/erikd/libsndfile/commit/708e996c87c5fae77b104ccfeb8f6db784c32074
@@ -22,10 +24,10 @@
 	RESERVED
 CVE-2017-7579 (inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field. ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2007-6760
-	RESERVED
-CVE-2007-6759
-	RESERVED
+CVE-2007-6760 (Dataprobe iBootBar (with 2007-09-20 and possibly later beta firmware) ...)
+	TODO: check
+CVE-2007-6759 (Dataprobe iBootBar (with 2007-09-20 and possibly later released ...)
+	TODO: check
 CVE-2017-7577 (XiongMai uc-httpd has directory traversal allowing the reading of ...)
 	NOT-FOR-US: XiongMai uc-httpd
 CVE-2017-7576 (DragonWave Horizon 1.01.03 wireless radios have hardcoded login ...)
@@ -4286,8 +4288,8 @@
 	RESERVED
 CVE-2017-6034
 	RESERVED
-CVE-2017-6033
-	RESERVED
+CVE-2017-6033 (A DLL Hijacking issue was discovered in Schneider Electric Interactive ...)
+	TODO: check
 CVE-2017-6032
 	RESERVED
 CVE-2017-6031
@@ -4314,8 +4316,8 @@
 	RESERVED
 CVE-2017-6020
 	RESERVED
-CVE-2017-6019
-	RESERVED
+CVE-2017-6019 (An issue was discovered in Schneider Electric Conext ComBox, model ...)
+	TODO: check
 CVE-2017-6018
 	RESERVED
 CVE-2017-6017
@@ -4660,6 +4662,7 @@
 	[wheezy] - postfixadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/07/6
 CVE-2017-5929 (QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting ...)
+	{DLA-888-1}
 	- logback 1:1.1.9-3 (bug #857343)
 	[jessie] - logback <no-dsa> (Minor issue; can be fixed via point release)
 	NOTE: https://github.com/qos-ch/logback/commit/f46044b805bca91efe5fd6afe52257cd02f775f8
@@ -18376,138 +18379,105 @@
 	RESERVED
 CVE-2017-0587
 	RESERVED
-CVE-2017-0586
-	RESERVED
+CVE-2017-0586 (An information disclosure vulnerability in the Qualcomm sound driver ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0585
-	RESERVED
+CVE-2017-0585 (An information disclosure vulnerability in the Broadcom Wi-Fi driver ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0584
-	RESERVED
+CVE-2017-0584 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0583
-	RESERVED
+CVE-2017-0583 (An elevation of privilege vulnerability in the Qualcomm CP access ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0582
-	RESERVED
+CVE-2017-0582 (An elevation of privilege vulnerability in the HTC OEM fastboot ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0581
-	RESERVED
+CVE-2017-0581 (An elevation of privilege vulnerability in the Synaptics Touchscreen ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0580
-	RESERVED
+CVE-2017-0580 (An elevation of privilege vulnerability in the Synaptics Touchscreen ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0579
-	RESERVED
+CVE-2017-0579 (An elevation of privilege vulnerability in the Qualcomm video driver ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0578
-	RESERVED
+CVE-2017-0578 (An elevation of privilege vulnerability in the DTS sound driver could ...)
 	NOT-FOR-US: DTS driver for Android
-CVE-2017-0577
-	RESERVED
+CVE-2017-0577 (An elevation of privilege vulnerability in the HTC touchscreen driver ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0576
-	RESERVED
+CVE-2017-0576 (An elevation of privilege vulnerability in the Qualcomm crypto engine ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0575
-	RESERVED
+CVE-2017-0575 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0574
-	RESERVED
+CVE-2017-0574 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0573
-	RESERVED
+CVE-2017-0573 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0572
-	RESERVED
+CVE-2017-0572 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0571
-	RESERVED
+CVE-2017-0571 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0570
-	RESERVED
+CVE-2017-0570 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0569
-	RESERVED
+CVE-2017-0569 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0568
-	RESERVED
+CVE-2017-0568 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0567
-	RESERVED
+CVE-2017-0567 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0566
-	RESERVED
+CVE-2017-0566 (An elevation of privilege vulnerability in the MediaTek camera driver ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0565
-	RESERVED
+CVE-2017-0565 (An elevation of privilege vulnerability in the MediaTek thermal driver ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0564
-	RESERVED
+CVE-2017-0564 (An elevation of privilege vulnerability in the kernel ION subsystem ...)
 	- linux <undetermined>
 	NOTE: present in drivers/staging/android/ion
-CVE-2017-0563
-	RESERVED
+CVE-2017-0563 (An elevation of privilege vulnerability in the HTC touchscreen driver ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0562
-	RESERVED
+CVE-2017-0562 (An elevation of privilege vulnerability in the MediaTek touchscreen ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0561
-	RESERVED
+CVE-2017-0561 (A remote code execution vulnerability in the Broadcom Wi-Fi firmware ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0560
-	RESERVED
+CVE-2017-0560 (An information disclosure vulnerability in the factory reset process ...)
 	NOT-FOR-US: Android
-CVE-2017-0559
-	RESERVED
+CVE-2017-0559 (An information disclosure vulnerability in libskia could enable a ...)
 	- skia <itp> (bug #818180)
-CVE-2017-0558
-	RESERVED
-CVE-2017-0557
-	RESERVED
-CVE-2017-0556
-	RESERVED
-CVE-2017-0555
-	RESERVED
-CVE-2017-0554
-	RESERVED
+CVE-2017-0558 (An information disclosure vulnerability in Mediaserver could enable a ...)
+	TODO: check
+CVE-2017-0557 (An information disclosure vulnerability in libmpeg2 in Mediaserver ...)
+	TODO: check
+CVE-2017-0556 (An information disclosure vulnerability in libmpeg2 in Mediaserver ...)
+	TODO: check
+CVE-2017-0555 (An information disclosure vulnerability in libavc in Mediaserver could ...)
+	TODO: check
+CVE-2017-0554 (An elevation of privilege vulnerability in the Telephony component ...)
 	NOT-FOR-US: Android
-CVE-2017-0553
-	RESERVED
-CVE-2017-0552
-	RESERVED
-CVE-2017-0551
-	RESERVED
-CVE-2017-0550
-	RESERVED
-CVE-2017-0549
-	RESERVED
-CVE-2017-0548
-	RESERVED
+CVE-2017-0553 (An elevation of privilege vulnerability in libnl could enable a local ...)
+	TODO: check
+CVE-2017-0552 (A remote denial of service vulnerability in libavc in Mediaserver ...)
+	TODO: check
+CVE-2017-0551 (A remote denial of service vulnerability in libavc in Mediaserver ...)
+	TODO: check
+CVE-2017-0550 (A remote denial of service vulnerability in libavc in Mediaserver ...)
+	TODO: check
+CVE-2017-0549 (A remote denial of service vulnerability in libavc in Mediaserver ...)
+	TODO: check
+CVE-2017-0548 (A remote denial of service vulnerability in libskia could enable an ...)
 	- skia <itp> (bug #818180)
-CVE-2017-0547
-	RESERVED
-CVE-2017-0546
-	RESERVED
+CVE-2017-0547 (An information disclosure vulnerability in libmedia in Mediaserver ...)
+	TODO: check
+CVE-2017-0546 (An elevation of privilege vulnerability in SurfaceFlinger could enable ...)
 	NOT-FOR-US: Android
-CVE-2017-0545
-	RESERVED
+CVE-2017-0545 (An elevation of privilege vulnerability in Audioserver could enable a ...)
 	NOT-FOR-US: Android
-CVE-2017-0544
-	RESERVED
+CVE-2017-0544 (An elevation of privilege vulnerability in CameraBase could enable a ...)
 	NOT-FOR-US: Android
-CVE-2017-0543
-	RESERVED
-CVE-2017-0542
-	RESERVED
-CVE-2017-0541
-	RESERVED
-CVE-2017-0540
-	RESERVED
-CVE-2017-0539
-	RESERVED
-CVE-2017-0538
-	RESERVED
+CVE-2017-0543 (A remote code execution vulnerability in libavc in Mediaserver could ...)
+	TODO: check
+CVE-2017-0542 (A remote code execution vulnerability in libavc in Mediaserver could ...)
+	TODO: check
+CVE-2017-0541 (A remote code execution vulnerability in sonivox in Mediaserver could ...)
+	TODO: check
+CVE-2017-0540 (A remote code execution vulnerability in libhevc in Mediaserver could ...)
+	TODO: check
+CVE-2017-0539 (A remote code execution vulnerability in libhevc in Mediaserver could ...)
+	TODO: check
+CVE-2017-0538 (A remote code execution vulnerability in libavc in Mediaserver could ...)
+	TODO: check
 CVE-2017-0537 (An information disclosure vulnerability in the kernel USB gadget ...)
 	NOT-FOR-US: Nvidia driver for Android
 	NOTE: https://source.android.com/security/bulletin/2017-03-01.html
@@ -18663,8 +18633,7 @@
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-0463 (An elevation of privilege vulnerability in the Qualcomm networking ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0462
-	RESERVED
+CVE-2017-0462 (An elevation of privilege vulnerability in the Qualcomm Seemp driver ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-0461 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver ...)
 	NOT-FOR-US: Qualcomm driver for Android
@@ -18680,8 +18649,7 @@
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-0455 (An information disclosure vulnerability in the Qualcomm bootloader ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0454
-	RESERVED
+CVE-2017-0454 (An elevation of privilege vulnerability in the Qualcomm audio driver ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-0453 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
 	NOT-FOR-US: Qualcomm driver for Android
@@ -25766,8 +25734,8 @@
 	NOTE: For kde-cli-tools fixed in 5.7.5 upstream
 	NOTE: kde-runtime's affected binary is /usr/lib/kde4/libexec/kdesu-distrib/kdesu
 	NOTE: kdesudo's affected binary is /usr/bin/kdesudo
-CVE-2016-7786
-	RESERVED
+CVE-2016-7786 (Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated ...)
+	TODO: check
 CVE-2016-7785 (The avi_read_seek function in libavformat/avidec.c in FFmpeg before ...)
 	- ffmpeg 7:3.1.4-1 (bug #840434)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/c8c5f66b42edc37474baa5cb51460cbf6f33075b (n3.1.4)




More information about the Secure-testing-commits mailing list