[Secure-testing-commits] r50973 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sun Apr 23 21:10:12 UTC 2017 

Author: sectracker
Date: 2017-04-23 21:10:12 +0000 (Sun, 23 Apr 2017)
New Revision: 50973

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-23 20:58:20 UTC (rev 50972)
+++ data/CVE/list	2017-04-23 21:10:12 UTC (rev 50973)
@@ -1,3 +1,17 @@
+CVE-2017-8079
+	RESERVED
+CVE-2017-8078 (On the TP-Link TL-SG108E 1.0, the upgrade process can be requested ...)
+	TODO: check
+CVE-2017-8077 (On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a ...)
+	TODO: check
+CVE-2017-8076 (On the TP-Link TL-SG108E 1.0, admin network communications are RC4 ...)
+	TODO: check
+CVE-2017-8075 (On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve ...)
+	TODO: check
+CVE-2017-8074 (On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve ...)
+	TODO: check
+CVE-2017-8073 (WeeChat before 1.7.1 allows a remote crash by sending a filename via ...)
+	TODO: check
 CVE-2017-8072 (The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c ...)
 	- linux 4.9.10-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -275,10 +289,12 @@
 CVE-2017-7962 (The iwgif_read_image function in imagew-gif.c in libimageworsener.a in ...)
 	NOT-FOR-US: ImageWorsener
 CVE-2017-7961 (The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco 0.6.11 and ...)
+	{DLA-909-1}
 	- libcroco 0.6.11-3 (bug #860961)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/17/libcroco-heap-overflow-and-undefined-behavior/
 	NOTE: https://git.gnome.org/browse/libcroco/commit/?id=9ad72875e9f08e4c519ef63d44cdbd94aa9504f7
 CVE-2017-7960 (The cr_input_new_from_uri function in cr-input.c in libcroco 0.6.11 and ...)
+	{DLA-909-1}
 	- libcroco 0.6.11-3 (bug #860961)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/17/libcroco-heap-overflow-and-undefined-behavior/
 	NOTE: https://git.gnome.org/browse/libcroco/commit/?id=898e3a8c8c0314d2e6b106809a8e3e93cf9d4394
@@ -3268,6 +3284,7 @@
 CVE-2017-6950 (SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended ...)
 	NOT-FOR-US: SAP
 CVE-2017-6949 (An issue was discovered in CHICKEN Scheme through 4.12.0. When using a ...)
+	{DLA-908-1}
 	- chicken <unfixed> (bug #858057)
 	[jessie] - chicken <no-dsa> (Minor issue)
 	NOTE: http://lists.gnu.org/archive/html/chicken-announce/2017-03/msg00000.html
@@ -44084,8 +44101,8 @@
 	NOT-FOR-US: Samsung
 CVE-2016-2565 (Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) ...)
 	NOT-FOR-US: Samsung
-CVE-2016-2564
-	RESERVED
+CVE-2016-2564 (Invision Power Services (IPS) Community Suite before 4.1.9 makes ...)
+	TODO: check
 CVE-2016-2563 (Stack-based buffer overflow in the SCP command-line utility in PuTTY ...)
 	- putty 0.67-1 (bug #816921)
 	[jessie] - putty <no-dsa> (Minor issue)

More information about the Secure-testing-commits mailing list