[Secure-testing-commits] r51195 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sat Apr 29 21:10:12 UTC 2017 

Author: sectracker
Date: 2017-04-29 21:10:12 +0000 (Sat, 29 Apr 2017)
New Revision: 51195

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-29 20:40:44 UTC (rev 51194)
+++ data/CVE/list	2017-04-29 21:10:12 UTC (rev 51195)
@@ -1,3 +1,9 @@
+CVE-2017-8327 (The bmpr_read_uncompressed function in imagew-bmp.c in ...)
+	TODO: check
+CVE-2017-8326 (libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot ...)
+	TODO: check
+CVE-2017-8325 (The iw_process_cols_to_intermediate function in imagew-main.c in ...)
+	TODO: check
 CVE-2017-8324
 	RESERVED
 CVE-2017-8323
@@ -51,6 +57,7 @@
 CVE-2017-8297 (A path traversal vulnerability exists in simple-file-manager before ...)
 	NOT-FOR-US: simple-file-manager
 CVE-2017-8296 (kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is ...)
+	{DLA-925-1}
 	- kedpm <removed> (bug #860817)
 	[jessie] - kedpm <no-dsa> (Minor issue, can be fixed via point release)
 	NOTE: patch in BTS gives workaround to always prompt for password and do not save to database
@@ -438,8 +445,7 @@
 	RESERVED
 CVE-2017-8115 (Directory traversal in setup/processors/url_search.php (aka the search ...)
 	NOT-FOR-US: MODX
-CVE-2017-8114 [Fix security issue in virtualmin and sasl drivers]
-	RESERVED
+CVE-2017-8114 (Roundcube Webmail allows arbitrary password resets by authenticated ...)
 	- roundcube <unfixed> (bug #861388)
 	NOTE: https://github.com/roundcube/roundcubemail/releases/tag/1.2.5
 	NOTE: https://github.com/roundcube/roundcubemail/commit/6e054a37d13dc3772d0aa454a32d5dc3bdcc7003 (1.2.x)
@@ -804,8 +810,8 @@
 	NOTE: https://github.com/libimobiledevice/libplist/issues/103
 	NOTE: The issue seems covered in prior versions of upstream dccd9290745345896e3a4a73154576a599fd8b7b
 	NOTE: which is CVE-2017-6440.
-CVE-2017-7981
-	RESERVED
+CVE-2017-7981 (Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 ...)
+	TODO: check
 CVE-2017-7980
 	RESERVED
 	- qemu 1:2.8+dfsg-4
@@ -867,8 +873,8 @@
 	RESERVED
 CVE-2017-7958
 	RESERVED
-CVE-2017-7957
-	RESERVED
+CVE-2017-7957 (XStream through 1.4.9, when a certain denyTypes workaround is not used, ...)
+	TODO: check
 CVE-2017-7956
 	RESERVED
 CVE-2017-7955
@@ -1546,11 +1552,13 @@
 CVE-2017-7743
 	RESERVED
 CVE-2017-7742 (In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...)
+	{DLA-928-1}
 	- libsndfile <unfixed> (bug #860255)
 	[jessie] - libsndfile <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
 	NOTE: https://blogs.gentoo.org/ago/2017/04/11/libsndfile-invalid-memory-read-and-invalid-memory-write-in/
 CVE-2017-7741 (In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...)
+	{DLA-928-1}
 	- libsndfile 1.0.27-2
 	[jessie] - libsndfile <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
@@ -2013,6 +2021,7 @@
 CVE-2017-7587
 	RESERVED
 CVE-2017-7586 (In libsndfile before 1.0.28, an error in the "header_read()" function ...)
+	{DLA-928-1}
 	- libsndfile 1.0.27-2
 	[jessie] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/commit/708e996c87c5fae77b104ccfeb8f6db784c32074
@@ -2020,6 +2029,7 @@
 	NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to address this issue
 	NOTE: https://sources.debian.net/data/main/libs/libsndfile/1.0.27-2/debian/patches/fix_bufferoverflows.patch
 CVE-2017-7585 (In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...)
+	{DLA-928-1}
 	- libsndfile 1.0.27-2
 	[jessie] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
@@ -2570,6 +2580,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/3
 	NOTE: https://github.com/asarubbo/poc/blob/master/00250-podofo-nullptr1
 CVE-2017-7379 (The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in ...)
+	{DLA-929-1}
 	- libpodofo <unfixed> (bug #859331)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/2
 	NOTE: upstream fix: https://sourceforge.net/p/podofo/code/1842/
@@ -4781,8 +4792,8 @@
 	NOT-FOR-US: CMS Made Simple
 CVE-2017-6554 (pmmasterd in Quest Privilege Manager 6.0.0-27 and 6.0.0-50 allows ...)
 	NOT-FOR-US: Quest Privilege Manager
-CVE-2017-6553
-	RESERVED
+CVE-2017-6553 (Buffer Overflow in Quest One Identity Privilege Manager for Unix before ...)
+	TODO: check
 CVE-2017-6552 (Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an insufficiently ...)
 	NOT-FOR-US: Livebox 3 Sagemcom
 CVE-2017-6551
@@ -5253,6 +5264,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/6
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfcoloroperator-pdfcolor-cpp
 CVE-2017-6844 (Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function ...)
+	{DLA-929-1}
 	- libpodofo <unfixed> (bug #856592)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/5
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-global-buffer-overflow-in-podofopdfparserreadxrefsubsection-pdfparser-cpp
@@ -6976,6 +6988,7 @@
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/3a4b77cd47bb837b8557595ec7425f281f2ca1fe (4.10-rc1)
 	NOTE: Introduced by: https://github.com/torvalds/linux/commit/952fc18ef9ec707ebdc16c0786ec360295e5ff15 (3.6-rc1)
 CVE-2017-5886 (Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken ...)
+	{DLA-929-1}
 	- libpodofo <unfixed> (bug #854604)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/03/podofo-heap-based-buffer-overflow-in-podofopdftokenizergetnexttoken-pdftokenizer-cpp
@@ -7511,6 +7524,7 @@
 	NOTE: https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/02/02/21
 CVE-2015-8981 (Heap-based buffer overflow in the PdfParser::ReadXRefSubsection ...)
+	{DLA-929-1}
 	- libpodofo 0.9.4-1 (bug #854599)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/podofo/mailman/message/34205419/
@@ -7522,12 +7536,14 @@
 	NOTE: https://blogs.gentoo.org/ago/2017/02/01/podofo-null-pointer-dereference-in-podofopdfparserreadxrefsubsection-pdfparser-cpp
 	NOTE: https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936
 CVE-2017-5854 (base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to ...)
+	{DLA-929-1}
 	- libpodofo <unfixed> (bug #854602)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/01/podofo-null-pointer-dereference-in-pdfoutputstream-cpp
 	NOTE: https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1836
 CVE-2017-5853 (Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote ...)
+	{DLA-929-1}
 	- libpodofo <unfixed> (bug #854601)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/01/podofo-signed-integer-overflow-in-pdfparser-cpp
@@ -7535,6 +7551,7 @@
 	NOTE: Proposed fix: https://sourceforge.net/p/podofo/mailman/message/35692197/
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1840/
 CVE-2017-5852 (The PoDoFo::PdfPage::GetInheritedKeyFromObject function in ...)
+	{DLA-929-1}
 	- libpodofo <unfixed> (bug #854600)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/01/podofo-infinite-loop-in-podofopdfpagegetinheritedkeyfromobject-pdfpage-cpp
@@ -7585,12 +7602,14 @@
 CVE-2017-5663
 	RESERVED
 CVE-2017-5662 (In Apache Batik before 1.9, files lying on the filesystem of the ...)
+	{DLA-926-1}
 	- batik <unfixed> (bug #860566)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/18/1
 	NOTE: Upstream bug: https://issues.apache.org/jira/browse/BATIK-1139
 	NOTE: Fixed by: http://svn.apache.org/r1743326
 	NOTE: Similar issue to CVE-2015-0250
 CVE-2017-5661 (In Apache FOP before 2.2, files lying on the filesystem of the server ...)
+	{DLA-927-1}
 	- fop <unfixed> (bug #860567)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/18/2
 	NOTE: Upstream bug: https://issues.apache.org/jira/browse/FOP-2668
@@ -55895,7 +55914,7 @@
 CVE-2015-7806
 	RESERVED
 CVE-2015-7805 (Heap-based buffer overflow in libsndfile 1.0.25 allows remote ...)
-	{DLA-356-1}
+	{DLA-928-1 DLA-356-1}
 	- libsndfile 1.0.25-10 (bug #804445)
 	[jessie] - libsndfile 1.0.25-9.1+deb8u1
 	NOTE: http://www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/
@@ -56130,7 +56149,7 @@
 CVE-2015-7706 (Multiple cross-site scripting (XSS) vulnerabilities in Secure Data ...)
 	NOT-FOR-US: Secure Data Space
 CVE-2014-9756 (The psf_fwrite function in file_io.c in libsndfile allows attackers to ...)
-	{DLA-356-1}
+	{DLA-928-1 DLA-356-1}
 	- libsndfile 1.0.25-10 (bug #804447)
 	[jessie] - libsndfile 1.0.25-9.1+deb8u1
 	NOTE: https://github.com/erikd/libsndfile/commit/725c7dbb95bfaf8b4bb7b04820e3a00cceea9ce6
@@ -78210,7 +78229,7 @@
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=610bfc6bc99bc83680d190ebc69359a05fc7f605 (v3.13-rc1)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5b6698b0e4a37053de35cc24ee695b98a7eb712b
 CVE-2014-9496 (The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows ...)
-	{DLA-356-1}
+	{DLA-928-1 DLA-356-1}
 	- libsndfile 1.0.25-9.1 (low; bug #774162)
 	[squeeze] - libsndfile <no-dsa> (Minor issue)
 CVE-2014-XXXX [a2p: buffer overflow]

More information about the Secure-testing-commits mailing list