[Secure-testing-commits] r54291 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Fri Aug 4 21:10:14 UTC 2017
Author: sectracker
Date: 2017-08-04 21:10:13 +0000 (Fri, 04 Aug 2017)
New Revision: 54291
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-04 21:07:03 UTC (rev 54290)
+++ data/CVE/list 2017-08-04 21:10:13 UTC (rev 54291)
@@ -1,4 +1,126 @@
-CVE-2017-12424 [buffer overflow if NULL line is present in db]
+CVE-2017-12486
+ RESERVED
+CVE-2017-12485
+ RESERVED
+CVE-2017-12484
+ RESERVED
+CVE-2017-12483
+ RESERVED
+CVE-2017-12482 (The ledger::parse_date_mask_routine function in times.cc in Ledger ...)
+ TODO: check
+CVE-2017-12481 (The find_option function in option.cc in Ledger 3.1.1 allows remote ...)
+ TODO: check
+CVE-2017-12480
+ RESERVED
+CVE-2017-12479
+ RESERVED
+CVE-2017-12478
+ RESERVED
+CVE-2017-12477
+ RESERVED
+CVE-2017-12476
+ RESERVED
+CVE-2017-12475
+ RESERVED
+CVE-2017-12474
+ RESERVED
+CVE-2017-12473
+ RESERVED
+CVE-2017-12472
+ RESERVED
+CVE-2017-12471
+ RESERVED
+CVE-2017-12470
+ RESERVED
+CVE-2017-12469
+ RESERVED
+CVE-2017-12468
+ RESERVED
+CVE-2017-12467
+ RESERVED
+CVE-2017-12466
+ RESERVED
+CVE-2017-12465
+ RESERVED
+CVE-2017-12464
+ RESERVED
+CVE-2017-12463
+ RESERVED
+CVE-2017-12462
+ RESERVED
+CVE-2017-12461
+ RESERVED
+CVE-2017-12460
+ RESERVED
+CVE-2017-12459 (The bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c in the ...)
+ TODO: check
+CVE-2017-12458 (The nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the ...)
+ TODO: check
+CVE-2017-12457 (The bfd_make_section_with_flags function in section.c in the Binary ...)
+ TODO: check
+CVE-2017-12456 (The read_symbol_stabs_debugging_info function in rddbg.c in GNU ...)
+ TODO: check
+CVE-2017-12455 (The evax_bfd_print_emh function in vms-alpha.c in the Binary File ...)
+ TODO: check
+CVE-2017-12454 (The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File ...)
+ TODO: check
+CVE-2017-12453 (The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File ...)
+ TODO: check
+CVE-2017-12452 (The bfd_mach_o_i386_canonicalize_one_reloc function in ...)
+ TODO: check
+CVE-2017-12451 (The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and ...)
+ TODO: check
+CVE-2017-12450 (The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File ...)
+ TODO: check
+CVE-2017-12449 (The _bfd_vms_save_sized_string function in vms-misc.c in the Binary ...)
+ TODO: check
+CVE-2017-12448 (The bfd_cache_close function in bfd/cache.c in the Binary File ...)
+ TODO: check
+CVE-2017-12447
+ RESERVED
+CVE-2017-12446
+ RESERVED
+CVE-2017-12445
+ RESERVED
+CVE-2017-12444
+ RESERVED
+CVE-2017-12443
+ RESERVED
+CVE-2017-12442
+ RESERVED
+CVE-2017-12441
+ RESERVED
+CVE-2017-12440
+ RESERVED
+CVE-2017-12439
+ RESERVED
+CVE-2017-12438
+ RESERVED
+CVE-2017-12437
+ RESERVED
+CVE-2017-12436
+ RESERVED
+CVE-2017-12435 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
+ TODO: check
+CVE-2017-12434 (In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in ...)
+ TODO: check
+CVE-2017-12433 (In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the ...)
+ TODO: check
+CVE-2017-12432 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
+ TODO: check
+CVE-2017-12431 (In ImageMagick 7.0.6-1, a use-after-free vulnerability was found in the ...)
+ TODO: check
+CVE-2017-12430 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
+ TODO: check
+CVE-2017-12429 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
+ TODO: check
+CVE-2017-12428 (In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the ...)
+ TODO: check
+CVE-2017-12427 (The ProcessMSLScript function in coders/msl.c in ImageMagick before ...)
+ TODO: check
+CVE-2017-12426
+ RESERVED
+CVE-2017-12424 (In shadow before 4.5, the newusers tool could be made to manipulate ...)
- shadow <unfixed> (bug #756630)
[stretch] - shadow <no-dsa> (Minor issue)
[jessie] - shadow <no-dsa> (Minor issue)
@@ -29,8 +151,8 @@
TODO: check
CVE-2017-12414 (Format Factory 4.1.0 has a DLL Hijacking Vulnerability because an ...)
NOT-FOR-US: Format Factory
-CVE-2017-12413
- RESERVED
+CVE-2017-12413 (AXIS 2100 devices 2.43 have XSS via the URI, possibly related to ...)
+ TODO: check
CVE-2017-12412
RESERVED
CVE-2017-12411
@@ -457,7 +579,7 @@
RESERVED
CVE-2016-10403
RESERVED
-CVE-2017-12425 [Bogusly large chunk sizes may cause assert]
+CVE-2017-12425 (An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, ...)
{DSA-3924-1}
- varnish <unfixed> (bug #870467)
NOTE: https://www.varnish-cache.org/security/VSV00001.html#vsv00001
@@ -1711,8 +1833,8 @@
RESERVED
CVE-2017-11658 (In the WP Rocket plugin 2.9.3 for WordPress, the Local File Inclusion ...)
NOT-FOR-US: Wordpress plugin
-CVE-2017-11657
- RESERVED
+CVE-2017-11657 (Dashlane might allow local users to gain privileges by placing a Trojan ...)
+ TODO: check
CVE-2017-11656
RESERVED
CVE-2017-11655 (A memory leak was found in the way SIPcrack 0.2 handled processing of ...)
@@ -2355,6 +2477,7 @@
CVE-2017-11435 (The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an ...)
NOT-FOR-US: Humax Wi-Fi Router model HG100R-*
CVE-2017-11434 (The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) ...)
+ {DSA-3925-1}
- qemu <unfixed> (bug #869171)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg05001.html
@@ -2665,6 +2788,7 @@
- imagemagick 8:6.9.7.4+dfsg-12 (bug #867798)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/506
CVE-2017-11334 (The address_space_write_continue function in exec.c in QEMU (aka Quick ...)
+ {DSA-3925-1}
- qemu <unfixed> (bug #869173)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg03775.html
@@ -3917,8 +4041,8 @@
RESERVED
CVE-2017-10950
RESERVED
-CVE-2017-10949
- RESERVED
+CVE-2017-10949 (Directory Traversal in Dell Storage Manager 2016 R2.1 causes ...)
+ TODO: check
CVE-2017-10948
RESERVED
CVE-2017-10947
@@ -4165,18 +4289,18 @@
RESERVED
CVE-2017-10821
RESERVED
-CVE-2017-10820
- RESERVED
-CVE-2017-10819
- RESERVED
-CVE-2017-10818
- RESERVED
-CVE-2017-10817
- RESERVED
-CVE-2017-10816
- RESERVED
-CVE-2017-10815
- RESERVED
+CVE-2017-10820 (Untrusted search path vulnerability in Installer of IP Messenger for ...)
+ TODO: check
+CVE-2017-10819 (MaLion for Mac 4.3.0 to 5.2.1 does not properly validate certificates, ...)
+ TODO: check
+CVE-2017-10818 (MaLion for Windows and Mac versions 3.2.1 to 5.2.1 uses a hardcoded ...)
+ TODO: check
+CVE-2017-10817 (MaLion for Windows and Mac 5.0.0 to 5.2.1 allows remote attackers to ...)
+ TODO: check
+CVE-2017-10816 (SQL injection vulnerability in the MaLion for Windows and Mac 5.0.0 to ...)
+ TODO: check
+CVE-2017-10815 (MaLion for Windows 5.2.1 and earlier (only when "Remote Control" is ...)
+ TODO: check
CVE-2017-10814
RESERVED
CVE-2017-10813
@@ -4195,6 +4319,7 @@
CVE-2017-10808
RESERVED
CVE-2017-10806 (Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick ...)
+ {DSA-3925-1}
- qemu <unfixed> (bug #867751)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <no-dsa> (Minor issue)
@@ -7474,6 +7599,7 @@
NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=bc5199a02abe428ad377443280b3eda60141a1d6
NOTE: and following refactorings.
CVE-2017-9524 (The qemu-nbd server in QEMU (aka Quick Emulator), when built with the ...)
+ {DSA-3925-1}
- qemu <unfixed> (bug #865755)
[jessie] - qemu <not-affected> (Vulnerable code not present)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -15319,6 +15445,7 @@
RESERVED
CVE-2017-7000
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-6999 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
@@ -21477,58 +21604,72 @@
RESERVED
CVE-2017-5110
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5109
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5108
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5107
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5106
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5105
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5104
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5103
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5102
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5101
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5100
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5099
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5098
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5097
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5096
@@ -21536,36 +21677,44 @@
- chromium-browser <not-affected> (Android-specific)
CVE-2017-5095
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5094
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5093
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5092
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5091
RESERVED
+ {DSA-3926-1}
- chromium-browser 60.0.3112.78-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5090
RESERVED
CVE-2017-5089
RESERVED
+ {DSA-3926-1}
- chromium-browser 59.0.3071.104-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5088
RESERVED
+ {DSA-3926-1}
- chromium-browser 59.0.3071.104-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5087
RESERVED
+ {DSA-3926-1}
- chromium-browser 59.0.3071.104-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5086
@@ -29381,8 +29530,8 @@
NOT-FOR-US: TS-WPTCAM
CVE-2017-2222 (Cross-site scripting vulnerability in WP-Members prior to version ...)
NOT-FOR-US: WP-Members
-CVE-2017-2221
- RESERVED
+CVE-2017-2221 (Untrusted search path vulnerability in Installer of Baidu IME ...)
+ TODO: check
CVE-2017-2220 (Untrusted search path vulnerability in Installer of CASL II simulator ...)
NOT-FOR-US: Installer of CASL II simulator
CVE-2017-2219 (Untrusted search path vulnerability in the [Simeji for Windows] ...)
@@ -31161,8 +31310,8 @@
RESERVED
CVE-2017-1332 (IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This ...)
NOT-FOR-US: IBM
-CVE-2017-1331
- RESERVED
+CVE-2017-1331 (IBM Content Navigator 2.0.3 and 3.0.0 is vulnerable to cross-site ...)
+ TODO: check
CVE-2017-1330
RESERVED
CVE-2017-1329
More information about the Secure-testing-commits
mailing list