[Secure-testing-commits] r54773 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Tue Aug 15 21:10:15 UTC 2017
Author: sectracker
Date: 2017-08-15 21:10:15 +0000 (Tue, 15 Aug 2017)
New Revision: 54773
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-15 19:28:02 UTC (rev 54772)
+++ data/CVE/list 2017-08-15 21:10:15 UTC (rev 54773)
@@ -1,38 +1,76 @@
+CVE-2017-12877
+ RESERVED
+CVE-2017-12876
+ RESERVED
+CVE-2017-12875
+ RESERVED
+CVE-2017-12866
+ RESERVED
+CVE-2017-12865
+ RESERVED
+CVE-2017-12864 (In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did ...)
+ TODO: check
+CVE-2017-12863 (In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ...)
+ TODO: check
+CVE-2017-12862 (In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer ...)
+ TODO: check
+CVE-2017-12861
+ RESERVED
+CVE-2017-12860
+ RESERVED
+CVE-2017-12859
+ RESERVED
+CVE-2017-12858
+ RESERVED
+CVE-2017-12857
+ RESERVED
+CVE-2017-12856
+ RESERVED
+CVE-2017-12854
+ RESERVED
CVE-2017-12874 [Incorrect signature verification]
+ RESERVED
- simplesamlphp <unfixed>
NOTE: Issue lies in simplesamlphp/simplesamlphp-module-infocard and fixed
NOTE: in 1.0.1. The module is embedded in src:simplesamlphp
NOTE: https://simplesamlphp.org/security/201612-03
TODO: check
CVE-2017-12873 [Incorrect persistent NameID generation]
+ RESERVED
- simplesamlphp 1.14.15-1
NOTE: https://simplesamlphp.org/security/201612-04
CVE-2017-12872 [Multiple timing side-channel issues]
+ RESERVED
- simplesamlphp 1.14.15-1
NOTE: https://simplesamlphp.org/security/201703-01
CVE-2017-12871 [Incorrect IV generation for encryption]
+ RESERVED
- simplesamlphp 1.14.15-1
[jessie] - simplesamlphp <not-affected> (Vulnerable code not present)
NOTE: https://simplesamlphp.org/security/201703-02
CVE-2017-12870 [Unauthenticated encryption in CBC mode]
+ RESERVED
- simplesamlphp 1.14.15-1
NOTE: https://simplesamlphp.org/security/201704-01
CVE-2017-12869 [Authentication context bypass in the multiauth module]
+ RESERVED
- simplesamlphp 1.14.15-1
NOTE: https://simplesamlphp.org/security/201704-02
CVE-2017-12868 [Session fixation issue and authentication bypass in the authcrypt module]
+ RESERVED
- simplesamlphp 1.14.15-1
NOTE: https://simplesamlphp.org/security/201705-01
CVE-2017-12867 [Invalid token creation and validation]
+ RESERVED
- simplesamlphp 1.14.15-1
NOTE: https://simplesamlphp.org/security/201708-01
-CVE-2017-12855 [XSA-230: grant_table: possibly premature clearing of GTF_writing / GTF_reading]
+CVE-2017-12855 (Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform ...)
- xen <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-230.html
CVE-2017-12853 (The RealTime RWR-3G-100 Router Firmware Version : Ver1.0.56 is ...)
NOT-FOR-US: RealTime RWR-3G-100 Router Firmware
-CVE-2017-12852
- RESERVED
+CVE-2017-12852 (The numpy.pad function in Numpy 1.13.1 and older versions is missing ...)
+ TODO: check
CVE-2017-12851 (An authenticated standard user could reset the password of the admin ...)
- kanboard <itp> (bug #790814)
CVE-2017-12850 (An authenticated standard user could reset the password of other users ...)
@@ -11418,8 +11456,8 @@
RESERVED
CVE-2017-8666 (Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
NOT-FOR-US: Microsoft
-CVE-2017-8665
- RESERVED
+CVE-2017-8665 (The Xamarin.iOS update component on systems running macOS allows an ...)
+ TODO: check
CVE-2017-8664 (Windows Hyper-V in Windows 8.1, Windows Server 2012 Gold and R2, ...)
NOT-FOR-US: Microsoft
CVE-2017-8663 (Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, ...)
More information about the Secure-testing-commits
mailing list