[Secure-testing-commits] r54785 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Wed Aug 16 21:11:01 UTC 2017
Author: sectracker
Date: 2017-08-16 21:11:01 +0000 (Wed, 16 Aug 2017)
New Revision: 54785
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-16 21:04:52 UTC (rev 54784)
+++ data/CVE/list 2017-08-16 21:11:01 UTC (rev 54785)
@@ -1,3 +1,536 @@
+CVE-2017-12892
+ RESERVED
+CVE-2017-12891
+ RESERVED
+CVE-2017-12890
+ RESERVED
+CVE-2017-12889
+ RESERVED
+CVE-2017-12888
+ RESERVED
+CVE-2017-12887
+ RESERVED
+CVE-2017-12886
+ RESERVED
+CVE-2017-12885
+ RESERVED
+CVE-2017-12884
+ RESERVED
+CVE-2017-12883
+ RESERVED
+CVE-2017-12882
+ RESERVED
+CVE-2017-12881
+ RESERVED
+CVE-2017-12880
+ REJECTED
+ TODO: check
+CVE-2017-12879
+ RESERVED
+CVE-2017-12878
+ RESERVED
+CVE-2016-10502
+ RESERVED
+CVE-2016-10501
+ RESERVED
+CVE-2016-10500
+ RESERVED
+CVE-2016-10499
+ RESERVED
+CVE-2016-10498
+ RESERVED
+CVE-2016-10497
+ RESERVED
+CVE-2016-10496
+ RESERVED
+CVE-2016-10495
+ RESERVED
+CVE-2016-10494
+ RESERVED
+CVE-2016-10493
+ RESERVED
+CVE-2016-10492
+ RESERVED
+CVE-2016-10491
+ RESERVED
+CVE-2016-10490
+ RESERVED
+CVE-2016-10489
+ RESERVED
+CVE-2016-10488
+ RESERVED
+CVE-2016-10487
+ RESERVED
+CVE-2016-10486
+ RESERVED
+CVE-2016-10485
+ RESERVED
+CVE-2016-10484
+ RESERVED
+CVE-2016-10483
+ RESERVED
+CVE-2016-10482
+ RESERVED
+CVE-2016-10481
+ RESERVED
+CVE-2016-10480
+ RESERVED
+CVE-2016-10479
+ RESERVED
+CVE-2016-10478
+ RESERVED
+CVE-2016-10477
+ RESERVED
+CVE-2016-10476
+ RESERVED
+CVE-2016-10475
+ RESERVED
+CVE-2016-10474
+ RESERVED
+CVE-2016-10473
+ RESERVED
+CVE-2016-10472
+ RESERVED
+CVE-2016-10471
+ RESERVED
+CVE-2016-10470
+ RESERVED
+CVE-2016-10469
+ RESERVED
+CVE-2016-10468
+ RESERVED
+CVE-2016-10467
+ RESERVED
+CVE-2016-10466
+ RESERVED
+CVE-2016-10465
+ RESERVED
+CVE-2016-10464
+ RESERVED
+CVE-2016-10463
+ RESERVED
+CVE-2016-10462
+ RESERVED
+CVE-2016-10461
+ RESERVED
+CVE-2016-10460
+ RESERVED
+CVE-2016-10459
+ RESERVED
+CVE-2016-10458
+ RESERVED
+CVE-2016-10457
+ RESERVED
+CVE-2016-10456
+ RESERVED
+CVE-2016-10455
+ RESERVED
+CVE-2016-10454
+ RESERVED
+CVE-2016-10453
+ RESERVED
+CVE-2016-10452
+ RESERVED
+CVE-2016-10451
+ RESERVED
+CVE-2016-10450
+ RESERVED
+CVE-2016-10449
+ RESERVED
+CVE-2016-10448
+ RESERVED
+CVE-2016-10447
+ RESERVED
+CVE-2016-10446
+ RESERVED
+CVE-2016-10445
+ RESERVED
+CVE-2016-10444
+ RESERVED
+CVE-2016-10443
+ RESERVED
+CVE-2016-10442
+ RESERVED
+CVE-2016-10441
+ RESERVED
+CVE-2016-10440
+ RESERVED
+CVE-2016-10439
+ RESERVED
+CVE-2016-10438
+ RESERVED
+CVE-2016-10437
+ RESERVED
+CVE-2016-10436
+ RESERVED
+CVE-2016-10435
+ RESERVED
+CVE-2016-10434
+ RESERVED
+CVE-2016-10433
+ RESERVED
+CVE-2016-10432
+ RESERVED
+CVE-2016-10431
+ RESERVED
+CVE-2016-10430
+ RESERVED
+CVE-2016-10429
+ RESERVED
+CVE-2016-10428
+ RESERVED
+CVE-2016-10427
+ RESERVED
+CVE-2016-10426
+ RESERVED
+CVE-2016-10425
+ RESERVED
+CVE-2016-10424
+ RESERVED
+CVE-2016-10423
+ RESERVED
+CVE-2016-10422
+ RESERVED
+CVE-2016-10421
+ RESERVED
+CVE-2016-10420
+ RESERVED
+CVE-2016-10419
+ RESERVED
+CVE-2016-10418
+ RESERVED
+CVE-2016-10417
+ RESERVED
+CVE-2016-10416
+ RESERVED
+CVE-2016-10415
+ RESERVED
+CVE-2016-10414
+ RESERVED
+CVE-2016-10413
+ RESERVED
+CVE-2016-10412
+ RESERVED
+CVE-2016-10411
+ RESERVED
+CVE-2016-10410
+ RESERVED
+CVE-2016-10409
+ RESERVED
+CVE-2016-10408
+ RESERVED
+CVE-2016-10407
+ RESERVED
+CVE-2016-10406
+ RESERVED
+CVE-2015-9225
+ RESERVED
+CVE-2015-9224
+ RESERVED
+CVE-2015-9223
+ RESERVED
+CVE-2015-9222
+ RESERVED
+CVE-2015-9221
+ RESERVED
+CVE-2015-9220
+ RESERVED
+CVE-2015-9219
+ RESERVED
+CVE-2015-9218
+ RESERVED
+CVE-2015-9217
+ RESERVED
+CVE-2015-9216
+ RESERVED
+CVE-2015-9215
+ RESERVED
+CVE-2015-9214
+ RESERVED
+CVE-2015-9213
+ RESERVED
+CVE-2015-9212
+ RESERVED
+CVE-2015-9211
+ RESERVED
+CVE-2015-9210
+ RESERVED
+CVE-2015-9209
+ RESERVED
+CVE-2015-9208
+ RESERVED
+CVE-2015-9207
+ RESERVED
+CVE-2015-9206
+ RESERVED
+CVE-2015-9205
+ RESERVED
+CVE-2015-9204
+ RESERVED
+CVE-2015-9203
+ RESERVED
+CVE-2015-9202
+ RESERVED
+CVE-2015-9201
+ RESERVED
+CVE-2015-9200
+ RESERVED
+CVE-2015-9199
+ RESERVED
+CVE-2015-9198
+ RESERVED
+CVE-2015-9197
+ RESERVED
+CVE-2015-9196
+ RESERVED
+CVE-2015-9195
+ RESERVED
+CVE-2015-9194
+ RESERVED
+CVE-2015-9193
+ RESERVED
+CVE-2015-9192
+ RESERVED
+CVE-2015-9191
+ RESERVED
+CVE-2015-9190
+ RESERVED
+CVE-2015-9189
+ RESERVED
+CVE-2015-9188
+ RESERVED
+CVE-2015-9187
+ RESERVED
+CVE-2015-9186
+ RESERVED
+CVE-2015-9185
+ RESERVED
+CVE-2015-9184
+ RESERVED
+CVE-2015-9183
+ RESERVED
+CVE-2015-9182
+ RESERVED
+CVE-2015-9181
+ RESERVED
+CVE-2015-9180
+ RESERVED
+CVE-2015-9179
+ RESERVED
+CVE-2015-9178
+ RESERVED
+CVE-2015-9177
+ RESERVED
+CVE-2015-9176
+ RESERVED
+CVE-2015-9175
+ RESERVED
+CVE-2015-9174
+ RESERVED
+CVE-2015-9173
+ RESERVED
+CVE-2015-9172
+ RESERVED
+CVE-2015-9171
+ RESERVED
+CVE-2015-9170
+ RESERVED
+CVE-2015-9169
+ RESERVED
+CVE-2015-9168
+ RESERVED
+CVE-2015-9167
+ RESERVED
+CVE-2015-9166
+ RESERVED
+CVE-2015-9165
+ RESERVED
+CVE-2015-9164
+ RESERVED
+CVE-2015-9163
+ RESERVED
+CVE-2015-9162
+ RESERVED
+CVE-2015-9161
+ RESERVED
+CVE-2015-9160
+ RESERVED
+CVE-2015-9159
+ RESERVED
+CVE-2015-9158
+ RESERVED
+CVE-2015-9157
+ RESERVED
+CVE-2015-9156
+ RESERVED
+CVE-2015-9155
+ RESERVED
+CVE-2015-9154
+ RESERVED
+CVE-2015-9153
+ RESERVED
+CVE-2015-9152
+ RESERVED
+CVE-2015-9151
+ RESERVED
+CVE-2015-9150
+ RESERVED
+CVE-2015-9149
+ RESERVED
+CVE-2015-9148
+ RESERVED
+CVE-2015-9147
+ RESERVED
+CVE-2015-9146
+ RESERVED
+CVE-2015-9145
+ RESERVED
+CVE-2015-9144
+ RESERVED
+CVE-2015-9143
+ RESERVED
+CVE-2015-9142
+ RESERVED
+CVE-2015-9141
+ RESERVED
+CVE-2015-9140
+ RESERVED
+CVE-2015-9139
+ RESERVED
+CVE-2015-9138
+ RESERVED
+CVE-2015-9137
+ RESERVED
+CVE-2015-9136
+ RESERVED
+CVE-2015-9135
+ RESERVED
+CVE-2015-9134
+ RESERVED
+CVE-2015-9133
+ RESERVED
+CVE-2015-9132
+ RESERVED
+CVE-2015-9131
+ RESERVED
+CVE-2015-9130
+ RESERVED
+CVE-2015-9129
+ RESERVED
+CVE-2015-9128
+ RESERVED
+CVE-2015-9127
+ RESERVED
+CVE-2015-9126
+ RESERVED
+CVE-2015-9125
+ RESERVED
+CVE-2015-9124
+ RESERVED
+CVE-2015-9123
+ RESERVED
+CVE-2015-9122
+ RESERVED
+CVE-2015-9121
+ RESERVED
+CVE-2015-9120
+ RESERVED
+CVE-2015-9119
+ RESERVED
+CVE-2015-9118
+ RESERVED
+CVE-2015-9117
+ RESERVED
+CVE-2015-9116
+ RESERVED
+CVE-2015-9115
+ RESERVED
+CVE-2015-9114
+ RESERVED
+CVE-2015-9113
+ RESERVED
+CVE-2015-9112
+ RESERVED
+CVE-2015-9111
+ RESERVED
+CVE-2015-9110
+ RESERVED
+CVE-2015-9109
+ RESERVED
+CVE-2015-9108
+ RESERVED
+CVE-2014-9998
+ RESERVED
+CVE-2014-9997
+ RESERVED
+CVE-2014-9996
+ RESERVED
+CVE-2014-9995
+ RESERVED
+CVE-2014-9994
+ RESERVED
+CVE-2014-9993
+ RESERVED
+CVE-2014-9992
+ RESERVED
+CVE-2014-9991
+ RESERVED
+CVE-2014-9990
+ RESERVED
+CVE-2014-9989
+ RESERVED
+CVE-2014-9988
+ RESERVED
+CVE-2014-9987
+ RESERVED
+CVE-2014-9986
+ RESERVED
+CVE-2014-9985
+ RESERVED
+CVE-2014-10063
+ RESERVED
+CVE-2014-10062
+ RESERVED
+CVE-2014-10061
+ RESERVED
+CVE-2014-10060
+ RESERVED
+CVE-2014-10059
+ RESERVED
+CVE-2014-10058
+ RESERVED
+CVE-2014-10057
+ RESERVED
+CVE-2014-10056
+ RESERVED
+CVE-2014-10055
+ RESERVED
+CVE-2014-10054
+ RESERVED
+CVE-2014-10053
+ RESERVED
+CVE-2014-10052
+ RESERVED
+CVE-2014-10051
+ RESERVED
+CVE-2014-10050
+ RESERVED
+CVE-2014-10049
+ RESERVED
+CVE-2014-10048
+ RESERVED
+CVE-2014-10047
+ RESERVED
+CVE-2014-10046
+ RESERVED
+CVE-2014-10045
+ RESERVED
+CVE-2014-10044
+ RESERVED
+CVE-2014-10043
+ RESERVED
+CVE-2014-10039
+ RESERVED
CVE-2017-12877 [use-after-free in DestroyImage (image.c)]
RESERVED
- imagemagick <unfixed>
@@ -12567,8 +13100,8 @@
RESERVED
CVE-2017-8249
RESERVED
-CVE-2017-8248
- RESERVED
+CVE-2017-8248 (A buffer overflow may occur in the processing of a downlink NAS ...)
+ TODO: check
CVE-2017-8247
RESERVED
CVE-2017-8246 (In function msm_pcm_playback_close() in all Android releases from CAF ...)
@@ -12577,8 +13110,8 @@
- linux <not-affected> (Android-specific patch)
CVE-2017-8244 (In core_info_read and inst_info_read in all Android releases from CAF ...)
- linux <not-affected> (Android-specific patch)
-CVE-2017-8243
- RESERVED
+CVE-2017-8243 (A buffer overflow can occur when processing a firmware image file in ...)
+ TODO: check
CVE-2017-8242 (In all Android releases from CAF using the Linux kernel, a race ...)
- linux <not-affected> (Android-specific patch)
CVE-2017-8241 (In all Android releases from CAF using the Linux kernel, a buffer ...)
@@ -14818,8 +15351,7 @@
RESERVED
CVE-2017-7552
RESERVED
-CVE-2017-7551 [Password brute-force possible for locked account due to different return codes]
- RESERVED
+CVE-2017-7551 (389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to ...)
- 389-ds-base <unfixed> (bug #870752)
NOTE: https://pagure.io/389-ds-base/issue/49336
CVE-2017-7550
@@ -14827,8 +15359,7 @@
CVE-2017-7549
RESERVED
NOT-FOR-US: instack-undercloud
-CVE-2017-7548 [lo_put() function ignores ACLs]
- RESERVED
+CVE-2017-7548 (PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to ...)
{DSA-3936-1 DSA-3935-1}
- postgresql-9.6 9.6.4-1
- postgresql-9.4 <removed>
@@ -14836,8 +15367,7 @@
[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
- postgresql-8.4 <removed>
NOTE: https://www.postgresql.org/about/news/1772/
-CVE-2017-7547 [The "pg_user_mappings" catalog view discloses passwords to users lacking server privileges]
- RESERVED
+CVE-2017-7547 (PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are ...)
{DSA-3936-1 DSA-3935-1 DLA-1051-1}
- postgresql-9.6 9.6.4-1
- postgresql-9.4 <removed>
@@ -14845,8 +15375,7 @@
[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
- postgresql-8.4 <removed>
NOTE: https://www.postgresql.org/about/news/1772/
-CVE-2017-7546 [Empty password accepted in some authentication methods]
- RESERVED
+CVE-2017-7546 (PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are ...)
{DSA-3936-1 DSA-3935-1 DLA-1051-1}
- postgresql-9.6 9.6.4-1
- postgresql-9.4 <removed>
@@ -18487,8 +19016,8 @@
NOTE: Fixed by: https://git.kernel.org/linus/69c433ed2ecd2d3264efd7afec4439524b319121 (v3.18-rc2)
CVE-2017-6422
RESERVED
-CVE-2017-6421
- RESERVED
+CVE-2017-6421 (In the touch controller function in all Qualcomm products in all ...)
+ TODO: check
CVE-2017-6420 (The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows ...)
- clamav 0.99.3~beta1+dfsg-1
[stretch] - clamav <no-dsa> (Gets updated via -updates)
@@ -47759,43 +48288,35 @@
CVE-2016-5868
RESERVED
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5867
- RESERVED
+CVE-2016-5867 (In a sound driver in all Qualcomm products with Android releases from ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-5866
RESERVED
CVE-2016-5865
RESERVED
-CVE-2016-5864
- RESERVED
-CVE-2016-5863
- RESERVED
-CVE-2016-5862
- RESERVED
+CVE-2016-5864 (In an audio driver function in all Qualcomm products with Android ...)
+ TODO: check
+CVE-2016-5863 (In an ioctl handler in all Qualcomm products with Android releases ...)
+ TODO: check
+CVE-2016-5862 (When a control related to codec is issued from userspace in all ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5861
- RESERVED
-CVE-2016-5860
- RESERVED
+CVE-2016-5861 (In a display driver in all Qualcomm products with Android releases ...)
+ TODO: check
+CVE-2016-5860 (In an audio driver in all Qualcomm products with Android releases from ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5859
- RESERVED
+CVE-2016-5859 (In a sound driver in all Qualcomm products in all Android releases ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5858
- RESERVED
+CVE-2016-5858 (In an ioctl handler in all Qualcomm products with Android releases ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-5857 (The Qualcomm SPCom driver in Android before 7.0 allows local users to ...)
NOTE: Red Hat seem to have typoed the CVE, which should be CVE-2016-5875, asked to confirm
CVE-2016-5856 (Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5855
- RESERVED
+CVE-2016-5855 (In a driver, in all Qualcomm product with Android releases from CAF ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5854
- RESERVED
+CVE-2016-5854 (In a driver in all Qualcomm products with Android releases from CAF ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5853
- RESERVED
+CVE-2016-5853 (In an audio driver in all Qualcomm products with Android releases from ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-5852 (For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and ...)
NOT-FOR-US: NVIDIA drivers for Windows
@@ -49424,8 +49945,7 @@
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-5348 (The GPS component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, ...)
NOT-FOR-US: Android
-CVE-2016-5347
- RESERVED
+CVE-2016-5347 (In all Qualcomm products with Android releases from CAF using the ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-5346
RESERVED
@@ -214104,7 +214624,7 @@
NOT-FOR-US: VU Mass Mailer
CVE-2007-6137 (SQL injection vulnerability in news.php in Content Injector 1.52 ...)
NOT-FOR-US: Content Injector
-CVE-2007-6136 (Multiplce cross-site scripting (XSS) vulnerabilities in index.php in ...)
+CVE-2007-6136 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
NOT-FOR-US: M2Scripts MySpace Scripts
CVE-2007-6135 (Cross-site scripting (XSS) vulnerability in phpslideshow.php in ...)
NOT-FOR-US: PHPSlideShow
@@ -216047,7 +216567,7 @@
NOT-FOR-US: Data pre-dating the Security Tracker
CVE-2003-1401 (login.php in php-Board 1.0 stores plaintext passwords in $username.txt ...)
NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2007-5589 (Muliple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+CVE-2007-5589 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
{DSA-1403-1}
- phpmyadmin 4:2.11.1.2-1
CVE-2007-5579 (login.php in Pligg CMS 9.5 uses a guessable confirmation code when ...)
@@ -222231,7 +222751,7 @@
NOT-FOR-US: Novell NetWare
CVE-2007-3206
RESERVED
-CVE-2007-3205 (The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Subhosin, ...)
+CVE-2007-3205 (The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, ...)
- php4 <removed> (unimportant)
- php5 <removed> (unimportant)
NOTE: That's by design
@@ -226388,7 +226908,7 @@
- openafs 1.4.2-6 (medium)
CVE-2007-1506 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: Oracle Portal
-CVE-2007-1505 (Fujistu FENCE-Pro before V5L01, and Systemwalker Desktop Encryption ...)
+CVE-2007-1505 (Fujitsu FENCE-Pro before V5L01, and Systemwalker Desktop Encryption ...)
NOT-FOR-US: Fujistu FENCE-Pro
CVE-2007-1504 (Cross-site scripting (XSS) vulnerability in the Servlet Service in ...)
NOT-FOR-US: Fujitsu Interstage Application Server
More information about the Secure-testing-commits
mailing list