[Secure-testing-commits] r54806 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu Aug 17 09:10:41 UTC 2017
Author: sectracker
Date: 2017-08-17 09:10:41 +0000 (Thu, 17 Aug 2017)
New Revision: 54806
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-17 07:12:53 UTC (rev 54805)
+++ data/CVE/list 2017-08-17 09:10:41 UTC (rev 54806)
@@ -2,8 +2,8 @@
NOT-FOR-US: Jenkins Input Step Plugin
CVE-2017-1000107
NOT-FOR-US: Jenkins Script Security Plugin
-CVE-2017-12892
- RESERVED
+CVE-2017-12892 (Foxit PDF Compressor installers from versions from 7.0.0.183 to ...)
+ TODO: check
CVE-2017-12891
RESERVED
CVE-2017-12890
@@ -13121,7 +13121,7 @@
- linux <not-affected> (Android-specific patch)
CVE-2017-8244 (In core_info_read and inst_info_read in all Android releases from CAF ...)
- linux <not-affected> (Android-specific patch)
-CVE-2017-8243 (A buffer overflow can occur when processing a firmware image file in ...)
+CVE-2017-8243 (A buffer overflow can occur in all Qualcomm products with Android for ...)
TODO: check
CVE-2017-8242 (In all Android releases from CAF using the Linux kernel, a race ...)
- linux <not-affected> (Android-specific patch)
@@ -19030,7 +19030,7 @@
NOTE: Fixed by: https://git.kernel.org/linus/69c433ed2ecd2d3264efd7afec4439524b319121 (v3.18-rc2)
CVE-2017-6422
RESERVED
-CVE-2017-6421 (In the touch controller function in all Qualcomm products in all ...)
+CVE-2017-6421 (In the touch controller function in all Qualcomm products with Android ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2017-6420 (The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows ...)
- clamav 0.99.3~beta1+dfsg-1
@@ -27451,7 +27451,7 @@
CVE-2017-3654
RESERVED
CVE-2017-3653 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- {DSA-3922-1 DLA-1043-1}
+ {DSA-3944-1 DSA-3922-1 DLA-1043-1}
- mariadb-10.1 <unfixed>
- mariadb-10.0 <removed>
- mysql-5.7 <unfixed> (bug #868798)
@@ -27493,7 +27493,7 @@
- mysql-5.7 <unfixed> (bug #868798)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
CVE-2017-3641 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- {DSA-3922-1 DLA-1043-1}
+ {DSA-3944-1 DSA-3922-1 DLA-1043-1}
- mariadb-10.1 <unfixed>
- mariadb-10.0 <removed>
- mysql-5.7 <unfixed> (bug #868798)
@@ -27511,7 +27511,7 @@
- mysql-5.7 <unfixed> (bug #868798)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
CVE-2017-3636 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- {DSA-3922-1 DLA-1043-1}
+ {DSA-3944-1 DSA-3922-1 DLA-1043-1}
- mariadb-10.1 <unfixed>
- mariadb-10.0 <removed>
- mysql-5.7 <not-affected> (Only affects MySQL 5.5 and 5.6)
@@ -27933,7 +27933,7 @@
- mysql-5.7 5.7.18-1 (bug #860547)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
CVE-2017-3464 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- {DSA-3834-1 DLA-916-1}
+ {DSA-3944-1 DSA-3834-1 DLA-916-1}
- mariadb-10.1 10.1.23-1
- mariadb-10.0 <removed>
- mysql-5.7 5.7.18-1 (bug #860547)
@@ -27963,7 +27963,7 @@
- mysql-5.7 5.7.18-1 (bug #860547)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
CVE-2017-3456 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- {DSA-3834-1 DLA-916-1}
+ {DSA-3944-1 DSA-3834-1 DLA-916-1}
- mariadb-10.1 10.1.23-1
- mariadb-10.0 <removed>
- mysql-5.7 5.7.18-1 (bug #860547)
@@ -27975,7 +27975,7 @@
- mysql-5.7 5.7.18-1 (bug #860547)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
CVE-2017-3453 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- {DSA-3834-1 DLA-916-1}
+ {DSA-3944-1 DSA-3834-1 DLA-916-1}
- mariadb-10.1 10.1.23-1
- mariadb-10.0 <removed>
- mysql-5.7 5.7.18-1 (bug #860547)
@@ -28300,13 +28300,13 @@
CVE-2017-3310 (Vulnerability in the OJVM component of Oracle Database Server. ...)
NOT-FOR-US: Oracle
CVE-2017-3309 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- {DSA-3834-1 DLA-916-1}
+ {DSA-3944-1 DSA-3834-1 DLA-916-1}
- mariadb-10.1 10.1.23-1
- mariadb-10.0 <removed>
- mysql-5.7 5.7.18-1 (bug #860547)
- mysql-5.5 <removed> (bug #860544)
CVE-2017-3308 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- {DSA-3834-1 DLA-916-1}
+ {DSA-3944-1 DSA-3834-1 DLA-916-1}
- mariadb-10.1 10.1.23-1
- mariadb-10.0 <removed>
- mysql-5.7 5.7.18-1 (bug #860547)
@@ -48302,33 +48302,33 @@
CVE-2016-5868
RESERVED
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5867 (In a sound driver in all Qualcomm products with Android releases from ...)
+CVE-2016-5867 (In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-5866
RESERVED
CVE-2016-5865
RESERVED
-CVE-2016-5864 (In an audio driver function in all Qualcomm products with Android ...)
+CVE-2016-5864 (In an audio driver function in all Qualcomm products with Android for ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5863 (In an ioctl handler in all Qualcomm products with Android releases ...)
+CVE-2016-5863 (In an ioctl handler in all Qualcomm products with Android for MSM, ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-5862 (When a control related to codec is issued from userspace in all ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5861 (In a display driver in all Qualcomm products with Android releases ...)
+CVE-2016-5861 (In a display driver in all Qualcomm products with Android for MSM, ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5860 (In an audio driver in all Qualcomm products with Android releases from ...)
+CVE-2016-5860 (In an audio driver in all Qualcomm products with Android for MSM, ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5859 (In a sound driver in all Qualcomm products in all Android releases ...)
+CVE-2016-5859 (In a sound driver in all Qualcomm products with Android for MSM, ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5858 (In an ioctl handler in all Qualcomm products with Android releases ...)
+CVE-2016-5858 (In an ioctl handler in all Qualcomm products with Android for MSM, ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-5857 (The Qualcomm SPCom driver in Android before 7.0 allows local users to ...)
NOTE: Red Hat seem to have typoed the CVE, which should be CVE-2016-5875, asked to confirm
CVE-2016-5856 (Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5855 (In a driver, in all Qualcomm product with Android releases from CAF ...)
+CVE-2016-5855 (In a driver in all Qualcomm products with Android for MSM, Firefox OS ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5854 (In a driver in all Qualcomm products with Android releases from CAF ...)
+CVE-2016-5854 (In a driver in all Qualcomm products with Android for MSM, Firefox OS ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-5853 (In an audio driver in all Qualcomm products with Android releases from ...)
NOT-FOR-US: Qualcomm driver for Android
More information about the Secure-testing-commits
mailing list