[Secure-testing-commits] r54806 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Thu Aug 17 09:10:41 UTC 2017


Author: sectracker
Date: 2017-08-17 09:10:41 +0000 (Thu, 17 Aug 2017)
New Revision: 54806

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-17 07:12:53 UTC (rev 54805)
+++ data/CVE/list	2017-08-17 09:10:41 UTC (rev 54806)
@@ -2,8 +2,8 @@
 	NOT-FOR-US: Jenkins Input Step Plugin
 CVE-2017-1000107
 	NOT-FOR-US: Jenkins Script Security Plugin
-CVE-2017-12892
-	RESERVED
+CVE-2017-12892 (Foxit PDF Compressor installers from versions from 7.0.0.183 to ...)
+	TODO: check
 CVE-2017-12891
 	RESERVED
 CVE-2017-12890
@@ -13121,7 +13121,7 @@
 	- linux <not-affected> (Android-specific patch)
 CVE-2017-8244 (In core_info_read and inst_info_read in all Android releases from CAF ...)
 	- linux <not-affected> (Android-specific patch)
-CVE-2017-8243 (A buffer overflow can occur when processing a firmware image file in ...)
+CVE-2017-8243 (A buffer overflow can occur in all Qualcomm products with Android for ...)
 	TODO: check
 CVE-2017-8242 (In all Android releases from CAF using the Linux kernel, a race ...)
 	- linux <not-affected> (Android-specific patch)
@@ -19030,7 +19030,7 @@
 	NOTE: Fixed by: https://git.kernel.org/linus/69c433ed2ecd2d3264efd7afec4439524b319121 (v3.18-rc2)
 CVE-2017-6422
 	RESERVED
-CVE-2017-6421 (In the touch controller function in all Qualcomm products in all ...)
+CVE-2017-6421 (In the touch controller function in all Qualcomm products with Android ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-6420 (The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows ...)
 	- clamav 0.99.3~beta1+dfsg-1
@@ -27451,7 +27451,7 @@
 CVE-2017-3654
 	RESERVED
 CVE-2017-3653 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	{DSA-3922-1 DLA-1043-1}
+	{DSA-3944-1 DSA-3922-1 DLA-1043-1}
 	- mariadb-10.1 <unfixed>
 	- mariadb-10.0 <removed>
 	- mysql-5.7 <unfixed> (bug #868798)
@@ -27493,7 +27493,7 @@
 	- mysql-5.7 <unfixed> (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 CVE-2017-3641 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	{DSA-3922-1 DLA-1043-1}
+	{DSA-3944-1 DSA-3922-1 DLA-1043-1}
 	- mariadb-10.1 <unfixed>
 	- mariadb-10.0 <removed>
 	- mysql-5.7 <unfixed> (bug #868798)
@@ -27511,7 +27511,7 @@
 	- mysql-5.7 <unfixed> (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 CVE-2017-3636 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	{DSA-3922-1 DLA-1043-1}
+	{DSA-3944-1 DSA-3922-1 DLA-1043-1}
 	- mariadb-10.1 <unfixed>
 	- mariadb-10.0 <removed>
 	- mysql-5.7 <not-affected> (Only affects MySQL 5.5 and 5.6)
@@ -27933,7 +27933,7 @@
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 CVE-2017-3464 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	{DSA-3834-1 DLA-916-1}
+	{DSA-3944-1 DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.18-1 (bug #860547)
@@ -27963,7 +27963,7 @@
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 CVE-2017-3456 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	{DSA-3834-1 DLA-916-1}
+	{DSA-3944-1 DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.18-1 (bug #860547)
@@ -27975,7 +27975,7 @@
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 CVE-2017-3453 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	{DSA-3834-1 DLA-916-1}
+	{DSA-3944-1 DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.18-1 (bug #860547)
@@ -28300,13 +28300,13 @@
 CVE-2017-3310 (Vulnerability in the OJVM component of Oracle Database Server. ...)
 	NOT-FOR-US: Oracle
 CVE-2017-3309 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	{DSA-3834-1 DLA-916-1}
+	{DSA-3944-1 DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
 CVE-2017-3308 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	{DSA-3834-1 DLA-916-1}
+	{DSA-3944-1 DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.18-1 (bug #860547)
@@ -48302,33 +48302,33 @@
 CVE-2016-5868
 	RESERVED
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5867 (In a sound driver in all Qualcomm products with Android releases from ...)
+CVE-2016-5867 (In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-5866
 	RESERVED
 CVE-2016-5865
 	RESERVED
-CVE-2016-5864 (In an audio driver function in all Qualcomm products with Android ...)
+CVE-2016-5864 (In an audio driver function in all Qualcomm products with Android for ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5863 (In an ioctl handler in all Qualcomm products with Android releases ...)
+CVE-2016-5863 (In an ioctl handler in all Qualcomm products with Android for MSM, ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-5862 (When a control related to codec is issued from userspace in all ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5861 (In a display driver in all Qualcomm products with Android releases ...)
+CVE-2016-5861 (In a display driver in all Qualcomm products with Android for MSM, ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5860 (In an audio driver in all Qualcomm products with Android releases from ...)
+CVE-2016-5860 (In an audio driver in all Qualcomm products with Android for MSM, ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5859 (In a sound driver in all Qualcomm products in all Android releases ...)
+CVE-2016-5859 (In a sound driver in all Qualcomm products with Android for MSM, ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5858 (In an ioctl handler in all Qualcomm products with Android releases ...)
+CVE-2016-5858 (In an ioctl handler in all Qualcomm products with Android for MSM, ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-5857 (The Qualcomm SPCom driver in Android before 7.0 allows local users to ...)
 	NOTE: Red Hat seem to have typoed the CVE, which should be CVE-2016-5875, asked to confirm
 CVE-2016-5856 (Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5855 (In a driver, in all Qualcomm product with Android releases from CAF ...)
+CVE-2016-5855 (In a driver in all Qualcomm products with Android for MSM, Firefox OS ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5854 (In a driver in all Qualcomm products with Android releases from CAF ...)
+CVE-2016-5854 (In a driver in all Qualcomm products with Android for MSM, Firefox OS ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-5853 (In an audio driver in all Qualcomm products with Android releases from ...)
 	NOT-FOR-US: Qualcomm driver for Android




More information about the Secure-testing-commits mailing list