[Secure-testing-commits] r48669 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu Feb 2 21:10:13 UTC 2017
Author: sectracker
Date: 2017-02-02 21:10:13 +0000 (Thu, 02 Feb 2017)
New Revision: 48669
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-02 20:11:40 UTC (rev 48668)
+++ data/CVE/list 2017-02-02 21:10:13 UTC (rev 48669)
@@ -1,69 +1,395 @@
+CVE-2017-5851
+ RESERVED
+CVE-2017-5836
+ RESERVED
+CVE-2017-5835
+ RESERVED
+CVE-2017-5834
+ RESERVED
+CVE-2017-5829
+ RESERVED
+CVE-2017-5828
+ RESERVED
+CVE-2017-5827
+ RESERVED
+CVE-2017-5826
+ RESERVED
+CVE-2017-5825
+ RESERVED
+CVE-2017-5824
+ RESERVED
+CVE-2017-5823
+ RESERVED
+CVE-2017-5822
+ RESERVED
+CVE-2017-5821
+ RESERVED
+CVE-2017-5820
+ RESERVED
+CVE-2017-5819
+ RESERVED
+CVE-2017-5818
+ RESERVED
+CVE-2017-5817
+ RESERVED
+CVE-2017-5816
+ RESERVED
+CVE-2017-5815
+ RESERVED
+CVE-2017-5814
+ RESERVED
+CVE-2017-5813
+ RESERVED
+CVE-2017-5812
+ RESERVED
+CVE-2017-5811
+ RESERVED
+CVE-2017-5810
+ RESERVED
+CVE-2017-5809
+ RESERVED
+CVE-2017-5808
+ RESERVED
+CVE-2017-5807
+ RESERVED
+CVE-2017-5806
+ RESERVED
+CVE-2017-5805
+ RESERVED
+CVE-2017-5804
+ RESERVED
+CVE-2017-5803
+ RESERVED
+CVE-2017-5802
+ RESERVED
+CVE-2017-5801
+ RESERVED
+CVE-2017-5800
+ RESERVED
+CVE-2017-5799
+ RESERVED
+CVE-2017-5798
+ RESERVED
+CVE-2017-5797
+ RESERVED
+CVE-2017-5796
+ RESERVED
+CVE-2017-5795
+ RESERVED
+CVE-2017-5794
+ RESERVED
+CVE-2017-5793
+ RESERVED
+CVE-2017-5792
+ RESERVED
+CVE-2017-5791
+ RESERVED
+CVE-2017-5790
+ RESERVED
+CVE-2017-5789
+ RESERVED
+CVE-2017-5788
+ RESERVED
+CVE-2017-5787
+ RESERVED
+CVE-2017-5786
+ RESERVED
+CVE-2017-5785
+ RESERVED
+CVE-2017-5784
+ RESERVED
+CVE-2017-5783
+ RESERVED
+CVE-2017-5782
+ RESERVED
+CVE-2017-5781
+ RESERVED
+CVE-2017-5780
+ RESERVED
+CVE-2017-5779
+ RESERVED
+CVE-2017-5778
+ RESERVED
+CVE-2017-5777
+ RESERVED
+CVE-2017-5776
+ RESERVED
+CVE-2017-5775
+ RESERVED
+CVE-2017-5774
+ RESERVED
+CVE-2017-5773
+ RESERVED
+CVE-2017-5772
+ RESERVED
+CVE-2017-5771
+ RESERVED
+CVE-2017-5770
+ RESERVED
+CVE-2017-5769
+ RESERVED
+CVE-2017-5768
+ RESERVED
+CVE-2017-5767
+ RESERVED
+CVE-2017-5766
+ RESERVED
+CVE-2017-5765
+ RESERVED
+CVE-2017-5764
+ RESERVED
+CVE-2017-5763
+ RESERVED
+CVE-2017-5762
+ RESERVED
+CVE-2017-5761
+ RESERVED
+CVE-2017-5760
+ RESERVED
+CVE-2017-5759
+ RESERVED
+CVE-2017-5758
+ RESERVED
+CVE-2017-5757
+ RESERVED
+CVE-2017-5756
+ RESERVED
+CVE-2017-5755
+ RESERVED
+CVE-2017-5754
+ RESERVED
+CVE-2017-5753
+ RESERVED
+CVE-2017-5752
+ RESERVED
+CVE-2017-5751
+ RESERVED
+CVE-2017-5750
+ RESERVED
+CVE-2017-5749
+ RESERVED
+CVE-2017-5748
+ RESERVED
+CVE-2017-5747
+ RESERVED
+CVE-2017-5746
+ RESERVED
+CVE-2017-5745
+ RESERVED
+CVE-2017-5744
+ RESERVED
+CVE-2017-5743
+ RESERVED
+CVE-2017-5742
+ RESERVED
+CVE-2017-5741
+ RESERVED
+CVE-2017-5740
+ RESERVED
+CVE-2017-5739
+ RESERVED
+CVE-2017-5738
+ RESERVED
+CVE-2017-5737
+ RESERVED
+CVE-2017-5736
+ RESERVED
+CVE-2017-5735
+ RESERVED
+CVE-2017-5734
+ RESERVED
+CVE-2017-5733
+ RESERVED
+CVE-2017-5732
+ RESERVED
+CVE-2017-5731
+ RESERVED
+CVE-2017-5730
+ RESERVED
+CVE-2017-5729
+ RESERVED
+CVE-2017-5728
+ RESERVED
+CVE-2017-5727
+ RESERVED
+CVE-2017-5726
+ RESERVED
+CVE-2017-5725
+ RESERVED
+CVE-2017-5724
+ RESERVED
+CVE-2017-5723
+ RESERVED
+CVE-2017-5722
+ RESERVED
+CVE-2017-5721
+ RESERVED
+CVE-2017-5720
+ RESERVED
+CVE-2017-5719
+ RESERVED
+CVE-2017-5718
+ RESERVED
+CVE-2017-5717
+ RESERVED
+CVE-2017-5716
+ RESERVED
+CVE-2017-5715
+ RESERVED
+CVE-2017-5714
+ RESERVED
+CVE-2017-5713
+ RESERVED
+CVE-2017-5712
+ RESERVED
+CVE-2017-5711
+ RESERVED
+CVE-2017-5710
+ RESERVED
+CVE-2017-5709
+ RESERVED
+CVE-2017-5708
+ RESERVED
+CVE-2017-5707
+ RESERVED
+CVE-2017-5706
+ RESERVED
+CVE-2017-5705
+ RESERVED
+CVE-2017-5704
+ RESERVED
+CVE-2017-5703
+ RESERVED
+CVE-2017-5702
+ RESERVED
+CVE-2017-5701
+ RESERVED
+CVE-2017-5700
+ RESERVED
+CVE-2017-5699
+ RESERVED
+CVE-2017-5698
+ RESERVED
+CVE-2017-5697
+ RESERVED
+CVE-2017-5696
+ RESERVED
+CVE-2017-5695
+ RESERVED
+CVE-2017-5694
+ RESERVED
+CVE-2017-5693
+ RESERVED
+CVE-2017-5692
+ RESERVED
+CVE-2017-5691
+ RESERVED
+CVE-2017-5690
+ RESERVED
+CVE-2017-5689
+ RESERVED
+CVE-2017-5688
+ RESERVED
+CVE-2017-5687
+ RESERVED
+CVE-2017-5686
+ RESERVED
+CVE-2017-5685
+ RESERVED
+CVE-2017-5684
+ RESERVED
+CVE-2017-5683
+ RESERVED
+CVE-2017-5682
+ RESERVED
+CVE-2017-5680
+ RESERVED
+CVE-2016-10197
+ RESERVED
+CVE-2016-10196
+ RESERVED
+CVE-2016-10195
+ RESERVED
CVE-2017-5848 [gst-plugins-bad/mpegdemux: Invalid memory read in gst_ps_demux_parse_psm]
+ RESERVED
- gst-plugins-bad1.0 <unfixed> (low)
- gst-plugins-bad0.10 <undetermined>
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777957
CVE-2017-5847 [gst-plugins-ugly/asfdemux: out of bounds read in gst_asf_demux_process_ext_content_desc]
+ RESERVED
- gst-plugins-ugly1.0 <unfixed> (low)
- gst-plugins-ugly0.10 <undetermined>
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777955
CVE-2017-5846 [gst-plugins-ugly/asfdemux: invalid memory read in gst_asf_demux_process_ext_stream_props()]
+ RESERVED
- gst-plugins-ugly1.0 1.10.3-1 (low)
- gst-plugins-ugly0.10 <undetermined>
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777937
CVE-2017-5845 [gst-plugins-good/avidemux: invalid memory read in gst_avi_demux_parse_ncdt]
+ RESERVED
- gst-plugins-good1.0 1.10.3-1 (low)
- gst-plugins-good0.10 <undetermined>
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777532
CVE-2017-5844 [gst-plugins-base: floating point exception in gst_riff_create_audio_caps (another one)]
+ RESERVED
- gst-plugins-base1.0 1.10.3-1 (low)
- gst-plugins-base0.10 <undetermined>
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777525
CVE-2017-5843 [gst-plugins-bad/mxfdemux: use after free in gst_mini_object_unref / gst_tag_list_unref / gst_mxf_demux_update_essence_tracks]
+ RESERVED
- gst-plugins-bad1.0 1.10.3-1
- gst-plugins-bad0.10 <undetermined>
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777503
CVE-2017-5842 [gst-plugins-base/samiparse: heap oob in html_context_handle_element]
+ RESERVED
- gst-plugins-base1.0 1.10.3-1
- gst-plugins-base0.10 <undetermined>
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777502
CVE-2017-5841 [gst-plugins-good/avidemux: gst_avi_demux_parse_ncdt heap out of bounds read]
+ RESERVED
- gst-plugins-good1.0 1.10.3-1 (low)
- gst-plugins-good0.10 <undetermined>
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777500
CVE-2017-5840 [gst-plugins-good/qtdemux: out of bounds heap read in qtdemux_parse_samples]
+ RESERVED
- gst-plugins-good1.0 1.10.3-1 (low)
- gst-plugins-good0.10 <undetermined>
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777469
CVE-2017-5839 [gst-plugins-base/riff: stack overflow in gst_riff_create_audio_caps]
+ RESERVED
- gst-plugins-base1.0 1.10.3-1
- gst-plugins-base0.10 <undetermined>
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777265
CVE-2017-5838 [gstreamer core/datetime: out of bounds read in gst_date_time_new_from_iso8601_string()]
+ RESERVED
- gstreamer1.0 1.10.3-1 (low)
- gstreamer0.10 <undetermined>
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777263
CVE-2017-5837 [gst-plugins-base/riff-media: floating point exception in gst_riff_create_audio_caps]
+ RESERVED
- gst-plugins-base1.0 1.10.3-1 (low)
- gst-plugins-base0.10 <undetermined>
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777262
CVE-2016-10199 [gst-plugins-good/qtdemux: out of bounds read in qtdemux_tag_add_str_full]
+ RESERVED
- gst-plugins-good1.0 1.10.3-1 (low)
- gst-plugins-good0.10 <undetermined>
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775451
CVE-2016-10198 [gstreamer invalid memory read in gst_aac_parse_sink_setcaps]
+ RESERVED
- gst-plugins-good1.0 1.10.3-1 (low)
- gst-plugins-good0.10 <undetermined>
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
@@ -71,16 +397,19 @@
CVE-2016-XXXX [iio-sensor-proxy: insecure dbus policy]
- iio-sensor-proxy 2.0-4 (bug #853951)
CVE-2016-10192 [ffmpeg ffserver.c]
+ RESERVED
- ffmpeg 7:3.2.2-1
- libav <undetermined>
NOTE: Patch: https://github.com/FFmpeg/FFmpeg/commit/a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156
NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/12
CVE-2016-10191 [ffmpeg libavformat/rtmppkt.c]
+ RESERVED
- ffmpeg 7:3.2.2-1
- libav <undetermined>
NOTE: Patch: https://github.com/FFmpeg/FFmpeg/commit/7d57ca4d9a75562fa32e40766211de150f8b3ee7
NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/12
CVE-2016-10190 [ffmpeg libavformat/http.c]
+ RESERVED
- ffmpeg 7:3.2.2-1
- libav <undetermined>
NOTE: Patch: https://github.com/FFmpeg/FFmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa
@@ -100,6 +429,7 @@
CVE-2017-5676
RESERVED
CVE-2017-5857 [Qemu: display: virtio-gpu-3d: host memory leakage in virgl_cmd_resource_unref]
+ RESERVED
- qemu <unfixed>
[jessie] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <not-affected> (Vulnerable code not present)
@@ -107,6 +437,7 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1418382
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/21c
CVE-2017-5856 [Qemu: scsi: megasas: host memory leakage in megasas_handle_dcmd]
+ RESERVED
- qemu <unfixed>
[jessie] - qemu <no-dsa> (Minor issue; can be fixed in future DSA or point release)
- qemu-kvm <removed>
@@ -114,31 +445,44 @@
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=765a707000e838c30b18d712fe6cb3dd8e0435f3
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1418342
CVE-2016-10193
+ RESERVED
NOT-FOR-US: espeak-ruby Ruby gem
CVE-2016-10194
+ RESERVED
NOT-FOR-US: festivaltts4r
CVE-2015-8981
+ RESERVED
NOT-FOR-US: podofo
CVE-2017-5855
+ RESERVED
NOT-FOR-US: podofo
CVE-2017-5854
+ RESERVED
NOT-FOR-US: podofo
CVE-2017-5853
+ RESERVED
NOT-FOR-US: podofo
CVE-2017-5852
+ RESERVED
NOT-FOR-US: podofo
CVE-2017-5849 [Out-of-Bound read and write issues in put1bitbwtile() and putgreytile()]
+ RESERVED
- netpbm-free <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2017/02/02/2
CVE-2017-5850
+ RESERVED
NOT-FOR-US: OpenBSD httpd
CVE-2017-5833
+ RESERVED
NOT-FOR-US: Revive Adserver
CVE-2017-5832
+ RESERVED
NOT-FOR-US: Revive Adserver
CVE-2017-5831
+ RESERVED
NOT-FOR-US: Revive Adserver
CVE-2017-5830
+ RESERVED
NOT-FOR-US: Revive Adserver
CVE-2017-5675
RESERVED
@@ -233,8 +577,8 @@
NOT-FOR-US: Asus router
CVE-2017-5631
RESERVED
-CVE-2017-5630
- RESERVED
+CVE-2017-5630 (PECL in the download utility class in the Installer in PEAR Base System ...)
+ TODO: check
CVE-2017-5629
RESERVED
CVE-2017-5626
@@ -1702,10 +2046,10 @@
RESERVED
CVE-2017-5220
RESERVED
-CVE-2017-5219
- RESERVED
-CVE-2017-5218
- RESERVED
+CVE-2017-5219 (An issue was discovered in SageCRM 7.x before 7.3 SP3. The Component ...)
+ TODO: check
+CVE-2017-5218 (A SQL Injection issue was discovered in SageCRM 7.x before 7.3 SP3. The ...)
+ TODO: check
CVE-2017-5217 (Installing a zero-permission Android application on certain Samsung ...)
NOT-FOR-US: Samsung
CVE-2017-5216 (Stack-based buffer overflow vulnerability in Netop Remote Control ...)
@@ -13371,7 +13715,7 @@
RESERVED
CVE-2017-0358
RESERVED
- {DSA-3780-1}
+ {DSA-3780-1 DLA-815-1}
- ntfs-3g 1:2016.2.22AR.1-4
CVE-2017-0357 [heap buffer overflow on -tr loader]
RESERVED
More information about the Secure-testing-commits
mailing list