[Secure-testing-commits] r49157 - data/CVE

Thu Feb 23 21:10:12 UTC 2017

Author: sectracker
Date: 2017-02-23 21:10:12 +0000 (Thu, 23 Feb 2017)
New Revision: 49157

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-02-23 20:13:25 UTC (rev 49156)
+++ data/CVE/list	2017-02-23 21:10:12 UTC (rev 49157)
@@ -1,16 +1,88 @@
-CVE-2017-6214 [infinite loop in tcp_splice_read()]
+CVE-2017-6246
+	RESERVED
+CVE-2017-6245
+	RESERVED
+CVE-2017-6244
+	RESERVED
+CVE-2017-6243
+	RESERVED
+CVE-2017-6242
+	RESERVED
+CVE-2017-6241
+	RESERVED
+CVE-2017-6240
+	RESERVED
+CVE-2017-6239
+	RESERVED
+CVE-2017-6238
+	RESERVED
+CVE-2017-6237
+	RESERVED
+CVE-2017-6236
+	RESERVED
+CVE-2017-6235
+	RESERVED
+CVE-2017-6234
+	RESERVED
+CVE-2017-6233
+	RESERVED
+CVE-2017-6232
+	RESERVED
+CVE-2017-6231
+	RESERVED
+CVE-2017-6230
+	RESERVED
+CVE-2017-6229
+	RESERVED
+CVE-2017-6228
+	RESERVED
+CVE-2017-6227
+	RESERVED
+CVE-2017-6226
+	RESERVED
+CVE-2017-6225
+	RESERVED
+CVE-2017-6224
+	RESERVED
+CVE-2017-6223
+	RESERVED
+CVE-2017-6222
+	RESERVED
+CVE-2017-6221
+	RESERVED
+CVE-2017-6220
+	RESERVED
+CVE-2017-6219
+	RESERVED
+CVE-2017-6218
+	RESERVED
+CVE-2017-6217
+	RESERVED
+CVE-2017-6216
+	RESERVED
+CVE-2017-6215
+	RESERVED
+CVE-2017-6213
+	RESERVED
+CVE-2017-6212
+	RESERVED
+CVE-2017-6211
+	RESERVED
+CVE-2017-6214 (The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel ...)
 	- linux <unfixed>
 	NOTE: Fixed by: https://git.kernel.org/linus/ccf7abb93af09ad0868ae9033d1ca8108bdaec82 (v4.10-rc8)
 CVE-2017-6210 [null pointer dereference in vrend_decode_reset]
+	RESERVED
 	- virglrenderer <unfixed>
 	NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=0a5dff15912207b83018485f83e067474e818bab (0.6.0)
 CVE-2017-6209 [stack buffer oveflow in parse_identifier]
+	RESERVED
 	- virglrenderer <unfixed>
 	NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=e534b51ca3c3cd25f3990589932a9ed711c59b27 (0.6.0)
 CVE-2017-6208
 	RESERVED
 CVE-2017-6207
-	RESERVED
+	REJECTED
 CVE-2017-6206 (D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, ...)
 	NOT-FOR-US: D-Link
 CVE-2017-6205 (D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, ...)
@@ -3791,8 +3863,7 @@
 	- php7.0 7.0.15-1 (bug #850158)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73832
 	NOTE: Fixed in PHP 7.1.1, 7.0.15
-CVE-2016-10109 [pcsc-lite use-after-free]
-	RESERVED
+CVE-2016-10109 (Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a ...)
 	{DSA-3752-1 DLA-778-1}
 	- pcsc-lite 1.8.20-1
 	NOTE: https://anonscm.debian.org/cgit/pcsclite/PCSC.git/commit/?id=697fe05967af7ea215bcd5d5774be587780c9e22
@@ -17423,8 +17494,8 @@
 	RESERVED
 CVE-2016-8975
 	RESERVED
-CVE-2016-8974
-	RESERVED
+CVE-2016-8974 (IBM Rhapsody DM 4.0, 5.0 and 6.0 is vulnerable to a denial of service, ...)
+	TODO: check
 CVE-2016-8973
 	RESERVED
 CVE-2016-8972 (IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root ...)
@@ -27105,8 +27176,8 @@
 	RESERVED
 CVE-2016-6056
 	RESERVED
-CVE-2016-6055
-	RESERVED
+CVE-2016-6055 (IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to ...)
+	TODO: check
 CVE-2016-6054 (IBM Jazz Foundation is vulnerable to cross-site scripting. This ...)
 	NOT-FOR-US: IBM
 CVE-2016-6053
@@ -27449,8 +27520,8 @@
 	RESERVED
 CVE-2016-5884 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability ...)
 	NOT-FOR-US: IBM
-CVE-2016-5883
-	RESERVED
+CVE-2016-5883 (IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This ...)
+	TODO: check
 CVE-2016-5882 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability ...)
 	NOT-FOR-US: IBM
 CVE-2016-5881 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability ...)
@@ -39473,8 +39544,7 @@
 	- xdelta3 3.0.8-dfsg-1.1 (bug #814067)
 	NOTE: https://github.com/jmacd/xdelta-devel/commit/ef93ff74203e030073b898c05e8b4860b5d09ef2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/08/1
-CVE-2017-6100 [LFI posting internal files externally abusing default parameter]
-	RESERVED
+CVE-2017-6100 (tcpdf before 6.2.0 uploads files from the server generating PDF-files ...)
 	- tcpdf 6.2.12+dfsg2-1 (bug #814030)
 	NOTE: https://sourceforge.net/p/tcpdf/bugs/1005/
 CVE-2015-8808 (The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 ...)


