[Secure-testing-commits] r48381 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Wed Jan 25 21:10:12 UTC 2017
Author: sectracker
Date: 2017-01-25 21:10:12 +0000 (Wed, 25 Jan 2017)
New Revision: 48381
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-25 18:19:49 UTC (rev 48380)
+++ data/CVE/list 2017-01-25 21:10:12 UTC (rev 48381)
@@ -1,3 +1,17 @@
+CVE-2017-5588
+ RESERVED
+CVE-2017-5587
+ RESERVED
+CVE-2017-5586
+ RESERVED
+CVE-2017-5585
+ RESERVED
+CVE-2017-5584
+ RESERVED
+CVE-2017-5583
+ RESERVED
+CVE-2017-5582
+ RESERVED
CVE-2017-XXXX [jasper: heap-based buffer overflow in jpc_dec_decodepkt (jpc_t2dec.c)]
- jasper <unfixed>
NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/114
@@ -36,40 +50,48 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1367357
NOTE: https://github.com/mm2/Little-CMS/commit/5ca71a7bc18b6897ab21d815d15e218e204581e2
CVE-2016-10164 [heap overflow]
+ RESERVED
- libxpm 1:3.5.12-1
NOTE: Fixed by: https://cgit.freedesktop.org/xorg/lib/libXpm/commit/?id=d1167418f0fd02a27f617ec5afd6db053afbe185
NOTE: http://www.openwall.com/lists/oss-security/2017/01/22/2
CVE-2016-10163 [host memory leakage when creating decode context]
+ RESERVED
- virglrenderer <unfixed> (bug #852603)
NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=747a293ff6055203e529f083896b823e22523fe7
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1415944
CVE-2017-5581
+ RESERVED
- tigervnc <unfixed> (bug #852213)
NOTE: https://github.com/TigerVNC/tigervnc/pull/399
NOTE: https://github.com/TigerVNC/tigervnc/commit/18c020124ff1b2441f714da2017f63dba50720ba
CVE-2017-5580 [OOB access while parsing texture instruction]
+ RESERVED
- virglrenderer <unfixed> (bug #852604)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1415986
NOTE: https://lists.freedesktop.org/archives/virglrenderer-devel/2017-January/000105.html
CVE-2017-5579 [serial: host memory leakage in 16550A UART emulation]
+ RESERVED
- qemu <unfixed>
- qemu-kvm <removed>
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=8409dc884a201bf74b30a9d232b6bbdd00cb7e2b
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1416157
TODO: check
CVE-2017-5578 [display: virtio-gpu: host memory leakage in virtio_gpu_resource_attach_backing]
+ RESERVED
- qemu <unfixed>
- qemu-kvm <removed>
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=204f01b30975923c64006f8067f0937b91eea68b
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1415795
TODO: check affected versions
CVE-2017-5577 [drm/vc4: Return -EINVAL on the overflow checks failing]
+ RESERVED
- linux <unfixed>
[jessie] - linux <not-affected> (Vulnerable code introduced later)
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://lkml.org/lkml/2017/1/17/759
NOTE: Introduced by: https://github.com/torvalds/linux/commit/d5b1a78a772f1e31a94f8babfa964152ec5e9aa5 (4.5-rc1)
CVE-2017-5576 [drm/vc4: Fix an integer overflow in temporary allocation layout]
+ RESERVED
- linux <unfixed>
[jessie] - linux <not-affected> (Vulnerable code introduced later)
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -85,10 +107,10 @@
RESERVED
CVE-2017-5571
RESERVED
-CVE-2017-5570
- RESERVED
-CVE-2017-5569
- RESERVED
+CVE-2017-5570 (An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. ...)
+ TODO: check
+CVE-2017-5569 (An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. ...)
+ TODO: check
CVE-2017-5568
RESERVED
CVE-2017-5567
@@ -160,30 +182,30 @@
RESERVED
CVE-2017-5527
RESERVED
-CVE-2016-10162 [NULL Pointer Dereference while unserialize php object]
+CVE-2016-10162 (The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7.0.x ...)
- php7.1 <unfixed>
- php7.0 7.0.15-1
NOTE: PHP Bug: http://bugs.php.net/73831
NOTE: Fixed in 7.0.15, 7.1.1
-CVE-2016-10161 [Heap out of bounds read on unserialize in finish_nested_data()]
+CVE-2016-10161 (The object_common1 function in ext/standard/var_unserializer.c in PHP ...)
- php7.1 <unfixed>
- php7.0 7.0.15-1
- php5 <removed>
NOTE: PHP Bug: http://bugs.php.net/73825
NOTE: Fixed in 5.6.30, 7.0.15, 7.1.1
-CVE-2016-10160 [Memory corruption when loading hostile phar]
+CVE-2016-10160 (Off-by-one error in the phar_parse_pharfile function in ...)
- php7.1 <unfixed>
- php7.0 7.0.15-1
- php5 <removed>
NOTE: PHP Bug: http://bugs.php.net/73768
NOTE: Fixed in 5.6.30, 7.0.15, 7.1.1
-CVE-2016-10159 [Crash while loading hostile phar archive]
+CVE-2016-10159 (Integer overflow in the phar_parse_pharfile function in ...)
- php7.1 <unfixed>
- php7.0 7.0.15-1
- php5 <removed>
NOTE: PHP Bug: http://bugs.php.net/73764
NOTE: Fixed in 5.6.30, 7.0.15, 7.1.1
-CVE-2016-10158 [FPE when parsing a tag format]
+CVE-2016-10158 (The exif_convert_any_to_int function in ext/exif/exif.c in PHP before ...)
- php7.1 <unfixed>
- php7.0 7.0.15-1
- php5 <removed>
@@ -360,8 +382,7 @@
RESERVED
CVE-2017-5496
RESERVED
-CVE-2017-5495 [Telnet interface input buffer allocates unbounded amounts of memory]
- RESERVED
+CVE-2017-5495 (All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an ...)
- quagga <unfixed> (bug #852454)
[jessie] - quagga <no-dsa> (Minor issue)
NOTE: http://savannah.nongnu.org/forum/forum.php?forum_id=8783
@@ -681,10 +702,10 @@
- firefox-esr 45.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5373
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5373
-CVE-2017-5372
- RESERVED
-CVE-2017-5371
- RESERVED
+CVE-2017-5372 (The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE ...)
+ TODO: check
+CVE-2017-5371 (Odata Server in SAP Adaptive Server Enterprise (ASE) 16 allows remote ...)
+ TODO: check
CVE-2017-5370
RESERVED
CVE-2017-5369
@@ -1286,8 +1307,8 @@
RESERVED
CVE-2017-5183
RESERVED
-CVE-2017-5182
- RESERVED
+CVE-2017-5182 (Remote Manager in Open Enterprise Server (OES) allows unauthenticated ...)
+ TODO: check
CVE-2017-5181
RESERVED
CVE-2017-5196 [Out of bounds read in certain incomplete character sequences]
@@ -4142,7 +4163,7 @@
NOTE: http://legalhackers.com/advisories/ZendFramework-Exploit-ZendMail-Remote-Code-Exec-CVE-2016-10034-Vuln.html
CVE-2014-9914
RESERVED
-CVE-2016-10045 (The isMail transport in PHPMailer before 5.2.20, when the Sender ...)
+CVE-2016-10045 (The isMail transport in PHPMailer before 5.2.20 might allow remote ...)
- libphp-phpmailer <not-affected> (Incomplete fix not applied)
NOTE: https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10045-Vuln-Patch-Bypass.html
CVE-2016-10033 (The mailSend function in the isMail transport in PHPMailer before ...)
@@ -6917,12 +6938,12 @@
RESERVED
CVE-2017-2973
RESERVED
-CVE-2017-2972
- RESERVED
-CVE-2017-2971
- RESERVED
-CVE-2017-2970
- RESERVED
+CVE-2017-2972 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+ TODO: check
+CVE-2017-2971 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+ TODO: check
+CVE-2017-2970 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 ...)
+ TODO: check
CVE-2017-2969
RESERVED
CVE-2017-2968
@@ -7003,8 +7024,8 @@
NOT-FOR-US: Adobe Flash
CVE-2017-2930 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
NOT-FOR-US: Adobe Flash
-CVE-2017-2929
- RESERVED
+CVE-2017-2929 (Adobe Acrobat Chrome extension version 15.1.0.3 and earlier have a ...)
+ TODO: check
CVE-2017-2928 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
NOT-FOR-US: Adobe Flash
CVE-2017-2927 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
@@ -13790,13 +13811,11 @@
RESERVED
CVE-2016-9402
RESERVED
-CVE-2016-9386 [x86 null segments not always treated as unusable]
- RESERVED
+CVE-2016-9386 (The x86 emulator in Xen does not properly treat x86 NULL segments as ...)
{DSA-3729-1 DLA-720-1}
- xen 4.8.0-1 (bug #845663)
NOTE: https://xenbits.xen.org/xsa/advisory-191.html
-CVE-2016-9385 [x86 segment base write emulation lacking canonical address checks]
- RESERVED
+CVE-2016-9385 (The x86 segment base write emulation functionality in Xen 4.4.x ...)
{DSA-3729-1}
- xen 4.8.0-1 (bug #845665)
[wheezy] - xen <not-affected> (Only affects Xen >= 4.4)
@@ -13807,29 +13826,24 @@
[jessie] - xen <not-affected> (Only affects Xen >= 4.7)
[wheezy] - xen <not-affected> (Only affects Xen >= 4.7)
NOTE: https://xenbits.xen.org/xsa/advisory-194.html
-CVE-2016-9383 [x86 64-bit bit test instruction emulation broken]
- RESERVED
+CVE-2016-9383 (Xen, when running on a 64-bit hypervisor, allows local x86 guest OS ...)
{DSA-3729-1 DLA-720-1}
- xen 4.8.0-1 (bug #845668)
NOTE: https://xenbits.xen.org/xsa/advisory-195.html
-CVE-2016-9382 [x86 task switch to VM86 mode mis-handled]
- RESERVED
+CVE-2016-9382 (Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, ...)
{DSA-3729-1 DLA-720-1}
- xen 4.8.0-1 (bug #845664)
NOTE: https://xenbits.xen.org/xsa/advisory-192.html
-CVE-2016-9381 [qemu incautious about shared ring processing]
- RESERVED
+CVE-2016-9381 (Race condition in QEMU in Xen allows local x86 HVM guest OS ...)
{DLA-720-1}
- xen 4.4.0-1
NOTE: Xen switched to qemu-system in 4.4.0-1
NOTE: https://xenbits.xen.org/xsa/advisory-197.html
-CVE-2016-9380 [delimiter injection vulnerabilities in pygrub]
- RESERVED
+CVE-2016-9380 (The pygrub boot loader emulator in Xen, when nul-delimited output ...)
{DSA-3729-1 DLA-720-1}
- xen 4.8.0-1 (bug #845670)
NOTE: https://xenbits.xen.org/xsa/advisory-198.html
-CVE-2016-9379 [delimiter injection vulnerabilities in pygrub]
- RESERVED
+CVE-2016-9379 (The pygrub boot loader emulator in Xen, when S-expression output ...)
{DSA-3729-1 DLA-720-1}
- xen 4.8.0-1 (bug #845670)
NOTE: https://xenbits.xen.org/xsa/advisory-198.html
@@ -13959,16 +13973,14 @@
NOTE: TIFFReadDirectory: Warning, Unknown field with tag 3 (0x3) encountered.
NOTE: TIFFReadDirectory: IO error during reading of "BitsPerSample".
NOTE: tiff2pdf: Can't open input file ./CVE-2016-9453.tiff for reading.
-CVE-2016-9446 [gstreamer 0.10 VMNC code execution #2]
- RESERVED
+CVE-2016-9446 (The vmnc decoder in the gstreamer does not initialize the render ...)
{DSA-3717-1 DLA-712-1}
- gst-plugins-bad0.10 <removed>
- gst-plugins-bad1.0 1.10.1-1
NOTE: http://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html
NOTE: Upstream Bug: https://bugzilla.gnome.org/show_bug.cgi?id=774533
NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-bad/commit/?id=4cb1bcf1422bbcd79c0f683edb7ee85e3f7a31fe
-CVE-2016-9445 [gstreamer 0.10 VMNC code execution]
- RESERVED
+CVE-2016-9445 (Integer overflow in the vmnc decoder in the gstreamer allows remote ...)
{DSA-3717-1 DLA-712-1}
- gst-plugins-bad0.10 <removed>
- gst-plugins-bad1.0 1.10.1-1
@@ -14112,8 +14124,7 @@
[jessie] - w3m 0.5.3-19+deb8u1
[wheezy] - w3m <no-dsa> (Minor issue)
NOTE: https://github.com/tats/w3m/issues/8
-CVE-2016-9401 [popd controlled free]
- RESERVED
+CVE-2016-9401 (popd in bash might allow local users to bypass the restricted shell ...)
- bash 4.4-3 (bug #844727)
[jessie] - bash <no-dsa> (Minor issue)
[wheezy] - bash <no-dsa> (Minor issue)
@@ -14359,8 +14370,7 @@
RESERVED
CVE-2016-9263
RESERVED
-CVE-2016-9447 [gstreamer 0.10 NSF code execution]
- RESERVED
+CVE-2016-9447 (The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote ...)
{DSA-3713-1 DLA-712-1}
- gst-plugins-bad0.10 <removed>
NOTE: http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html
@@ -14654,14 +14664,12 @@
NOT-FOR-US: Cisco
CVE-2016-9192 (A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows ...)
NOT-FOR-US: Cisco
-CVE-2015-8972 [user input buffer overflow]
- RESERVED
+CVE-2015-8972 (Stack-based buffer overflow in the ValidateMove function in ...)
- gnuchess 6.2.4-1 (unimportant)
NOTE: Built with hardening flags, no security impact
NOTE: http://lists.gnu.org/archive/html/bug-gnu-chess/2015-10/msg00002.html
NOTE: http://svn.savannah.gnu.org/viewvc?view=rev&root=chess&revision=134
-CVE-2015-8971 [Escape Sequence Command Execution vulnerability]
- RESERVED
+CVE-2015-8971 (Terminology 0.7.0 allows remote attackers to execute arbitrary ...)
{DSA-3712-1}
- terminology 0.7.0-2 (bug #843434)
NOTE: https://git.enlightenment.org/apps/terminology.git/commit/?id=b80bedc7c21ecffe99d8d142930db696eebdd6a5
@@ -15035,8 +15043,8 @@
- gitlab 8.13.3+dfsg1-2 (bug #843519)
NOTE: https://hackerone.com/reports/178152
NOTE: https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/
-CVE-2016-9081
- RESERVED
+CVE-2016-9081 (Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, ...)
+ TODO: check
CVE-2016-9080
RESERVED
- firefox 50.1.0-1
@@ -15168,7 +15176,7 @@
CVE-2016-9042
RESERVED
CVE-2016-9041
- RESERVED
+ REJECTED
CVE-2016-9040
RESERVED
CVE-2016-9039
@@ -15271,8 +15279,8 @@
[wheezy] - python-django <no-dsa> (Minor issue; specific to Oracle)
NOTE: https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
NOTE: https://github.com/django/django/commit/da7910d4834726eca596af0a830762fa5fb2dfd9
-CVE-2016-9012
- RESERVED
+CVE-2016-9012 (CloudVision Portal (CVP) before 2016.1.2.1 allows remote authenticated ...)
+ TODO: check
CVE-2016-9010
RESERVED
CVE-2016-9009
@@ -17732,11 +17740,9 @@
RESERVED
CVE-2016-8216
RESERVED
-CVE-2016-8215
- RESERVED
+CVE-2016-8215 (EMC RSA Security Analytics 10.5.3 and 10.6.2 contains fixes for a ...)
NOT-FOR-US: RSA Security Analytics
-CVE-2016-8214
- RESERVED
+CVE-2016-8214 (EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions ...)
NOT-FOR-US: EMC Avamar
CVE-2016-8213 (EMC Documentum WebTop Version 6.8, prior to P18 and Version 6.8.1, ...)
NOT-FOR-US: EMC Documentum
@@ -19403,8 +19409,8 @@
- git-hub 0.10.2-2 (bug #839284)
CVE-2016-7793 (sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to ...)
- git-hub 0.10.2-2 (bug #839284)
-CVE-2016-7792
- RESERVED
+CVE-2016-7792 (Ubiquiti Networks UniFi 5.2.7 does not restrict access to the ...)
+ TODO: check
CVE-2016-7791 (Exponent CMS 2.3.9 suffers from a remote code execution vulnerability ...)
NOT-FOR-US: Exponent CMS
CVE-2016-7790 (Exponent CMS 2.3.9 suffers from a remote code execution vulnerability ...)
@@ -19928,8 +19934,7 @@
[jessie] - php5 5.6.27+dfsg-0+deb8u1
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73003
NOTE: https://github.com/php/php-src/commit/c18263e0e0769faee96a5d0ee04b750c442783c6
-CVE-2016-7567
- RESERVED
+CVE-2016-7567 (Buffer overflow in the SLPFoldWhiteSpace function in ...)
- openslp-dfsg <not-affected> (Only affects openslp 2)
NOTE: https://sourceforge.net/p/openslp/mercurial/ci/34fb3aa5e6b4997fa21cb614e480de36da5dbc9a/
CVE-2016-7566
@@ -20359,8 +20364,7 @@
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73052
NOTE: Fixed in 5.6.26
NOTE: https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43?w=1
-CVE-2016-7410 [Heap buffer overflow in _dwarf_read_loc_section]
- RESERVED
+CVE-2016-7410 (The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf ...)
- dwarfutils 20160923-1 (bug #838019)
[jessie] - dwarfutils <not-affected> (Vulnerable code introduced in later version)
[wheezy] - dwarfutils <not-affected> (Vulnerable code introduced in later version)
@@ -21339,8 +21343,8 @@
RESERVED
CVE-2016-7104
RESERVED
-CVE-2016-7102
- RESERVED
+CVE-2016-7102 (ownCloud Desktop before 2.2.3 allows local users to execute arbitrary ...)
+ TODO: check
CVE-2016-7101 (The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers ...)
{DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #836776)
@@ -21601,10 +21605,10 @@
NOTE: Intorduced by: https://git.kernel.org/linus/66e5133f19e901a044fa5eaeeb6ecff4545839e5 (v4.2-rc1)
CVE-2016-7038 (In Moodle 2.x and 3.x, web service tokens are not invalidated when the ...)
- moodle 2.7.16+dfsg-1
-CVE-2016-7037
- RESERVED
-CVE-2016-7036
- RESERVED
+CVE-2016-7037 (The verify function in Encryption/Symmetric.php in Malcolm Fell jwt ...)
+ TODO: check
+CVE-2016-7036 (python-jose before 1.3.2 allows attackers to have unspecified impact ...)
+ TODO: check
CVE-2016-7035 [improper IPC guarding]
RESERVED
- pacemaker 1.1.15-3 (bug #843041)
@@ -21854,8 +21858,7 @@
NOT-FOR-US: Adobe Flash
CVE-2016-6921 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 ...)
NOT-FOR-US: Adobe Flash
-CVE-2016-6920 [exr file Heap Overflow]
- RESERVED
+CVE-2016-6920 (Heap-based buffer overflow in the decode_block function in ...)
- ffmpeg 7:3.1.3-1
- libav <undetermined>
CVE-2016-6919
@@ -22560,8 +22563,8 @@
NOT-FOR-US: Huawei
CVE-2016-6669 (Buffer overflow in the Authentication, Authorization and Accounting ...)
NOT-FOR-US: Huawei
-CVE-2016-6668
- RESERVED
+CVE-2016-6668 (The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 ...)
+ TODO: check
CVE-2016-6667
RESERVED
CVE-2016-6666
@@ -23117,14 +23120,14 @@
NOTE: https://bugs.launchpad.net/bugs/1594060
NOTE: https://github.com/ImageMagick/ImageMagick/pull/223
NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-6603
- RESERVED
-CVE-2016-6602
- RESERVED
-CVE-2016-6601
- RESERVED
-CVE-2016-6600
- RESERVED
+CVE-2016-6603 (ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to ...)
+ TODO: check
+CVE-2016-6602 (ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm ...)
+ TODO: check
+CVE-2016-6601 (Directory traversal vulnerability in the file download functionality ...)
+ TODO: check
+CVE-2016-6600 (Directory traversal vulnerability in the file upload functionality in ...)
+ TODO: check
CVE-2016-6599
RESERVED
CVE-2016-6598
@@ -23159,8 +23162,7 @@
RESERVED
CVE-2016-6583
RESERVED
-CVE-2016-6582 [Doorkeeper does not revoke tokens and wrong auth/auth method]
- RESERVED
+CVE-2016-6582 (The Doorkeeper gem before 4.2.0 for Ruby might allow remote attackers ...)
- ruby-doorkeeper 4.2.0-3 (bug #834843)
NOTE: https://github.com/doorkeeper-gem/doorkeeper/commit/fb938051777a3c9cb071e96fc66458f8f615bd53
NOTE: https://github.com/doorkeeper-gem/doorkeeper/issues/875
@@ -23294,8 +23296,8 @@
- manila-ui 2.5.1-0 (bug #838017)
CVE-2016-6518 (Memory leak in Huawei S9300, S5300, S5700, S6700, S7700, S9700, and ...)
NOT-FOR-US: Huawei
-CVE-2016-6517
- RESERVED
+CVE-2016-6517 (Directory traversal vulnerability in Liferay 5.1.0 allows remote ...)
+ TODO: check
CVE-2016-6515 (The auth_password function in auth-passwd.c in sshd in OpenSSH before ...)
{DLA-594-1}
- openssh 1:7.3p1-1 (bug #833823)
@@ -23328,8 +23330,7 @@
CVE-2016-6522
RESERVED
NOT-FOR-US: OpenBSD
-CVE-2016-6521
- RESERVED
+CVE-2016-6521 (Cross-site request forgery (CSRF) vulnerability in Grails console (aka ...)
- grails <itp> (bug #473213)
CVE-2016-6520 (Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 ...)
- imagemagick <not-affected> (Only affects imagemagick 7, which isn't packaged yet, bug #833485)
@@ -23384,8 +23385,8 @@
NOTE: but not a vulnerability in GnuTLS. Needs https://gitlab.com/gnutls/gnutls/commit/186dc9c2012003587a38d7f4d03edd8da5fe989f
CVE-2016-6485
RESERVED
-CVE-2016-6484
- RESERVED
+CVE-2016-6484 (CRLF injection vulnerability in Infoblox Network Automation NetMRI ...)
+ TODO: check
CVE-2016-6513 (epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x ...)
- wireshark 2.0.5+ga3be9c6-1
[jessie] - wireshark <not-affected> (Only affects 2.x)
@@ -24723,8 +24724,7 @@
NOTE: https://github.com/libgd/libgd/commit/10ef1dca63d62433fda13309b4a228782db823f7
NOTE: Different issue than CVE-2016-6132
NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/5
-CVE-2016-6223 [tiff: information leak in libtiff/tif_read.c]
- RESERVED
+CVE-2016-6223 (The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in ...)
{DSA-3762-1 DLA-693-1 DLA-610-1}
- tiff 4.0.6-2 (bug #842270)
- tiff3 <removed>
@@ -24838,8 +24838,8 @@
RESERVED
CVE-2016-6165
RESERVED
-CVE-2016-6164
- RESERVED
+CVE-2016-6164 (Integer overflow in the mov_build_index function in libavformat/mov.c ...)
+ TODO: check
CVE-2016-1000101
REJECTED
CVE-2016-1000100
@@ -24953,8 +24953,7 @@
CVE-2016-1000007 (Pagure 2.2.1 XSS in raw file endpoint ...)
- pagure <itp> (bug #829046)
NOTE: https://pagure.io/pagure/c/070d63983fe5daef92005ea33d3b8c693c224c77
-CVE-2016-6160 [segfault upon huge frames, missing size check]
- RESERVED
+CVE-2016-6160 (tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause ...)
{DLA-544-1}
- tcpreplay 3.4.4-3 (bug #829350)
[jessie] - tcpreplay 3.4.4-2+deb8u1
@@ -25521,8 +25520,8 @@
[wheezy] - php5 <not-affected> (Vulnerable code not present)
NOTE: PHP bug: https://bugs.php.net/bug.php?id=72494
NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
-CVE-2016-5876
- RESERVED
+CVE-2016-5876 (ownCloud server before 8.2.6 and 9.x before 9.0.3, when the gallery ...)
+ TODO: check
CVE-2016-5875 [tiff: heap-based buffer overflow when using the PixarLog compression format]
RESERVED
{DSA-3762-1 DLA-610-1 DLA-606-1}
@@ -25581,8 +25580,7 @@
TODO: check
CVE-2016-5850 (Cross-site scripting (XSS) vulnerability in the volume backup service ...)
NOT-FOR-US: Huawei
-CVE-2016-5873
- RESERVED
+CVE-2016-5873 (Buffer overflow in the HTTP URL parsing functions in pecl_http before ...)
- php-pecl-http 3.0.1-0.1
[jessie] - php-pecl-http <not-affected> (Vulnerable code not present)
NOTE: https://bugs.php.net/bug.php?id=71719
@@ -26070,8 +26068,7 @@
CVE-2016-5730 (phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x ...)
- phpmyadmin 4:4.6.3-1 (unimportant)
NOTE: path disclosure irrelevant in Debian
-CVE-2016-5742 [SQL injection in MovableType xml-rpc interface]
- RESERVED
+CVE-2016-5742 (SQL injection vulnerability in the XML-RPC interface in Movable Type ...)
{DLA-532-1}
- movabletype-opensource <removed>
NOTE: https://movabletype.org/news/2016/06/movable_type_626_and_613_released.html
@@ -26107,8 +26104,8 @@
NOT-FOR-US: OceanStor
CVE-2016-5721 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra ...)
NOT-FOR-US: Zimbra
-CVE-2016-5720
- RESERVED
+CVE-2016-5720 (Multiple untrusted search path vulnerabilities in Microsoft Skype ...)
+ TODO: check
CVE-2016-5719
RESERVED
CVE-2016-5718
@@ -26163,8 +26160,7 @@
NOT-FOR-US: F5 BIG-IP
CVE-2016-5698
RESERVED
-CVE-2016-5697 [signature wrapping attack vulnerability]
- RESERVED
+CVE-2016-5697 (Ruby-saml before 1.3.0 allows attackers to perform XML signature ...)
- ruby-saml 1.3.0-1 (bug #828076)
NOTE: https://github.com/onelogin/ruby-saml/commit/a571f52171e6bfd87db59822d1d9e8c38fb3b995
CVE-2016-5695
@@ -27940,8 +27936,8 @@
- graphicsmagick 1.3.24-1
NOTE: Fixed by: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/ddc999ec896c
NOTE: DLA-547-1 didn't fix this properly
-CVE-2016-5237
- RESERVED
+CVE-2016-5237 (Valve Steam 3.42.16.13 uses weak permissions for the files in the ...)
+ TODO: check
CVE-2016-5236
RESERVED
CVE-2016-5235
@@ -28749,8 +28745,7 @@
RESERVED
CVE-2016-5120
RESERVED
-CVE-2016-5119
- RESERVED
+CVE-2016-5119 (The automatic update feature in KeePass 2.33 and earlier allows ...)
- keepass2 2.18+dfsg-1
NOTE: autoupdate dialog disabled in Debian via patch, but basically not-affected
CVE-2016-5113
@@ -29248,8 +29243,7 @@
NOTE: PHP bug: https://bugs.php.net/bug.php?id=72227
NOTE: Fixed in 7.0.7, 5.6.22, 5.5.36
NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/3
-CVE-2016-5091
- RESERVED
+CVE-2016-5091 (Extbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and 8.1.1 ...)
- typo3-src <removed>
[wheezy] - typo3-src <end-of-life> (Not supported in Wheezy LTS)
CVE-2016-5044
@@ -29844,8 +29838,8 @@
RESERVED
CVE-2016-4795
RESERVED
-CVE-2016-4793
- RESERVED
+CVE-2016-4793 (The clientIp function in CakePHP 3.2.4 and earlier allows remote ...)
+ TODO: check
CVE-2016-4792 (Pulse Connect Secure (PCS) 8.2 before 8.2r1 allows remote attackers to ...)
NOT-FOR-US: Pulse Connect Secure
CVE-2016-4791 (The administrative user interface in Pulse Connect Secure (PCS) 8.2 ...)
@@ -30767,8 +30761,7 @@
{DSA-3607-1 DLA-516-1}
- linux 4.5.4-1
NOTE: https://git.kernel.org/linus/b8670c09f37bdf2847cc44f36511a53afc6161fd
-CVE-2016-4484
- RESERVED
+CVE-2016-4484 (The Debian initrd script for the cryptsetup package 2:1.7.3-2 and ...)
- cryptsetup 2:1.7.3-2 (unimportant)
NOTE: http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html
NOTE: Negligable security impact
@@ -31183,8 +31176,7 @@
RESERVED
CVE-2016-4339
RESERVED
-CVE-2016-4338 [zabbix-agent: mysql.size shell command injection]
- RESERVED
+CVE-2016-4338 (The mysql user parameter configuration script ...)
- zabbix 1:3.0.3+dfsg-1 (bug #823329)
[jessie] - zabbix 1:2.2.7+dfsg-2+deb8u1
NOTE: http://seclists.org/bugtraq/2016/May/11
@@ -31737,8 +31729,7 @@
NOT-FOR-US: Adobe Reader and Acrobat
CVE-2016-4088 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4340 [Privilege escalation via "impersonate" feature]
- RESERVED
+CVE-2016-4340 (The impersonate feature in Gitlab 8.7.0, 8.6.0 through 8.6.7, 8.5.0 ...)
- gitlab 8.8.2+dfsg-1 (bug #823290)
NOTE: https://about.gitlab.com/2016/05/02/cve-2016-4340-patches/
CVE-2016-4087 (Huawei S12700 switches with software before V200R008C00SPC500 and ...)
@@ -31853,8 +31844,7 @@
NOT-FOR-US: Huawei FusionCompute
CVE-2016-6479
REJECTED
-CVE-2016-4055
- RESERVED
+CVE-2016-4055 (The duration function in the moment package before 2.11.2 for Node.js ...)
- node-moment <unfixed> (unimportant)
NOTE: nodejs not covered by security support
CVE-2016-4050
@@ -31872,43 +31862,38 @@
TODO: check
CVE-2016-4045 (An issue was discovered in Open-Xchange OX App Suite before ...)
TODO: check
-CVE-2015-8862
- RESERVED
+CVE-2015-8862 (mustache package before 2.2.1 for Node.js allows remote attackers to ...)
- mustache.js <unfixed> (unimportant)
NOTE: node-handlebars only in experimental for now, fixed in 4.0.0
NOTE: libv8 is not covered by security support
-CVE-2015-8861
- RESERVED
+CVE-2015-8861 (The handlebars package before 4.0.0 for Node.js allows remote ...)
- mustache.js <unfixed> (unimportant)
NOTE: node-handlebars only in experimental for now, fixed in 4.0.0
NOTE: libv8 is not covered by security support
-CVE-2015-8860
- RESERVED
+CVE-2015-8860 (The tar package before 2.0.0 for Node.js allows remote attackers to ...)
- node-tar <unfixed> (unimportant)
NOTE: libv8 is not covered by security support
-CVE-2015-8859
- RESERVED
-CVE-2015-8858
- RESERVED
+CVE-2015-8859 (The send package before 0.11.1 for Node.js allows attackers to obtain ...)
+ TODO: check
+CVE-2015-8858 (The uglify-js package before 2.6.0 for Node.js allows attackers to ...)
- uglifyjs <unfixed> (unimportant)
NOTE: libv8 is not covered by security support
NOTE: https://nodesecurity.io/advisories/48
-CVE-2015-8854 [marked: regular expression denial of service]
- RESERVED
+CVE-2015-8854 (The marked package before 0.3.4 for Node.js allows attackers to cause ...)
- node-marked <unfixed> (unimportant)
NOTE: https://nodesecurity.io/advisories/marked_redos
NOTE: https://github.com/chjj/marked/issues/497
NOTE: libv8 is not covered by security support
-CVE-2014-9772
- RESERVED
-CVE-2013-7454
- RESERVED
-CVE-2013-7453
- RESERVED
-CVE-2013-7452
- RESERVED
-CVE-2013-7451
- RESERVED
+CVE-2014-9772 (The validator package before 2.0.0 for Node.js allows remote attackers ...)
+ TODO: check
+CVE-2013-7454 (The validator module before 1.1.0 for Node.js allows remote attackers ...)
+ TODO: check
+CVE-2013-7453 (The validator module before 1.1.0 for Node.js allows remote attackers ...)
+ TODO: check
+CVE-2013-7452 (The validator module before 1.1.0 for Node.js allows remote attackers ...)
+ TODO: check
+CVE-2013-7451 (The validator module before 1.1.0 for Node.js allows remote attackers ...)
+ TODO: check
CVE-2015-8866 (ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when ...)
{DLA-499-1}
- php5 5.6.6+dfsg-1
@@ -31928,8 +31913,7 @@
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=16023f3e3b9c06cf677c3c980e8d574e4c162827
NOTE: Fixed in 7.0.0, 5.6.12, 5.5.28, 5.5.44
NOTE: http://www.openwall.com/lists/oss-security/2016/04/21/8
-CVE-2016-4056
- RESERVED
+CVE-2016-4056 (Cross-site scripting (XSS) vulnerability in the Backend component in ...)
- typo3-src <removed>
[wheezy] - typo3-src <end-of-life> (See DSA 3314)
CVE-2016-4054 (Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows ...)
@@ -32081,8 +32065,7 @@
RESERVED
CVE-2016-4011
RESERVED
-CVE-2016-4010
- RESERVED
+CVE-2016-4010 (Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP ...)
NOT-FOR-US: Magento
NOTE: https://magento.com/security/patches/magento-206-security-update
NOTE: http://www.netanelrub.in/2016/05/17/magento-unauthenticated-remote-code-execution/
@@ -34328,8 +34311,7 @@
- torbrowser-launcher 0.2.4-1
[jessie] - torbrowser-launcher 0.1.9-1+deb8u3
NOTE: https://github.com/micahflee/torbrowser-launcher/issues/229
-CVE-2016-3177 [gifcolor: use-after-free in EGifCloseFile]
- RESERVED
+CVE-2016-3177 (Multiple use-after-free and double-free vulnerabilities in gifcolor.c ...)
- giflib <unfixed> (unimportant)
NOTE: https://sourceforge.net/p/giflib/bugs/83/
NOTE: Issue only in gifcolor utility, not installed into giflib-tools
@@ -34405,8 +34387,8 @@
TODO: check
CVE-2016-3148
RESERVED
-CVE-2016-3147
- RESERVED
+CVE-2016-3147 (Buffer overflow in the collector.exe listener of the Landesk ...)
+ TODO: check
CVE-2016-3146
RESERVED
CVE-2016-3145 (Lexmark printers with firmware ATL before ATL.021.063, CB before ...)
@@ -35683,8 +35665,8 @@
NOTE: https://lists.gnu.org/archive/html/qemu-stable/2016-01/msg00060.html
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=23820dbfc79d1c9dce090b4c555994f2bb6a69b3 (v2.4.0-rc0)
TODO: check again after the CVE id split
-CVE-2016-2783
- RESERVED
+CVE-2016-2783 (Avaya Fabric Connect Virtual Services Platform (VSP) Operating System ...)
+ TODO: check
CVE-2016-2780 (Untrusted search path vulnerability in Huawei UTPS before ...)
NOT-FOR-US: Huawei UTPS
CVE-2016-2778
@@ -36827,8 +36809,7 @@
NOT-FOR-US: SAP
CVE-2016-2386 (SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE ...)
NOT-FOR-US: SAP
-CVE-2015-8857 [incorrect handling of non-boolean comparisons during minification]
- RESERVED
+CVE-2015-8857 (The uglify-js package before 2.4.24 for Node.js does not properly ...)
- uglifyjs <unfixed> (unimportant)
NOTE: fixed in 2.4.24
NOTE: https://zyan.scripts.mit.edu/blog/backdooring-js/
@@ -37481,8 +37462,8 @@
NOTE: https://bugs.exim.org/show_bug.cgi?id=1780
NOTE: Possibly introduced after http://vcs.pcre.org/pcre?view=revision&revision=1266
NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1638 (8.39)
-CVE-2016-2242
- RESERVED
+CVE-2016-2242 (Exponent CMS 2.x before 2.3.7 Patch 3 allows remote attackers to ...)
+ TODO: check
CVE-2016-2241
RESERVED
CVE-2016-2240
@@ -39019,8 +39000,7 @@
[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
[wheezy] - imagemagick 8:6.7.7.10-5+deb7u4
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/22/4
-CVE-2016-1925 [Improper handling of length parameter inconsitency]
- RESERVED
+CVE-2016-1925 (Integer underflow in header.c in lha allows remote attackers to have ...)
- lha <removed> (unimportant)
NOTE: Non-free not supported
CVE-2016-1924 (The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote ...)
@@ -40625,8 +40605,8 @@
TODO: check
CVE-2016-1418 (Cisco Aironet Access Point Software 8.2(100.0) on 1830e, 1830i, 1850e, ...)
TODO: check
-CVE-2016-1417
- RESERVED
+CVE-2016-1417 (Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows ...)
+ TODO: check
CVE-2016-1416 (Cisco Prime Collaboration Provisioning 10.6 SP2 (aka 10.6.0.10602) ...)
NOT-FOR-US: Cisco Prime
CVE-2016-1415 (Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, ...)
@@ -40966,8 +40946,8 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/01/04/8
CVE-2016-1282
RESERVED
-CVE-2016-1281
- RESERVED
+CVE-2016-1281 (Untrusted search path vulnerability in the installer for TrueCrypt 7.2 ...)
+ TODO: check
CVE-2015-8742 (The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c ...)
- wireshark 2.0.1+g59ea380-1
[jessie] - wireshark <not-affected> (Only affects 2.x)
@@ -42907,8 +42887,8 @@
NOTE: https://www.samba.org/samba/security/CVE-2016-0771.html
CVE-2016-0770
RESERVED
-CVE-2016-0769
- RESERVED
+CVE-2016-0769 (Multiple SQL injection vulnerabilities in eshop-orders.php in the ...)
+ TODO: check
CVE-2016-0768
RESERVED
CVE-2016-0767
@@ -42919,8 +42899,8 @@
- postgresql-9.4 <unfixed>
- postgresql-9.1 <removed>
[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
-CVE-2016-0765
- RESERVED
+CVE-2016-0765 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
CVE-2016-0764 [Race conditions that could disclose connection secrets to authenticated local users]
RESERVED
- network-manager 1.1.91-1 (bug #820354)
@@ -45812,8 +45792,7 @@
TODO: check
CVE-2015-8318 (Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones ...)
TODO: check
-CVE-2015-8315
- RESERVED
+CVE-2015-8315 (The ms package before 0.7.1 for Node.js allows attackers to cause a ...)
NOT-FOR-US: ms for Node.js
CVE-2015-8314
RESERVED
@@ -46610,9 +46589,9 @@
NOTE: https://sources.debian.net/src/salt/2014.1.13%2Bds-3/salt/utils/verify.py/#L207
NOTE: https://github.com/cachedout/salt/commit/097838ec0c52b1e96f7f761e5fb3cd7e79808741
NOTE: https://github.com/saltstack/salt/issues/28455
-CVE-2014-9755 (The hardware VPN client in Viprinet MultichannelVPN Router 300 verison ...)
+CVE-2014-9755 (The hardware VPN client in Viprinet MultichannelVPN Router 300 version ...)
TODO: check
-CVE-2014-9754 (The hardware VPN client in Viprinet MultichannelVPN Router 300 verison ...)
+CVE-2014-9754 (The hardware VPN client in Viprinet MultichannelVPN Router 300 version ...)
TODO: check
CVE-2015-8075
REJECTED
@@ -47569,8 +47548,8 @@
- mariadb-10.0 10.0.22-1
[jessie] - mariadb-10.0 10.0.22-0+deb8u1
NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2015-7743
- RESERVED
+CVE-2015-7743 (XML external entity vulnerability in PRTG Network Monitor before ...)
+ TODO: check
CVE-2015-7742
RESERVED
CVE-2015-7741
@@ -56364,8 +56343,8 @@
- limesurvey <itp> (bug #472802)
CVE-2015-4627
RESERVED
-CVE-2015-4626
- RESERVED
+CVE-2015-4626 (B.A.S C2Box before 4.0.0 (r19171) relies on client-side validation, ...)
+ TODO: check
CVE-2015-4624
RESERVED
CVE-2015-4623
@@ -61525,8 +61504,7 @@
- ownclound-contacts <itp> (bug #779055)
NOTE: owncloud-contacts fixed in 0.3.0.18+8.0.0+dfsg-1
NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-001
-CVE-2015-8855 [Regular Expression Denial of Service]
- RESERVED
+CVE-2015-8855 (The semver package before 4.3.2 for Node.js allows attackers to cause ...)
- node-semver <unfixed> (unimportant)
NOTE: https://nodesecurity.io/advisories/semver_redos
NOTE: https://github.com/npm/npm/releases/tag/v2.7.5
@@ -63296,8 +63274,7 @@
CVE-2015-2310 [Integer overflow in pointer validation]
RESERVED
- capnproto 0.4.1-3 (bug #780565)
-CVE-2015-8856 [XSS via filename]
- RESERVED
+CVE-2015-8856 (Cross-site scripting (XSS) vulnerability in the serve-index package ...)
- node-serve-index <unfixed> (unimportant)
NOTE: libv8 is not covered by security support
NOTE: https://nodesecurity.io/advisories/serve-static-xss
@@ -74123,8 +74100,7 @@
NOT-FOR-US: WordPress plugin wpSS
CVE-2014-8363 (SQL injection vulnerability in ss_handler.php in the WordPress ...)
NOT-FOR-US: WordPress plugin wpSS
-CVE-2014-8362
- RESERVED
+CVE-2014-8362 (Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable ...)
NOT-FOR-US: Vivint Sky Control Panel
CVE-2014-8361 (The miniigd SOAP service in Realtek SDK allows remote attackers to ...)
NOT-FOR-US: Realtek SDK
@@ -90412,7 +90388,7 @@
- owncloud 6.0.2+dfsg-1
CVE-2014-2046 (cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 ...)
NOT-FOR-US: Broadcom Ltd PIPA C211
-CVE-2014-2045 (Multiple cross-site scripting (XSS) vulnerabilities in the 'old' and ...)
+CVE-2014-2045 (Multiple cross-site scripting (XSS) vulnerabilities in the old and new ...)
TODO: check
CVE-2014-2044 (Incomplete blacklist vulnerability in ajax/upload.php in ownCloud ...)
- owncloud <not-affected> (Windows-specific)
More information about the Secure-testing-commits
mailing list