[Secure-testing-commits] r48632 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Tue Jan 31 21:10:13 UTC 2017


Author: sectracker
Date: 2017-01-31 21:10:13 +0000 (Tue, 31 Jan 2017)
New Revision: 48632

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-01-31 20:46:30 UTC (rev 48631)
+++ data/CVE/list	2017-01-31 21:10:13 UTC (rev 48632)
@@ -1,8 +1,10 @@
 CVE-2017-5666 [invalid free in free_options (options_manager.c)]
+	RESERVED
 	- mp3splt <unfixed>
 	NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-invalid-free-in-free_options-options_manager-c
 	NOTE: https://sourceforge.net/p/mp3splt/bugs/209/
 CVE-2017-5665 [NULL pointer dereference in splt_cue_export_to_file (cue.c)]
+	RESERVED
 	- mp3splt <unfixed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-null-pointer-dereference-in-splt_cue_export_to_file-cue-c
 	NOTE: https://sourceforge.net/p/mp3splt/bugs/209/
@@ -110,6 +112,7 @@
 CVE-2017-5602
 	RESERVED
 CVE-2017-5601 (An error in the lha_read_file_header_1() function ...)
+	{DLA-810-1}
 	- libarchive 3.2.1-6 (bug #853278)
 	[jessie] - libarchive <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/98dcbbf0bf4854bf987557e55e55fff7abbf3ea9
@@ -143,12 +146,14 @@
 CVE-2004-2778
 	RESERVED
 CVE-2017-5667 [sd: sdhci OOB access during multi block SDMA transfer]
+	RESERVED
 	- qemu <unfixed>
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-01/msg06191.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1417559
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/2
 CVE-2017-5668 [Incomplete fix for "Null pointer dereference with file transfer request from unknown contacts"]
+	RESERVED
 	- bitlbee <unfixed> (bug #853282)
 	[jessie] - bitlbee <not-affected> (Incomplete fix for CVE-2016-10189 not applied)
 	[wheezy] - bitlbee <not-affected> (Incomplete fix for CVE-2016-10189 not applied)
@@ -157,6 +162,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/4
 	NOTE: This CVE exists because of an incomplete fix for CVE-2016-10189
 CVE-2016-10189 [Null pointer dereference with file transfer request from unknown contacts]
+	RESERVED
 	- bitlbee 3.5-1
 	NOTE: https://bugs.bitlbee.org/ticket/1282
 	NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f (3.5)
@@ -165,6 +171,7 @@
 	NOTE: https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441
 	NOTE: to not open CVE-2017-5668
 CVE-2016-10188 [bitlbee-libpurple: Use after free when expiring file transfer requests]
+	RESERVED
 	- bitlbee 3.5-1
 	NOTE: https://bugs.bitlbee.org/ticket/1281
 	NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/ea902752503fc5b356d6513911081ec932d804f2 (3.5)
@@ -178,6 +185,7 @@
 	NOTE: https://github.com/netblue30/firejail/commit/b8a4ff9775318ca5e679183884a6a63f3da8f863 (0.9.44.6)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/29/4
 CVE-2016-10187 [javascript in books can access files on the computer using XMLHttpRequest]
+	RESERVED
 	- calibre 2.75.1+dfsg-1 (bug #853004)
 	NOTE: Upstream report: https://launchpad.net/bugs/1651728
 	NOTE: Upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8cce0449d1758eee585ed0d0433c
@@ -245,7 +253,7 @@
 	RESERVED
 CVE-2016-10173 [directory traversal vulnerability]
 	RESERVED
-	{DLA-808-1}
+	{DSA-3778-1 DLA-808-1}
 	- ruby-minitar 0.5.4-3.1 (bug #853075)
 	- ruby-archive-tar-minitar <removed> (bug #853249)
 	NOTE: https://github.com/halostatue/minitar/issues/16
@@ -277,13 +285,14 @@
 	NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0)
 CVE-2016-10166 [Fix potential unsigned underflow]
 	RESERVED
+	{DSA-3777-1}
 	- libgd2 2.2.4-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/libgd/libgd/commit/60bfb401ad5a4a8ae995dcd36372fe15c71e1a35
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1
 CVE-2016-10167 [Fix DOS vulnerability in gdImageCreateFromGd2Ctx()]
 	RESERVED
-	{DLA-804-1}
+	{DSA-3777-1 DLA-804-1}
 	- php7.1 7.1.1-1 (unimportant)
 	- php7.0 7.0.15-1 (unimportant)
 	- php5 <removed> (unimportant)
@@ -294,7 +303,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1
 CVE-2016-10168 [Fix #354: Signed Integer Overflow gd_io.c]
 	RESERVED
-	{DLA-804-1}
+	{DSA-3777-1 DLA-804-1}
 	- php7.1 7.1.1-1 (unimportant)
 	- php7.0 7.0.15-1 (unimportant)
 	- php5 <removed> (unimportant)
@@ -463,6 +472,7 @@
 CVE-2017-5553 (Cross-site scripting (XSS) vulnerability in ...)
 	- b2evolution <removed>
 CVE-2017-5545 (The main function in plistutil.c in libimobiledevice libplist through ...)
+	{DLA-811-1}
 	- libplist <unfixed> (low; bug #852385)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/87
@@ -719,19 +729,19 @@
 CVE-2017-5494 (Multiple cross-site scripting (XSS) vulnerabilities in the file types ...)
 	- b2evolution <removed>
 CVE-2017-5486 (The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2017-5485 (The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2017-5484 (The ATM parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2017-5483 (The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2017-5482 (The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2017-5481
 	RESERVED
@@ -1282,10 +1292,10 @@
 CVE-2017-5343
 	RESERVED
 CVE-2017-5342 (In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2017-5341 (The OTV parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-10141 (An integer overflow vulnerability was observed in the regemit function ...)
 	NOT-FOR-US: MuJS
@@ -1549,21 +1559,22 @@
 CVE-2017-5210
 	RESERVED
 CVE-2017-5209 (The base64decode function in base64.c in libimobiledevice libplist ...)
+	{DLA-811-1}
 	- libplist <unfixed> (low; bug #851196)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: Upstream bug: https://github.com/libimobiledevice/libplist/issues/84
 	NOTE: https://github.com/libimobiledevice/libplist/commit/3a55ddd3c4c11ce75a86afbefd085d8d397ff957
 CVE-2017-5205 (The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2017-5204 (The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2017-5203 (The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2017-5202 (The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2017-5201
 	RESERVED
@@ -2094,76 +2105,91 @@
 	RESERVED
 CVE-2017-5026
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5025
 	RESERVED
+	{DSA-3776-1}
 	- chromium-browser 44.0.2403.157-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- ffmpeg <unfixed>
 CVE-2017-5024
 	RESERVED
+	{DSA-3776-1}
 	- chromium-browser 44.0.2403.157-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- ffmpeg <unfixed>
 CVE-2017-5023
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5022
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5021
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5020
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5019
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5018
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5017
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5016
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5015
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5014
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5013
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5012
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -2171,31 +2197,37 @@
 	NOTE: libv8 not covered by security support
 CVE-2017-5011
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5010
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5009
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5008
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5007
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5006
 	RESERVED
+	{DSA-3776-1}
 	[experimental] - chromium-browser 56.0.2924.76-1
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -4550,8 +4582,7 @@
 	RESERVED
 CVE-2017-3895
 	RESERVED
-CVE-2016-10087 [NULL pointer dereference]
-	RESERVED
+CVE-2016-10087 (The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before ...)
 	- libpng1.6 1.6.27-1 (bug #849799)
 	- libpng <removed>
 	[jessie] - libpng 1.2.50-2+deb8u3
@@ -4873,7 +4904,7 @@
 	NOTE: https://ikiwiki.info/security/#cve-2016-9645
 CVE-2016-10026 [authorization bypass when reverting changes]
 	RESERVED
-	{DSA-3760-1}
+	{DSA-3760-1 DLA-812-1}
 	- ikiwiki 3.20161219
 	NOTE: http://ikiwiki.info/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed/
 	NOTE: Fix: http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=9cada49ed6ad24556dbe9861ad5b0a9f526167f9
@@ -5327,8 +5358,7 @@
 	NOTE: https://simplesamlphp.org/security/201612-02
 	NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/a2326d75dd14accaac162dd2cb30aaefcc1f9205
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/14/7
-CVE-2016-9939 [denial-of-service in ASN1 decoder]
-	RESERVED
+CVE-2016-9939 (Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ...)
 	{DSA-3748-1 DLA-766-1}
 	- libcrypto++ 5.6.4-5 (bug #848009)
 	NOTE: https://github.com/weidai11/cryptopp/issues/346
@@ -13138,7 +13168,7 @@
 	NOTE: https://gitlab.com/iucode-tool/iucode-tool/issues/3
 CVE-2017-0356 [Authentication bypass via repeated parameters]
 	RESERVED
-	{DSA-3760-1}
+	{DSA-3760-1 DLA-812-1}
 	- ikiwiki 3.20170111
 	NOTE: https://ikiwiki.info/security/#cve-2017-0356
 CVE-2016-9772 [OPENAFS-SA-2016-003 - directory information leaks]
@@ -13163,7 +13193,7 @@
 	RESERVED
 CVE-2016-9646 [commit metadata forgery]
 	RESERVED
-	{DSA-3760-1}
+	{DSA-3760-1 DLA-812-1}
 	- ikiwiki 3.20161229
 	NOTE: https://ikiwiki.info/security/#cve-2016-9646
 CVE-2016-9643
@@ -14643,7 +14673,7 @@
 	NOTE: The reason is that the correction is to introduce a new option that can be specified if this new behaviour
 	NOTE: is wanted. It is not enforced by default.
 CVE-2016-9317 (The gdImageCreate function in the GD Graphics Library (aka libgd) ...)
-	{DLA-804-1}
+	{DSA-3777-1 DLA-804-1}
 	- libgd2 2.2.4-1
 	NOTE: https://github.com/libgd/libgd/commit/6944ea10cb730d5071620439c6c2e823e6caeff1
 	NOTE: https://github.com/libgd/libgd/issues/340
@@ -14915,8 +14945,8 @@
 	RESERVED
 CVE-2016-9250
 	RESERVED
-CVE-2016-9249
-	RESERVED
+CVE-2016-9249 (An undisclosed traffic pattern received by a BIG-IP Virtual Server ...)
+	TODO: check
 CVE-2016-9248
 	RESERVED
 CVE-2016-9247 (Under certain conditions for BIG-IP systems using a virtual server ...)
@@ -15230,8 +15260,7 @@
 	NOT-FOR-US: Exponent CMS
 CVE-2016-9133
 	RESERVED
-CVE-2016-9132 [Integer overflow in BER decoder]
-	RESERVED
+CVE-2016-9132 (In Botan 1.8.0 through 1.11.33, when decoding BER data an integer ...)
 	{DLA-786-1}
 	- botan1.10 1.10.14-1
 	[jessie] - botan1.10 <no-dsa> (Minor issue)
@@ -15281,8 +15310,7 @@
 	- linux 4.6.1-1 (unimportant)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/9590232bb4f4cc824f3425a6e1349afbe6d6d2b7 (v4.6-rc1)
-CVE-2016-9119 [XSS in GUI editor's link dialogue]
-	RESERVED
+CVE-2016-9119 (Cross-site scripting (XSS) vulnerability in the link dialogue in GUI ...)
 	{DSA-3715-1 DLA-717-1}
 	- moin 1.9.9-1 (bug #844338)
 	NOTE: Fixed by: http://hg.moinmo.in/moin/1.9/rev/3bddf075fdbd
@@ -17040,10 +17068,10 @@
 	NOTE: https://github.com/appc/docker2aci/issues/203
 	NOTE: https://github.com/lucab/docker2aci/commit/54331ec7020e102935c31096f336d31f6400064f
 CVE-2016-8575 (The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-8574 (The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-8573
 	RESERVED
@@ -19176,10 +19204,10 @@
 	- qemu-kvm <not-affected> (Vulnerable code introduced in 2.4.0-rc0)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg04129.html
 CVE-2016-7993 (A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7992 (The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7991 (On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores ...)
 	NOT-FOR-US: Samsung
@@ -19192,16 +19220,16 @@
 CVE-2016-7987
 	RESERVED
 CVE-2016-7986 (The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7985 (The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7984 (The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7983 (The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7982 (Directory traversal vulnerability in ecrire/exec/valider_xml.php in ...)
 	{DLA-695-1}
@@ -19240,13 +19268,13 @@
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23202 (3.0)
 	NOTE: reproducible in Wheezy (2.1.17-1+deb7u5) and Jessie (3.0.17-2+deb8u2)
 CVE-2016-7975 (The TCP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7974 (The IP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7973 (The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7972
 	RESERVED
@@ -19402,61 +19430,61 @@
 CVE-2016-7941
 	RESERVED
 CVE-2016-7940 (The STP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7939 (The GRE parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7938 (The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7937 (The VAT parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7936 (The UDP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7935 (The RTP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7934 (The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7933 (The PPP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7932 (The PIM parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7931 (The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7930 (The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7929 (The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7928 (The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7927 (The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7926 (The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7925 (The compressed SLIP parser in tcpdump before 4.9.0 has a buffer ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7924 (The ATM parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7923 (The ARP parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7922 (The AH parser in tcpdump before 4.9.0 has a buffer overflow in ...)
-	{DSA-3775-1}
+	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7920
 	RESERVED
@@ -19753,8 +19781,7 @@
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #840437)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/280
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa
-CVE-2016-7798 [IV Reuse in GCM Mode]
-	RESERVED
+CVE-2016-7798 (The openssl gem for Ruby uses the same initialization vector (IV) in ...)
 	- ruby2.3 <unfixed> (bug #842432)
 	- ruby2.1 <removed> (bug #842544)
 	[jessie] - ruby2.1 <no-dsa> (Minor issue)
@@ -20367,8 +20394,7 @@
 	NOTE: Marked as exception as not-affected, although the source is affected but the built
 	NOTE: binary packages do not contain the sandbox binary. We cannot use 'unimportant'
 	NOTE: severity here since the unstable version builts a binary package which contains it.
-CVE-2016-7544
-	RESERVED
+CVE-2016-7544 (Crypto++ 5.6.4 incorrectly uses Microsoft's stack-based _malloca and ...)
 	- libcrypto++ <not-affected> (Vulnerable code intorduced in 5.6.4, only affects Windows and Microsoft compilers)
 CVE-2016-7543 (Bash before 4.4 allows local users to execute arbitrary commands with ...)
 	{DLA-680-1}
@@ -22255,6 +22281,7 @@
 CVE-2016-6913 (Cross-site scripting (XSS) vulnerability in AlienVault OSSIM before ...)
 	NOT-FOR-US: OSSIM
 CVE-2016-6912 (Double free vulnerability in the gdImageWebPtr function in the GD ...)
+	{DSA-3777-1}
 	- libgd2 2.2.4-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/libgd/libgd/commit/a49feeae76d41959d85ee733925a4cf40bac61b2
@@ -22268,6 +22295,7 @@
 	RESERVED
 CVE-2016-6906 [OOB reads of the TGA decompression buffer]
 	RESERVED
+	{DSA-3777-1}
 	- libgd2 2.2.4-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://github.com/libgd/libgd/commit/fb0e0cce0b9f25389ab56604c3547351617e1415
@@ -23246,8 +23274,7 @@
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-29/
 CVE-2016-6605
 	RESERVED
-CVE-2016-6604
-	RESERVED
+CVE-2016-6604 (NULL pointer dereference in Samsung Exynos fimg2d driver for Android ...)
 	NOT-FOR-US: Samsung
 CVE-2016-7513 [off-by-one error leading to segfault]
 	RESERVED
@@ -24495,16 +24522,16 @@
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 CVE-2016-6271 (The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows ...)
 	TODO: check
-CVE-2016-6270
-	RESERVED
-CVE-2016-6269
-	RESERVED
-CVE-2016-6268
-	RESERVED
-CVE-2016-6267
-	RESERVED
-CVE-2016-6266
-	RESERVED
+CVE-2016-6270 (The handle_certificate function in ...)
+	TODO: check
+CVE-2016-6269 (Multiple directory traversal vulnerabilities in Trend Micro Smart ...)
+	TODO: check
+CVE-2016-6268 (Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before ...)
+	TODO: check
+CVE-2016-6267 (SnmpUtils in Trend Micro Smart Protection Server 2.5 before build ...)
+	TODO: check
+CVE-2016-6266 (ccca_ajaxhandler.php in Trend Micro Smart Protection Server 2.5 before ...)
+	TODO: check
 CVE-2016-6260
 	RESERVED
 CVE-2016-6259 (Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access ...)
@@ -25218,8 +25245,8 @@
 	RESERVED
 CVE-2016-6168
 	RESERVED
-CVE-2016-6167
-	RESERVED
+CVE-2016-6167 (Multiple untrusted search path vulnerabilities in Putty beta 0.67 ...)
+	TODO: check
 CVE-2016-6166
 	RESERVED
 CVE-2016-6165
@@ -27268,8 +27295,7 @@
 	NOTE: https://bugs.python.org/issue26171
 CVE-2016-5433 (Citrix iOS Receiver before 7.0 allows attackers to cause TLS ...)
 	NOT-FOR-US: Citrix
-CVE-2016-5434
-	RESERVED
+CVE-2016-5434 (libalpm, as used in pacman 5.0.1, allows remote attackers to cause a ...)
 	NOT-FOR-US: libalpm (Arch Linux Package Management (ALPM) library)
 CVE-2016-5432 (The ovirt-engine-provisiondb utility in Red Hat Enterprise ...)
 	NOT-FOR-US: ovirt-engine
@@ -29730,8 +29756,7 @@
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1330237
-CVE-2016-5026 [unsafe handling of temporary directory]
-	RESERVED
+CVE-2016-5026 (hs.py in OnionShare before 0.9.1 allows local users to modify the ...)
 	- onionshare 0.8.1-2 (unimportant)
 	[jessie] - onionshare <not-affected> (Vulnerable code not present)
 	NOTE: Neutralised by kernel hardening (also contrib and non-free not supported)
@@ -36883,25 +36908,21 @@
 	NOTE: Fixed versions: 2.0.2, 1.12.10
 CVE-2016-2520
 	RESERVED
-CVE-2016-2519 [ctl_getitem() return value not always checked]
-	RESERVED
+CVE-2016-2519 (ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote ...)
 	- ntp 1:4.2.8p7+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
-CVE-2016-2518 [Crafted addpeer with hmode > 7 causes out-of-bounds reference]
-	RESERVED
+CVE-2016-2518 (The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
-CVE-2016-2517 [Remote configuration trustedkey/requestkey/controlkey values are not properly validated]
-	RESERVED
+CVE-2016-2517 (NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to ...)
 	- ntp 1:4.2.8p7+dfsg-1 (unimportant)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
 	NOTE: not a security issue, anyone with the privileges for remote configuration can
 	NOTE: cause trouble anyway
-CVE-2016-2516 [Duplicate IPs on unconfig directives will cause an assertion failure]
-	RESERVED
+CVE-2016-2516 (NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
@@ -37164,15 +37185,14 @@
 	NOTE: https://github.com/beanshell/beanshell/releases/tag/2.0b6
 	NOTE: https://github.com/beanshell/beanshell/commit/7c68fde2d6fc65e362f20863d868c112a90a9b49
 	NOTE: https://github.com/beanshell/beanshell/commit/1ccc66bb693d4e46a34a904db8eeff07808d2ced
-CVE-2016-2402
-	RESERVED
+CVE-2016-2402 (OkHttp before 2.7.4 and 3.x before 3.1.2 allows man-in-the-middle ...)
 	NOT-FOR-US: OkHttp
 CVE-2016-2401
 	RESERVED
 CVE-2016-2400
 	RESERVED
-CVE-2016-2399
-	RESERVED
+CVE-2016-2399 (Integer overflow in the quicktime_read_pascal function in libquicktime ...)
+	TODO: check
 CVE-2016-2398 (Comcast XFINITY Home Security System does not properly maintain ...)
 	NOT-FOR-US: XFINITY
 CVE-2016-2397 (The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA ...)
@@ -38519,8 +38539,7 @@
 	NOTE: https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
 	NOTE: https://core.trac.wordpress.org/changeset/36435
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/04/4
-CVE-2016-2217 [Socat security advisory 7 - Created new 2048bit DH modulus]
-	RESERVED
+CVE-2016-2217 (The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does ...)
 	- socat 1.7.3.1-1 (bug #813536)
 	[jessie] - socat <not-affected> (Broken 1024bit DH parameter generated in 1.7.3.0)
 	[wheezy] - socat <not-affected> (Broken 1024bit DH parameter generated in 1.7.3.0)
@@ -46574,8 +46593,7 @@
 	RESERVED
 CVE-2015-8159
 	RESERVED
-CVE-2015-8158 [Potential Infinite Loop in ntpq]
-	RESERVED
+CVE-2015-8158 (The getresponse function in ntpq in NTP versions before 4.2.8p9 and ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
@@ -46610,24 +46628,21 @@
 	RESERVED
 CVE-2015-8141
 	RESERVED
-CVE-2015-8140 [ntpq vulnerable to replay attacks]
-	RESERVED
+CVE-2015-8140 (The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to ...)
 	- ntp 1:4.2.8p7+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue, no code fix by upstream and mitigation exists)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2947
 	NOTE: Mitigated in 4.2.8p6
-CVE-2015-8139 [Origin Leak: ntpq and ntpdc, disclose origin]
-	RESERVED
+CVE-2015-8139 (ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin ...)
 	- ntp 1:4.2.8p7+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue, no code fix by upstream and mitigation exists)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2946
 	NOTE: Mitigated in 4.2.8p6
-CVE-2015-8138 [ntp: missing check for zero originate timestamp]
-	RESERVED
+CVE-2015-8138 (NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0077/
@@ -46962,8 +46977,7 @@
 	[squeeze] - polarssl <not-affected> (Vulnerable code introduced later)
 	NOTE: support for session tickets added in 1.3.0.
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01
-CVE-2015-8034 [information leak from state.sls cache data stored as world-readable]
-	RESERVED
+CVE-2015-8034 (The state.sls function in Salt before 2015.8.3 uses weak permissions ...)
 	- salt 2015.8.3+ds-1 (bug #807356)
 	[jessie] - salt <no-dsa> (Minor issue)
 	NOTE: For jessie: /var/cache/salt/minion is created with restricted permissions on
@@ -47138,29 +47152,25 @@
 	- linux-2.6 <removed>
 	NOTE: https://lkml.org/lkml/2015/10/16/530
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/27/5
-CVE-2015-7979 [Off-path Denial of Service (DoS) attack on authenticated broadcast mode]
-	RESERVED
+CVE-2015-7979 (NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2942
 	NOTE: https://github.com/ntp-project/ntp/commit/fe46889f7baa75fc8e6c0fcde87706d396ce1461
-CVE-2015-7978 [Stack exhaustion in recursive traversal of restriction list]
-	RESERVED
+CVE-2015-7978 (NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2940
 	NOTE: https://github.com/ntp-project/ntp/commit/8a0c765f3c47633fa262356b0818788d1cf249b1
-CVE-2015-7977 [reslist NULL pointer dereference]
-	RESERVED
+CVE-2015-7977 (ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2939
 	NOTE: https://github.com/ntp-project/ntp/commit/8a0c765f3c47633fa262356b0818788d1cf249b1
-CVE-2015-7976 [ntpq saveconfig command allows dangerous characters in filenames]
-	RESERVED
+CVE-2015-7976 (The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, ...)
 	- ntp 1:4.2.8p7+dfsg-1 (low)
 	[jessie] - ntp <no-dsa> (Minor issue, mitigation exists)
 	[wheezy] - ntp <no-dsa> (Minor issue, can be fixed along in a future update)
@@ -47168,8 +47178,7 @@
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2938
 	NOTE: https://github.com/ntp-project/ntp/commit/3680c2e4d5f88905ce062c7b43305d610a2c9796
 	NOTE: https://github.com/ntp-project/ntp/commit/7fe04606062ed674db3b9553d32dedad29504d61
-CVE-2015-7975 [nextvar() missing length check]
-	RESERVED
+CVE-2015-7975 (The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 ...)
 	- ntp 1:4.2.8p7+dfsg-1
 	[jessie] - ntp <not-affected> (Introduced in 4.2.8)
 	[wheezy] - ntp <not-affected> (Introduced in 4.2.8)
@@ -47180,8 +47189,7 @@
 	- ntp 1:4.2.8p7+dfsg-1 (low)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2936
-CVE-2015-7973 [Deja Vu: Replay attack on authenticated broadcast mode]
-	RESERVED
+CVE-2015-7973 (NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in ...)
 	- ntp 1:4.2.8p7+dfsg-1 (low)
 	[jessie] - ntp <no-dsa> (Minor issue, can be fixed along in a future update)
 	[wheezy] - ntp <no-dsa> (Minor issue, can be fixed along in a future update)
@@ -49183,8 +49191,7 @@
 	RESERVED
 CVE-2015-7332
 	RESERVED
-CVE-2015-7331
-	RESERVED
+CVE-2015-7331 (The mcollective-puppet-agent plugin before 1.11.1 for Puppet allows ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
 	NOTE: https://puppet.com/security/cve/cve-2015-7331
 CVE-2015-7330 (Puppet Enterprise 2015.3 before 2015.3.1 allows remote attackers to ...)
@@ -64112,15 +64119,13 @@
 	NOT-FOR-US: ZeusCart
 CVE-2015-2182 (Multiple cross-site scripting (XSS) vulnerabilities in ZeusCart 4 ...)
 	NOT-FOR-US: ZeusCart
-CVE-2015-2181 [buffer overflows in the roundcube DBMail driver for the password plugin]
-	RESERVED
+CVE-2015-2181 (Multiple buffer overflows in the DBMail driver in the Password plugin ...)
 	- roundcube 1.1.1+dfsg.1-2
 	[wheezy] - roundcube <not-affected> (variable and chgdbmailusers.c does not exist)
 	NOTE: http://trac.roundcube.net/ticket/1490261
 	NOTE: http://advisories.mageia.org/MGASA-2015-0400.html
 	NOTE: http://lists.opensuse.org/opensuse-updates/2015-07/msg00032.html
-CVE-2015-2180 [execute arbitrary shell commands as root from the roundcube DBMail driver for the password plugin]
-	RESERVED
+CVE-2015-2180 (The DBMail driver in the Password plugin in Roundcube before 1.1.0 ...)
 	- roundcube 1.1.1+dfsg.1-2
 	[wheezy] - roundcube <not-affected> (dbmail driver does not exist)
 	NOTE: http://trac.roundcube.net/ticket/1490261




More information about the Secure-testing-commits mailing list