[Secure-testing-commits] r53213 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Thu Jul 6 09:10:13 UTC 2017


Author: sectracker
Date: 2017-07-06 09:10:13 +0000 (Thu, 06 Jul 2017)
New Revision: 53213

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-06 08:46:48 UTC (rev 53212)
+++ data/CVE/list	2017-07-06 09:10:13 UTC (rev 53213)
@@ -1,3 +1,85 @@
+CVE-2017-10969
+	RESERVED
+CVE-2017-10968
+	RESERVED
+CVE-2017-10967
+	RESERVED
+CVE-2017-10966
+	RESERVED
+CVE-2017-10965
+	RESERVED
+CVE-2017-10964
+	RESERVED
+CVE-2017-10963
+	RESERVED
+CVE-2017-10962
+	RESERVED
+CVE-2017-10961
+	RESERVED
+CVE-2017-10960
+	RESERVED
+CVE-2017-10959
+	RESERVED
+CVE-2017-10958
+	RESERVED
+CVE-2017-10957
+	RESERVED
+CVE-2017-10956
+	RESERVED
+CVE-2017-10955
+	RESERVED
+CVE-2017-10954
+	RESERVED
+CVE-2017-10953
+	RESERVED
+CVE-2017-10952
+	RESERVED
+CVE-2017-10951
+	RESERVED
+CVE-2017-10950
+	RESERVED
+CVE-2017-10949
+	RESERVED
+CVE-2017-10948
+	RESERVED
+CVE-2017-10947
+	RESERVED
+CVE-2017-10946
+	RESERVED
+CVE-2017-10945
+	RESERVED
+CVE-2017-10944
+	RESERVED
+CVE-2017-10943
+	RESERVED
+CVE-2017-10942
+	RESERVED
+CVE-2017-10941
+	RESERVED
+CVE-2017-10940
+	RESERVED
+CVE-2017-10939
+	RESERVED
+CVE-2017-10938
+	RESERVED
+CVE-2017-10937
+	RESERVED
+CVE-2017-10936
+	RESERVED
+CVE-2017-10935
+	RESERVED
+CVE-2017-10934
+	RESERVED
+CVE-2017-10933
+	RESERVED
+CVE-2017-10932
+	RESERVED
+CVE-2017-10931
+	RESERVED
+CVE-2017-10930
+	RESERVED
+CVE-2016-10396 (The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable ...)
+	TODO: check
 CVE-2017-10929 (The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 ...)
 	- radare2 <unfixed> (bug #867369)
 	[stretch] - radare2 <no-dsa> (Minor issue)
@@ -2433,7 +2515,7 @@
 CVE-2017-9779
 	RESERVED
 CVE-2012-6706 (A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as ...)
-	{DLA-1003-1}
+	{DLA-1014-1 DLA-1003-1}
 	- unrar-nonfree 1:5.5.5-1 (bug #865461)
 	[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[jessie] - unrar-nonfree <no-dsa> (Non-free not supported)
@@ -3572,7 +3654,7 @@
 	[jessie] - imagemagick <no-dsa> (Minor issue, wait until more severe issues arise)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/457
 CVE-2017-9404 (In LibTIFF 4.0.7, a memory leak vulnerability was found in the function ...)
-	{DSA-3903-1 DLA-984-1 DLA-983-1}
+	{DLA-984-1 DLA-983-1}
 	- tiff 4.0.8-1
 	[jessie] - tiff 4.0.3-12.3+deb8u4
 	- tiff3 <removed>
@@ -3589,7 +3671,7 @@
 	NOTE: with backtrace following the methods in http://bugzilla.maptools.org/show_bug.cgi?id=2688
 	NOTE: is shown.
 CVE-2017-9403 (In LibTIFF 4.0.7, a memory leak vulnerability was found in the function ...)
-	{DSA-3903-1 DLA-984-1 DLA-983-1}
+	{DLA-984-1 DLA-983-1}
 	- tiff 4.0.8-1
 	[jessie] - tiff 4.0.3-12.3+deb8u4
 	- tiff3 <removed>
@@ -4501,7 +4583,7 @@
 	NOTE: http://freeradius.org/security.html#session-resumption-2017
 	NOTE: https://anonscm.debian.org/cgit/pkg-freeradius/freeradius.git/commit/?id=8d681449aa95ee4388b5e3c266bdb070a264f563
 CVE-2017-9147 (LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in ...)
-	{DSA-3903-1 DLA-984-1 DLA-983-1}
+	{DLA-984-1 DLA-983-1}
 	- tiff 4.0.8-2 (bug #863185)
 	[jessie] - tiff 4.0.3-12.3+deb8u4
 	- tiff3 <removed>
@@ -9142,7 +9224,7 @@
 	RESERVED
 CVE-2017-7526 [Use of left-to-right sliding window method allows full RSA key recovery]
 	RESERVED
-	{DSA-3901-1}
+	{DSA-3901-1 DLA-1015-1}
 	- libgcrypt20 1.7.8-1
 	- libgcrypt11 <removed>
 	NOTE: https://eprint.iacr.org/2017/627
@@ -11646,22 +11728,22 @@
 	NOT-FOR-US: Cisco
 CVE-2017-6715 (A vulnerability in the web framework of Cisco Firepower Management ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6714
-	RESERVED
-CVE-2017-6713
-	RESERVED
-CVE-2017-6712
-	RESERVED
-CVE-2017-6711
-	RESERVED
+CVE-2017-6714 (A vulnerability in the AutoIT service of Cisco Ultra Services Framework ...)
+	TODO: check
+CVE-2017-6713 (A vulnerability in the Play Framework of Cisco Elastic Services ...)
+	TODO: check
+CVE-2017-6712 (A vulnerability in certain commands of Cisco Elastic Services ...)
+	TODO: check
+CVE-2017-6711 (A vulnerability in the Ultra Automation Service (UAS) of the Cisco ...)
+	TODO: check
 CVE-2017-6710
 	RESERVED
-CVE-2017-6709
-	RESERVED
-CVE-2017-6708
-	RESERVED
-CVE-2017-6707
-	RESERVED
+CVE-2017-6709 (A vulnerability in the AutoVNF tool for the Cisco Ultra Services ...)
+	TODO: check
+CVE-2017-6708 (A vulnerability in the symbolic link (symlink) creation functionality ...)
+	TODO: check
+CVE-2017-6707 (A vulnerability in the CLI command-parsing code of the Cisco StarOS ...)
+	TODO: check
 CVE-2017-6706 (A vulnerability in the logging subsystem of the Cisco Prime ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6705 (A vulnerability in the filesystem of the Cisco Prime Collaboration ...)
@@ -17641,7 +17723,7 @@
 CVE-2017-4955 (An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions ...)
 	NOT-FOR-US: Pivotal PCF Elastic Runtime
 CVE-2016-10095 (Stack-based buffer overflow in the _TIFFVGetField function in ...)
-	{DSA-3903-1 DLA-984-1 DLA-983-1}
+	{DLA-984-1 DLA-983-1}
 	- tiff 4.0.8-2 (bug #850316)
 	[jessie] - tiff 4.0.3-12.3+deb8u4
 	- tiff3 <removed>




More information about the Secure-testing-commits mailing list