[Secure-testing-commits] r53724 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Thu Jul 20 21:10:14 UTC 2017 

Author: sectracker
Date: 2017-07-20 21:10:14 +0000 (Thu, 20 Jul 2017)
New Revision: 53724

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-20 20:13:04 UTC (rev 53723)
+++ data/CVE/list	2017-07-20 21:10:14 UTC (rev 53724)
@@ -1,3 +1,33 @@
+CVE-2017-11493
+	RESERVED
+CVE-2017-11492
+	RESERVED
+CVE-2017-11491
+	RESERVED
+CVE-2017-11490
+	RESERVED
+CVE-2017-11489
+	RESERVED
+CVE-2017-11488
+	RESERVED
+CVE-2017-11487
+	RESERVED
+CVE-2017-11486
+	RESERVED
+CVE-2017-11485
+	RESERVED
+CVE-2017-11484
+	RESERVED
+CVE-2017-11483
+	RESERVED
+CVE-2017-11482
+	RESERVED
+CVE-2017-11481
+	RESERVED
+CVE-2017-11480
+	RESERVED
+CVE-2017-11479
+	RESERVED
 CVE-2017-11477
 	RESERVED
 CVE-2017-11476
@@ -380,7 +410,8 @@
 	[stretch] - imagemagick 8:6.9.7.4+dfsg-11+deb9u1
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/525
-CVE-2017-11478 [CPU exhaustion in ReadOneDJVUImage]
+CVE-2017-11478 (The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through ...)
+	{DSA-3914-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867826)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/528
 CVE-2017-XXXX [CPU exhaustion in ReadOneMNGImage]
@@ -989,6 +1020,7 @@
 CVE-2017-1000027 (Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable ...)
 	NOT-FOR-US: Koozali Foundation SME Server
 CVE-2017-1000026 (Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable ...)
+	{DSA-3915-1}
 	- ruby-mixlib-archive <unfixed> (bug #868572)
 	NOTE: https://github.com/chef/mixlib-archive/pull/6
 	NOTE: https://github.com/chef/mixlib-archive/pull/6/commits/3a874a24aed6ee93fbccf97efe0ecc999bafe87d
@@ -2859,8 +2891,8 @@
 	RESERVED
 CVE-2017-9823
 	RESERVED
-CVE-2017-9822
-	RESERVED
+CVE-2017-9822 (DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a ...)
+	TODO: check
 CVE-2017-9821
 	RESERVED
 CVE-2017-9820
@@ -2954,8 +2986,8 @@
 	NOTE: Issue is specific to Struts 2.x.
 CVE-2017-9786
 	RESERVED
-CVE-2017-9785
-	RESERVED
+CVE-2017-9785 (Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse ...)
+	TODO: check
 CVE-2017-9784
 	RESERVED
 CVE-2017-9783
@@ -12752,134 +12784,134 @@
 	RESERVED
 CVE-2017-7070
 	RESERVED
-CVE-2017-7069
-	RESERVED
-CVE-2017-7068
-	RESERVED
-CVE-2017-7067
-	RESERVED
+CVE-2017-7069 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7068 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7067 (An issue was discovered in certain Apple products. macOS before ...)
+	TODO: check
 CVE-2017-7066
 	RESERVED
 CVE-2017-7065
 	RESERVED
-CVE-2017-7064
-	RESERVED
-CVE-2017-7063
-	RESERVED
-CVE-2017-7062
-	RESERVED
-CVE-2017-7061
-	RESERVED
-CVE-2017-7060
-	RESERVED
-CVE-2017-7059
-	RESERVED
-CVE-2017-7058
-	RESERVED
+CVE-2017-7064 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7063 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7062 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7061 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7060 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7059 (A DOMParser XSS issue was discovered in certain Apple products. iOS ...)
+	TODO: check
+CVE-2017-7058 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
 CVE-2017-7057
 	RESERVED
-CVE-2017-7056
-	RESERVED
-CVE-2017-7055
-	RESERVED
-CVE-2017-7054
-	RESERVED
-CVE-2017-7053
-	RESERVED
-CVE-2017-7052
-	RESERVED
-CVE-2017-7051
-	RESERVED
-CVE-2017-7050
-	RESERVED
-CVE-2017-7049
-	RESERVED
-CVE-2017-7048
-	RESERVED
-CVE-2017-7047
-	RESERVED
-CVE-2017-7046
-	RESERVED
-CVE-2017-7045
-	RESERVED
-CVE-2017-7044
-	RESERVED
-CVE-2017-7043
-	RESERVED
-CVE-2017-7042
-	RESERVED
-CVE-2017-7041
-	RESERVED
-CVE-2017-7040
-	RESERVED
-CVE-2017-7039
-	RESERVED
-CVE-2017-7038
-	RESERVED
-CVE-2017-7037
-	RESERVED
-CVE-2017-7036
-	RESERVED
-CVE-2017-7035
-	RESERVED
-CVE-2017-7034
-	RESERVED
-CVE-2017-7033
-	RESERVED
-CVE-2017-7032
-	RESERVED
-CVE-2017-7031
-	RESERVED
-CVE-2017-7030
-	RESERVED
-CVE-2017-7029
-	RESERVED
-CVE-2017-7028
-	RESERVED
-CVE-2017-7027
-	RESERVED
-CVE-2017-7026
-	RESERVED
-CVE-2017-7025
-	RESERVED
-CVE-2017-7024
-	RESERVED
-CVE-2017-7023
-	RESERVED
-CVE-2017-7022
-	RESERVED
-CVE-2017-7021
-	RESERVED
-CVE-2017-7020
-	RESERVED
-CVE-2017-7019
-	RESERVED
-CVE-2017-7018
-	RESERVED
-CVE-2017-7017
-	RESERVED
-CVE-2017-7016
-	RESERVED
-CVE-2017-7015
-	RESERVED
-CVE-2017-7014
-	RESERVED
-CVE-2017-7013
-	RESERVED
-CVE-2017-7012
-	RESERVED
-CVE-2017-7011
-	RESERVED
-CVE-2017-7010
-	RESERVED
-CVE-2017-7009
-	RESERVED
-CVE-2017-7008
-	RESERVED
-CVE-2017-7007
-	RESERVED
-CVE-2017-7006
-	RESERVED
+CVE-2017-7056 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7055 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7054 (An issue was discovered in certain Apple products. macOS before ...)
+	TODO: check
+CVE-2017-7053 (An issue was discovered in certain Apple products. iTunes before ...)
+	TODO: check
+CVE-2017-7052 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7051 (An issue was discovered in certain Apple products. macOS before ...)
+	TODO: check
+CVE-2017-7050 (An issue was discovered in certain Apple products. macOS before ...)
+	TODO: check
+CVE-2017-7049 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7048 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7047 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7046 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7045 (An issue was discovered in certain Apple products. macOS before ...)
+	TODO: check
+CVE-2017-7044 (An issue was discovered in certain Apple products. macOS before ...)
+	TODO: check
+CVE-2017-7043 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7042 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7041 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7040 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7039 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7038 (A DOMParser XSS issue was discovered in certain Apple products. iOS ...)
+	TODO: check
+CVE-2017-7037 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7036 (An issue was discovered in certain Apple products. macOS before ...)
+	TODO: check
+CVE-2017-7035 (An issue was discovered in certain Apple products. macOS before ...)
+	TODO: check
+CVE-2017-7034 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7033 (An issue was discovered in certain Apple products. macOS before ...)
+	TODO: check
+CVE-2017-7032 (An issue was discovered in certain Apple products. macOS before ...)
+	TODO: check
+CVE-2017-7031 (An issue was discovered in certain Apple products. macOS before ...)
+	TODO: check
+CVE-2017-7030 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7029 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7028 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7027 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7026 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7025 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7024 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7023 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7022 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7021 (An issue was discovered in certain Apple products. macOS before ...)
+	TODO: check
+CVE-2017-7020 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7019 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7018 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7017 (An issue was discovered in certain Apple products. macOS before ...)
+	TODO: check
+CVE-2017-7016 (An issue was discovered in certain Apple products. macOS before ...)
+	TODO: check
+CVE-2017-7015 (An issue was discovered in certain Apple products. macOS before ...)
+	TODO: check
+CVE-2017-7014 (An issue was discovered in certain Apple products. macOS before ...)
+	TODO: check
+CVE-2017-7013 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7012 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7011 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7010 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7009 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7008 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7007 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
+CVE-2017-7006 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
 CVE-2017-7005
 	RESERVED
 CVE-2017-7004
@@ -13993,12 +14025,12 @@
 	NOT-FOR-US: webpagetest
 CVE-2017-6533 (A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. ...)
 	NOT-FOR-US: webpagetest
-CVE-2017-6532
-	RESERVED
-CVE-2017-6531
-	RESERVED
-CVE-2017-6530
-	RESERVED
+CVE-2017-6532 (Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 ...)
+	TODO: check
+CVE-2017-6531 (On Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20, ...)
+	TODO: check
+CVE-2017-6530 (Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 do ...)
+	TODO: check
 CVE-2017-6529 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is ...)
 	NOT-FOR-US: dnaLIMS
 CVE-2017-6528 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is ...)
@@ -26194,8 +26226,8 @@
 	- sqlite3 <undetermined>
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=199
 	NOTE: https://clusterfuzz-external.appspot.com/testcase?key=4603622180519936
-CVE-2017-2517
-	RESERVED
+CVE-2017-2517 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...)
+	TODO: check
 CVE-2017-2516 (An issue was discovered in certain Apple products. macOS before ...)
 	NOT-FOR-US: Apple
 CVE-2017-2515 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...)
@@ -30891,8 +30923,7 @@
 	RESERVED
 CVE-2017-0379
 	RESERVED
-CVE-2017-0378 [reflected XSS]
-	RESERVED
+CVE-2017-0378 (XSS exists in the login_form function in views/helpers.php in Phamm ...)
 	- phamm <unfixed> (bug #868988)
 	[stretch] - phamm <no-dsa> (Minor issue)
 	[jessie] - phamm <no-dsa> (Minor issue)
@@ -92876,7 +92907,7 @@
 	[squeeze] - subversion <not-affected> (Introduced in 1.7.0)
 	NOTE: http://subversion.apache.org/security/CVE-2014-8108-advisory.txt
 CVE-2014-8107
-	RESERVED
+	REJECTED
 CVE-2014-8106 (Heap-based buffer overflow in the Cirrus VGA emulator ...)
 	{DSA-3088-1 DSA-3087-1}
 	- qemu 2.1+dfsg-9 (bug #772025)
@@ -114558,7 +114589,7 @@
 CVE-2014-0053 (The default configuration of the Resources plugin 1.0.0 before 1.2.6 ...)
 	- grails <itp> (bug #473213)
 CVE-2014-0052
-	RESERVED
+	REJECTED
 CVE-2014-0051
 	REJECTED
 CVE-2014-0050 (MultipartStream.java in Apache Commons FileUpload before 1.3.1, as ...)
@@ -230332,7 +230363,7 @@
 	NOT-FOR-US: Eazy Cart
 CVE-2006-5245 (Eazy Cart allows remote attackers to bypass authentication and gain ...)
 	NOT-FOR-US: Eazy Cart
-CVE-2006-5244 (Multilple PHP remote file inclusion vulnerabilities in OpenDock Easy ...)
+CVE-2006-5244 (Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy ...)
 	NOT-FOR-US: Easy Blog
 CVE-2006-5243 (Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy ...)
 	NOT-FOR-US: Easy Blog
@@ -239589,7 +239620,7 @@
 	- gnome-screensaver 2.14.1-1 (bug #357885)
 CVE-2006-1334 (Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow ...)
 	NOT-FOR-US: Maian Weblog
-CVE-2006-1333 (Multpile SQL injection vulnerabilities in BetaParticle Blog 6.0 and ...)
+CVE-2006-1333 (Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0 and ...)
 	NOT-FOR-US: BetaParticle Blog
 CVE-2006-1332 (Noah's Classifieds 1.3 and earlier allows remote attackers to obtain ...)
 	NOT-FOR-US: Noah's Classifieds

More information about the Secure-testing-commits mailing list