[Secure-testing-commits] r54049 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sat Jul 29 09:10:51 UTC 2017 

Author: sectracker
Date: 2017-07-29 09:10:51 +0000 (Sat, 29 Jul 2017)
New Revision: 54049

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-29 06:06:01 UTC (rev 54048)
+++ data/CVE/list	2017-07-29 09:10:51 UTC (rev 54049)
@@ -1,4 +1,26 @@
-CVE-2017-11724 [memory leak in mat coder (upstream 624)]
+CVE-2017-11734 (A heap-based buffer over-read was found in the function ...)
+	TODO: check
+CVE-2017-11733 (A null pointer dereference vulnerability was found in the function ...)
+	TODO: check
+CVE-2017-11732 (A heap-based buffer overflow vulnerability was found in the function ...)
+	TODO: check
+CVE-2017-11731 (An invalid memory read vulnerability was found in the function OpCode ...)
+	TODO: check
+CVE-2017-11730 (A heap-based buffer over-read was found in the function OpCode (called ...)
+	TODO: check
+CVE-2017-11729 (A heap-based buffer over-read was found in the function OpCode (called ...)
+	TODO: check
+CVE-2017-11728 (A heap-based buffer over-read was found in the function OpCode (called ...)
+	TODO: check
+CVE-2017-11727
+	RESERVED
+CVE-2017-11726
+	RESERVED
+CVE-2017-11725 (The share function in Thycotic Secret Server before 10.2.000019 ...)
+	TODO: check
+CVE-2017-11723 (Directory traversal vulnerability in plugins/ImageManager/backend.php ...)
+	TODO: check
+CVE-2017-11724 (The ReadMATImage function in coders/mat.c in ImageMagick through ...)
 	- imagemagick 8:6.9.7.4+dfsg-14 (bug #870023)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/624
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5163756a1f829a561912dfdb74a0dae41d8ed8cf
@@ -20585,8 +20607,8 @@
 	RESERVED
 CVE-2017-4920
 	RESERVED
-CVE-2017-4919
-	RESERVED
+CVE-2017-4919 (VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, ...)
+	TODO: check
 CVE-2017-4918 (VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains ...)
 	NOT-FOR-US: VMware
 CVE-2017-4917 (VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x ...)
@@ -23764,17 +23786,17 @@
 	RESERVED
 CVE-2017-3653
 	RESERVED
-	{DSA-3922-1}
+	{DSA-3922-1 DLA-1043-1}
 	- mysql-5.7 <unfixed> (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
 CVE-2017-3652
 	RESERVED
-	{DSA-3922-1}
+	{DSA-3922-1 DLA-1043-1}
 	- mysql-5.7 <unfixed> (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
 CVE-2017-3651
 	RESERVED
-	{DSA-3922-1}
+	{DSA-3922-1 DLA-1043-1}
 	- mysql-5.7 <unfixed> (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
 CVE-2017-3650
@@ -23787,7 +23809,7 @@
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 CVE-2017-3648
 	RESERVED
-	{DSA-3922-1}
+	{DSA-3922-1 DLA-1043-1}
 	- mysql-5.7 <unfixed> (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
 CVE-2017-3647
@@ -23816,7 +23838,7 @@
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 CVE-2017-3641
 	RESERVED
-	{DSA-3922-1}
+	{DSA-3922-1 DLA-1043-1}
 	- mysql-5.7 <unfixed> (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
 CVE-2017-3640
@@ -23837,12 +23859,12 @@
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 CVE-2017-3636
 	RESERVED
-	{DSA-3922-1}
+	{DSA-3922-1 DLA-1043-1}
 	- mysql-5.7 <not-affected> (Only affects MySQL 5.5 and 5.6)
 	- mysql-5.5 <removed> (bug #868788)
 CVE-2017-3635
 	RESERVED
-	{DSA-3922-1}
+	{DSA-3922-1 DLA-1043-1}
 	- mysql-5.7 <unfixed> (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
 CVE-2017-3634
@@ -25059,7 +25081,7 @@
 	RESERVED
 CVE-2017-3222 (Hard-coded credentials in AmosConnect 8 allow remote attackers to gain ...)
 	NOT-FOR-US: AmosConnect
-CVE-2017-3221 (Blind SQL injection in the AmosConnect 8 login form allows remote ...)
+CVE-2017-3221 (Blind SQL injection in Inmarsat AmosConnect 8 login form allows remote ...)
 	NOT-FOR-US: AmosConnect
 CVE-2017-3220
 	RESERVED
@@ -73607,8 +73629,7 @@
 	REJECTED
 CVE-2015-5192
 	REJECTED
-CVE-2015-5191 [local privilege escalation]
-	RESERVED
+CVE-2015-5191 (VMware Tools prior to 10.0.9 contains multiple file system races in ...)
 	- open-vm-tools 2:10.1.5-5055683-5 (low; bug #869633)
 	[stretch] - open-vm-tools <no-dsa> (Minor issue)
 	[jessie] - open-vm-tools <not-affected> (Vulnerable code not present)

More information about the Secure-testing-commits mailing list