[Secure-testing-commits] r52179 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Thu Jun 1 09:10:18 UTC 2017 

Author: sectracker
Date: 2017-06-01 09:10:18 +0000 (Thu, 01 Jun 2017)
New Revision: 52179

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-01 08:57:26 UTC (rev 52178)
+++ data/CVE/list	2017-06-01 09:10:18 UTC (rev 52179)
@@ -1,8 +1,67 @@
-CVE-2017-9334 [denial of service due to invalid pointer dereference]
+CVE-2017-9355
+	RESERVED
+CVE-2017-9354
+	RESERVED
+CVE-2017-9353
+	RESERVED
+CVE-2017-9352
+	RESERVED
+CVE-2017-9351
+	RESERVED
+CVE-2017-9350
+	RESERVED
+CVE-2017-9349
+	RESERVED
+CVE-2017-9348
+	RESERVED
+CVE-2017-9347
+	RESERVED
+CVE-2017-9346
+	RESERVED
+CVE-2017-9345
+	RESERVED
+CVE-2017-9344
+	RESERVED
+CVE-2017-9343
+	RESERVED
+CVE-2017-9342
+	RESERVED
+CVE-2017-9341
+	RESERVED
+CVE-2017-9340
+	RESERVED
+CVE-2017-9339
+	RESERVED
+CVE-2017-9338
+	RESERVED
+CVE-2017-9337 (The Markdown on Save Improved plugin 2.5 for WordPress has a stored XSS ...)
+	TODO: check
+CVE-2017-9336 (The WP Editor.MD plugin 1.6 for WordPress has a stored XSS ...)
+	TODO: check
+CVE-2017-9335
+	RESERVED
+CVE-2017-9333
+	RESERVED
+CVE-2017-9332
+	RESERVED
+CVE-2017-9331 (The Agenda component in Telaxus EPESI 1.8.2 and earlier has a Stored ...)
+	TODO: check
+CVE-2017-9329
+	RESERVED
+CVE-2017-9328
+	RESERVED
+CVE-2017-9327
+	RESERVED
+CVE-2017-9326
+	RESERVED
+CVE-2017-9325
+	RESERVED
+CVE-2017-9334 (An incorrect "pair?" check in the Scheme "length" procedure results in ...)
 	- chicken <unfixed>
 	NOTE: Original announcement: http://lists.nongnu.org/archive/html/chicken-announce/2017-05/msg00000.html
 	NOTE: Patch: http://lists.nongnu.org/archive/html/chicken-hackers/2017-05/msg00099.html
 CVE-2017-9330 [sb: ohci: infinite loop due to incorrect return value]
+	RESERVED
 	- qemu <unfixed>
 	- qemu-kvm <removed>
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=26f670a244982335cc08943fb1ec099a2c81e42d
@@ -963,22 +1022,27 @@
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/76d77e927bb4d0f87c7262a50e28d84e01fd2b11
 CVE-2017-9065 (In WordPress before 4.7.5, there is a lack of capability checks for ...)
+	{DSA-3870-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/e88a48a066ab2200ce3091b131d43e2fab2460a4
 CVE-2017-9064 (In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) ...)
+	{DSA-3870-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/38347d7c580be4cdd8476e4bbc653d5c79ed9b67
 CVE-2017-9063 (In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability ...)
+	{DSA-3870-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/3d10fef22d788f29aed745b0f5ff6f6baea69af3
 CVE-2017-9062 (In WordPress before 4.7.5, there is improper handling of post meta data ...)
+	{DSA-3870-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/3d95e3ae816f4d7c638f40d3e936a4be19724381
 CVE-2017-9061 (In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability ...)
+	{DSA-3870-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/8c7ea71edbbffca5d9766b7bea7c7f3722ffafa6
@@ -1256,7 +1320,7 @@
 CVE-2017-8912 (** DISPUTED ** CMS Made Simple (CMSMS) 2.1.6 allows remote ...)
 	NOT-FOR-US: CMS Made Simple
 CVE-2017-8911 (An integer underflow has been identified in the unicode_to_utf8() ...)
-	{DLA-962-1}
+	{DSA-3869-1 DLA-962-1}
 	- tnef 1.4.12-1.2 (bug #862442)
 	NOTE: https://github.com/verdammelt/tnef/issues/23
 	NOTE: Fixed by: https://github.com/verdammelt/tnef/commit/a686971a1f124d9ae18946b1844dbc2c1f30df10
@@ -2813,6 +2877,7 @@
 	NOTE: patch in BTS gives workaround to always prompt for password and do not save to database
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/25/9
 CVE-2017-8295 (WordPress through 4.7.4 relies on the Host HTTP header for a ...)
+	{DSA-3870-1}
 	- wordpress <unfixed> (bug #862053)
 	NOTE: https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html
 	NOTE: http://blog.dewhurstsecurity.com/2017/05/04/exploitbox-wordpress-security-advisories.html

More information about the Secure-testing-commits mailing list