[Secure-testing-commits] r52453 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Jun 9 20:03:39 UTC 2017
Author: jmm
Date: 2017-06-09 20:03:38 +0000 (Fri, 09 Jun 2017)
New Revision: 52453
Modified:
data/CVE/list
Log:
yara no-dsa
jessie triage
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-09 19:19:27 UTC (rev 52452)
+++ data/CVE/list 2017-06-09 20:03:38 UTC (rev 52453)
@@ -153,7 +153,9 @@
CVE-2017-9466
RESERVED
CVE-2017-9465 (The yr_arena_write_data function in YARA 3.6.1 allows remote attackers ...)
- - yara <unfixed>
+ - yara <unfixed> (low)
+ [stretch] - yara <no-dsa> (Minor issue)
+ [jessie] - yara <no-dsa> (Minor issue)
NOTE: https://github.com/VirusTotal/yara/issues/678
NOTE: https://github.com/VirusTotal/yara/commit/992480c30f75943e9cd6245bb2015c7737f9b661
CVE-2017-9464
@@ -221,6 +223,8 @@
NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/6c6abed989ea4a3ef472db65ab487c1809a3a718
CVE-2017-9438 (libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers ...)
- yara <unfixed>
+ [stretch] - yara <no-dsa> (Minor issue)
+ [jessie] - yara <no-dsa> (Minor issue)
NOTE: https://github.com/VirusTotal/yara/issues/674
NOTE: Fixed by: https://github.com/VirusTotal/yara/commit/10e8bd3071677dd1fa76beeef4bc2fc427cea5e7
CVE-2017-9437 (Openbravo Business Suite 3.0 is affected by SQL injection. This ...)
@@ -893,6 +897,7 @@
NOT-FOR-US: Aries QWR-1104 Wireless-N Router
CVE-2015-9059 (picocom before 2.0 has a command injection vulnerability in the 'send ...)
{DLA-974-1}
+ [jessie] - picocom <no-dsa> (Minor issue)
- picocom 1.7-2 (bug #863671)
NOTE: https://github.com/npat-efault/picocom/commit/1ebc60b20fbe9a02436d5cbbf8951714e749ddb1
CVE-2017-9242 (The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux ...)
@@ -25872,6 +25877,7 @@
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-60/
CVE-2016-9850 (An issue was discovered in phpMyAdmin. Username matching for the ...)
{DLA-757-1}
+ [jessie] - phpmyadmin <no-dsa> (Minor issue)
- phpmyadmin 4:4.6.5.1-1 (low)
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-61/
CVE-2016-9851 (An issue was discovered in phpMyAdmin. With a crafted request ...)
@@ -25912,6 +25918,7 @@
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-65/
CVE-2016-9861 (An issue was discovered in phpMyAdmin. Due to the limitation in URL ...)
{DLA-757-1}
+ [jessie] - phpmyadmin <no-dsa> (Minor issue)
- phpmyadmin 4:4.6.5.1-1 (low)
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-66/
CVE-2016-9862 (An issue was discovered in phpMyAdmin. With a crafted login request it ...)
@@ -35320,22 +35327,27 @@
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-37/
CVE-2016-6613 (An issue was discovered in phpMyAdmin. A user can specially craft a ...)
{DLA-626-1}
+ [jessie] - phpmyadmin <no-dsa> (Minor issue)
- phpmyadmin 4:4.6.4+dfsg1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-36/
CVE-2016-6612 (An issue was discovered in phpMyAdmin. A user can exploit the LOAD ...)
{DLA-626-1}
+ [jessie] - phpmyadmin <no-dsa> (Minor issue)
- phpmyadmin 4:4.6.4+dfsg1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-35/
CVE-2016-6611 (An issue was discovered in phpMyAdmin. A specially crafted database ...)
{DLA-626-1}
+ [jessie] - phpmyadmin <no-dsa> (Minor issue)
- phpmyadmin 4:4.6.4+dfsg1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-34/
CVE-2016-6610 (A full path disclosure vulnerability was discovered in phpMyAdmin ...)
- - phpmyadmin 4:4.6.4+dfsg1-1
+ - phpmyadmin 4:4.6.4+dfsg1-1 (unimportant)
[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-33/
+ NOTE: Not relevant to packaged version in Debian
CVE-2016-6609 (An issue was discovered in phpMyAdmin. A specially crafted database ...)
{DLA-626-1}
+ {DLA-626-1}
- phpmyadmin 4:4.6.4+dfsg1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-32/
CVE-2016-6608 (XSS issues were discovered in phpMyAdmin. This affects the database ...)
@@ -35344,10 +35356,12 @@
[wheezy] - phpmyadmin <not-affected> (Only affects 4.6.x)
CVE-2016-6607 (XSS issues were discovered in phpMyAdmin. This affects Zoom search ...)
{DLA-626-1}
+ [jessie] - phpmyadmin <no-dsa> (Minor issue)
- phpmyadmin 4:4.6.4+dfsg1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-30/
CVE-2016-6606 (An issue was discovered in cookie encryption in phpMyAdmin. The ...)
{DLA-626-1}
+ [jessie] - phpmyadmin <no-dsa> (Minor issue)
- phpmyadmin 4:4.6.4+dfsg1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-29/
CVE-2016-6605 (Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to ...)
@@ -38484,6 +38498,7 @@
NOT-FOR-US: BIG-IP
CVE-2016-5735 (Integer overflow in the rwpng_read_image24_libpng function in rwpng.c ...)
{DLA-966-1}
+ [jessie] - pngquant <no-dsa> (Minor issue)
- pngquant 2.5.0-2 (bug #863469)
NOTE: https://github.com/pornel/pngquant/commit/b7c217680cda02dddced245d237ebe8c383be285
CVE-2016-5734 (phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x ...)
More information about the Secure-testing-commits
mailing list