[Secure-testing-commits] r52453 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Jun 9 20:03:39 UTC 2017 

Author: jmm
Date: 2017-06-09 20:03:38 +0000 (Fri, 09 Jun 2017)
New Revision: 52453

Modified:
   data/CVE/list
Log:
yara no-dsa
jessie triage


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-09 19:19:27 UTC (rev 52452)
+++ data/CVE/list	2017-06-09 20:03:38 UTC (rev 52453)
@@ -153,7 +153,9 @@
 CVE-2017-9466
 	RESERVED
 CVE-2017-9465 (The yr_arena_write_data function in YARA 3.6.1 allows remote attackers ...)
-	- yara <unfixed>
+	- yara <unfixed> (low)
+	[stretch] - yara <no-dsa> (Minor issue)
+	[jessie] - yara <no-dsa> (Minor issue)
 	NOTE: https://github.com/VirusTotal/yara/issues/678
 	NOTE: https://github.com/VirusTotal/yara/commit/992480c30f75943e9cd6245bb2015c7737f9b661
 CVE-2017-9464
@@ -221,6 +223,8 @@
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/6c6abed989ea4a3ef472db65ab487c1809a3a718
 CVE-2017-9438 (libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers ...)
 	- yara <unfixed>
+	[stretch] - yara <no-dsa> (Minor issue)
+	[jessie] - yara <no-dsa> (Minor issue)
 	NOTE: https://github.com/VirusTotal/yara/issues/674
 	NOTE: Fixed by: https://github.com/VirusTotal/yara/commit/10e8bd3071677dd1fa76beeef4bc2fc427cea5e7
 CVE-2017-9437 (Openbravo Business Suite 3.0 is affected by SQL injection. This ...)
@@ -893,6 +897,7 @@
 	NOT-FOR-US: Aries QWR-1104 Wireless-N Router
 CVE-2015-9059 (picocom before 2.0 has a command injection vulnerability in the 'send ...)
 	{DLA-974-1}
+	[jessie] - picocom <no-dsa> (Minor issue)
 	- picocom 1.7-2 (bug #863671)
 	NOTE: https://github.com/npat-efault/picocom/commit/1ebc60b20fbe9a02436d5cbbf8951714e749ddb1
 CVE-2017-9242 (The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux ...)
@@ -25872,6 +25877,7 @@
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-60/
 CVE-2016-9850 (An issue was discovered in phpMyAdmin. Username matching for the ...)
 	{DLA-757-1}
+	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	- phpmyadmin 4:4.6.5.1-1 (low)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-61/
 CVE-2016-9851 (An issue was discovered in phpMyAdmin. With a crafted request ...)
@@ -25912,6 +25918,7 @@
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-65/
 CVE-2016-9861 (An issue was discovered in phpMyAdmin. Due to the limitation in URL ...)
 	{DLA-757-1}
+	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	- phpmyadmin 4:4.6.5.1-1 (low)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-66/
 CVE-2016-9862 (An issue was discovered in phpMyAdmin. With a crafted login request it ...)
@@ -35320,22 +35327,27 @@
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-37/
 CVE-2016-6613 (An issue was discovered in phpMyAdmin. A user can specially craft a ...)
 	{DLA-626-1}
+	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-36/
 CVE-2016-6612 (An issue was discovered in phpMyAdmin. A user can exploit the LOAD ...)
 	{DLA-626-1}
+	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-35/
 CVE-2016-6611 (An issue was discovered in phpMyAdmin. A specially crafted database ...)
 	{DLA-626-1}
+	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-34/
 CVE-2016-6610 (A full path disclosure vulnerability was discovered in phpMyAdmin ...)
-	- phpmyadmin 4:4.6.4+dfsg1-1
+	- phpmyadmin 4:4.6.4+dfsg1-1 (unimportant)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-33/
+	NOTE: Not relevant to packaged version in Debian
 CVE-2016-6609 (An issue was discovered in phpMyAdmin. A specially crafted database ...)
 	{DLA-626-1}
+	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-32/
 CVE-2016-6608 (XSS issues were discovered in phpMyAdmin. This affects the database ...)
@@ -35344,10 +35356,12 @@
 	[wheezy] - phpmyadmin <not-affected> (Only affects 4.6.x)
 CVE-2016-6607 (XSS issues were discovered in phpMyAdmin. This affects Zoom search ...)
 	{DLA-626-1}
+	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-30/
 CVE-2016-6606 (An issue was discovered in cookie encryption in phpMyAdmin. The ...)
 	{DLA-626-1}
+	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-29/
 CVE-2016-6605 (Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to ...)
@@ -38484,6 +38498,7 @@
 	NOT-FOR-US: BIG-IP
 CVE-2016-5735 (Integer overflow in the rwpng_read_image24_libpng function in rwpng.c ...)
 	{DLA-966-1}
+	[jessie] - pngquant <no-dsa> (Minor issue)
 	- pngquant 2.5.0-2 (bug #863469)
 	NOTE: https://github.com/pornel/pngquant/commit/b7c217680cda02dddced245d237ebe8c383be285
 CVE-2016-5734 (phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x ...)

More information about the Secure-testing-commits mailing list