[Secure-testing-commits] r52582 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Thu Jun 15 09:10:13 UTC 2017


Author: sectracker
Date: 2017-06-15 09:10:13 +0000 (Thu, 15 Jun 2017)
New Revision: 52582

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-15 06:20:24 UTC (rev 52581)
+++ data/CVE/list	2017-06-15 09:10:13 UTC (rev 52582)
@@ -1,3 +1,91 @@
+CVE-2017-9664
+	RESERVED
+CVE-2017-9663
+	RESERVED
+CVE-2017-9662
+	RESERVED
+CVE-2017-9661
+	RESERVED
+CVE-2017-9660
+	RESERVED
+CVE-2017-9659
+	RESERVED
+CVE-2017-9658
+	RESERVED
+CVE-2017-9657
+	RESERVED
+CVE-2017-9656
+	RESERVED
+CVE-2017-9655
+	RESERVED
+CVE-2017-9654
+	RESERVED
+CVE-2017-9653
+	RESERVED
+CVE-2017-9652
+	RESERVED
+CVE-2017-9651
+	RESERVED
+CVE-2017-9650
+	RESERVED
+CVE-2017-9649
+	RESERVED
+CVE-2017-9648
+	RESERVED
+CVE-2017-9647
+	RESERVED
+CVE-2017-9646
+	RESERVED
+CVE-2017-9645
+	RESERVED
+CVE-2017-9644
+	RESERVED
+CVE-2017-9643
+	RESERVED
+CVE-2017-9642
+	RESERVED
+CVE-2017-9641
+	RESERVED
+CVE-2017-9640
+	RESERVED
+CVE-2017-9639
+	RESERVED
+CVE-2017-9638
+	RESERVED
+CVE-2017-9637
+	RESERVED
+CVE-2017-9636
+	RESERVED
+CVE-2017-9635
+	RESERVED
+CVE-2017-9634
+	RESERVED
+CVE-2017-9633
+	RESERVED
+CVE-2017-9632
+	RESERVED
+CVE-2017-9631
+	RESERVED
+CVE-2017-9630
+	RESERVED
+CVE-2017-9629
+	RESERVED
+CVE-2017-9628
+	RESERVED
+CVE-2017-9627
+	RESERVED
+CVE-2017-9626
+	RESERVED
+CVE-2017-9625
+	RESERVED
+CVE-2017-9624 (Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI ...)
+	TODO: check
+CVE-2017-9623 (Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI ...)
+	TODO: check
+CVE-2017-9622 (Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI ...)
+	TODO: check
+CVE-2017-9621 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
 CVE-2017-9620
 	RESERVED
 CVE-2017-9619
@@ -30,8 +118,8 @@
 	RESERVED
 CVE-2017-9607
 	RESERVED
-CVE-2017-9606
-	RESERVED
+CVE-2017-9606 (Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local ...)
+	TODO: check
 CVE-2017-9604 (KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in ...)
 	- kdepim <unfixed> (bug #864804)
 	- kf5-messagelib <unfixed> (bug #864803)
@@ -383,9 +471,9 @@
 	NOTE: https://github.com/VirusTotal/yara/issues/678
 	NOTE: https://github.com/VirusTotal/yara/commit/992480c30f75943e9cd6245bb2015c7737f9b661
 CVE-2017-9464 (An open redirect vulnerability is present in Piwigo 2.9 and probably ...)
-	 - piwigo <removed>
+	- piwigo <removed>
 CVE-2017-9463 (The application Piwigo is affected by a SQL injection vulnerability in ...)
-	 - piwigo <removed>
+	- piwigo <removed>
 CVE-2017-9460
 	RESERVED
 CVE-2017-9459
@@ -2155,7 +2243,7 @@
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697810
 	NOTE: edgebuffer scan converter was made default only in: http://git.ghostscript.com/?p=ghostpdl.git;h=dd5da2cb3e08398ac6d86598b36b00994d058308
 	NOTE: But the vulnerable code via base/gxscan.c, a new scan converter introduced in 9.20 is present.
-CVE-2017-8907 (Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.3 did not ...)
+CVE-2017-8907 (Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 did not ...)
 	TODO: check
 CVE-2017-8906 (An integer underflow vulnerability exists in pixel-a.asm, the x86 ...)
 	- x265 <not-affected> (Affected code is not enabled)
@@ -2990,32 +3078,32 @@
 	RESERVED
 CVE-2017-8556
 	RESERVED
-CVE-2017-8555
-	RESERVED
+CVE-2017-8555 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...)
+	TODO: check
 CVE-2017-8554
 	RESERVED
-CVE-2017-8553
-	RESERVED
-CVE-2017-8552
-	RESERVED
-CVE-2017-8551
-	RESERVED
-CVE-2017-8550
-	RESERVED
-CVE-2017-8549
-	RESERVED
-CVE-2017-8548
-	RESERVED
-CVE-2017-8547
-	RESERVED
+CVE-2017-8553 (An information disclosure vulnerability exists in Microsoft Windows ...)
+	TODO: check
+CVE-2017-8552 (A kernel-mode driver in Windows Server 2008 SP2 and R2 SP1, and ...)
+	TODO: check
+CVE-2017-8551 (An elevation of privilege vulnerability exists when Microsoft ...)
+	TODO: check
+CVE-2017-8550 (A remote code execution vulnerability exists in Skype for Business ...)
+	TODO: check
+CVE-2017-8549 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
+	TODO: check
+CVE-2017-8548 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
+	TODO: check
+CVE-2017-8547 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+	TODO: check
 CVE-2017-8546
 	RESERVED
-CVE-2017-8545
-	RESERVED
-CVE-2017-8544
-	RESERVED
-CVE-2017-8543
-	RESERVED
+CVE-2017-8545 (A spoofing vulnerability exists in when Microsoft Outlook for Mac does ...)
+	TODO: check
+CVE-2017-8544 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+	TODO: check
+CVE-2017-8543 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+	TODO: check
 CVE-2017-8542 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8541 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
@@ -3032,68 +3120,68 @@
 	NOT-FOR-US: Microsoft
 CVE-2017-8535 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8534
-	RESERVED
-CVE-2017-8533
-	RESERVED
-CVE-2017-8532
-	RESERVED
-CVE-2017-8531
-	RESERVED
-CVE-2017-8530
-	RESERVED
-CVE-2017-8529
-	RESERVED
-CVE-2017-8528
-	RESERVED
-CVE-2017-8527
-	RESERVED
+CVE-2017-8534 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+	TODO: check
+CVE-2017-8533 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+	TODO: check
+CVE-2017-8532 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+	TODO: check
+CVE-2017-8531 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+	TODO: check
+CVE-2017-8530 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
+	TODO: check
+CVE-2017-8529 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+	TODO: check
+CVE-2017-8528 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+	TODO: check
+CVE-2017-8527 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+	TODO: check
 CVE-2017-8526
 	RESERVED
 CVE-2017-8525
 	RESERVED
-CVE-2017-8524
-	RESERVED
-CVE-2017-8523
-	RESERVED
-CVE-2017-8522
-	RESERVED
-CVE-2017-8521
-	RESERVED
-CVE-2017-8520
-	RESERVED
-CVE-2017-8519
-	RESERVED
+CVE-2017-8524 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+	TODO: check
+CVE-2017-8523 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
+	TODO: check
+CVE-2017-8522 (Microsoft browsers in Microsoft Windows 8.1 and Windows RT 8.1, ...)
+	TODO: check
+CVE-2017-8521 (Microsoft Edge in Windows 10 1703 allows an attacker to execute ...)
+	TODO: check
+CVE-2017-8520 (Microsoft Edge in Windows 10 1703 allows an attacker to execute ...)
+	TODO: check
+CVE-2017-8519 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and ...)
+	TODO: check
 CVE-2017-8518
 	RESERVED
-CVE-2017-8517
-	RESERVED
+CVE-2017-8517 (Microsoft browsers in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+	TODO: check
 CVE-2017-8516
 	RESERVED
-CVE-2017-8515
-	RESERVED
-CVE-2017-8514
-	RESERVED
-CVE-2017-8513
-	RESERVED
-CVE-2017-8512
-	RESERVED
-CVE-2017-8511
-	RESERVED
-CVE-2017-8510
-	RESERVED
-CVE-2017-8509
-	RESERVED
-CVE-2017-8508
-	RESERVED
-CVE-2017-8507
-	RESERVED
-CVE-2017-8506
-	RESERVED
+CVE-2017-8515 (Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 ...)
+	TODO: check
+CVE-2017-8514 (An information disclosure vulnerability exists when Microsoft ...)
+	TODO: check
+CVE-2017-8513 (A remote code execution vulnerability exists in Microsoft PowerPoint ...)
+	TODO: check
+CVE-2017-8512 (A remote code execution vulnerability exists in Microsoft Office when ...)
+	TODO: check
+CVE-2017-8511 (A remote code execution vulnerability exists in Microsoft Office when ...)
+	TODO: check
+CVE-2017-8510 (A remote code execution vulnerability exists in Microsoft Office when ...)
+	TODO: check
+CVE-2017-8509 (A remote code execution vulnerability exists in Microsoft Office when ...)
+	TODO: check
+CVE-2017-8508 (A security feature bypass vulnerability exists in Microsoft Office ...)
+	TODO: check
+CVE-2017-8507 (A remote code execution vulnerability exists in the way Microsoft ...)
+	TODO: check
+CVE-2017-8506 (A remote code execution vulnerability exists in Microsoft Office when ...)
+	TODO: check
 CVE-2017-8505
 	RESERVED
-CVE-2017-8504
-	RESERVED
+CVE-2017-8504 (Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 ...)
+	TODO: check
 CVE-2017-8503
 	RESERVED
 CVE-2017-8502
@@ -3102,86 +3190,86 @@
 	RESERVED
 CVE-2017-8500
 	RESERVED
-CVE-2017-8499
-	RESERVED
-CVE-2017-8498
-	RESERVED
-CVE-2017-8497
-	RESERVED
-CVE-2017-8496
-	RESERVED
+CVE-2017-8499 (Microsoft Edge in Windows 10 1703 allows an attacker to execute ...)
+	TODO: check
+CVE-2017-8498 (Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 ...)
+	TODO: check
+CVE-2017-8497 (Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an ...)
+	TODO: check
+CVE-2017-8496 (Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an ...)
+	TODO: check
 CVE-2017-8495
 	RESERVED
-CVE-2017-8494
-	RESERVED
-CVE-2017-8493
-	RESERVED
-CVE-2017-8492
-	RESERVED
-CVE-2017-8491
-	RESERVED
-CVE-2017-8490
-	RESERVED
-CVE-2017-8489
-	RESERVED
-CVE-2017-8488
-	RESERVED
+CVE-2017-8494 (Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server ...)
+	TODO: check
+CVE-2017-8493 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, ...)
+	TODO: check
+CVE-2017-8492 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
+CVE-2017-8491 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
+CVE-2017-8490 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
+CVE-2017-8489 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
+CVE-2017-8488 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
 CVE-2017-8487
 	RESERVED
 CVE-2017-8486
 	RESERVED
-CVE-2017-8485
-	RESERVED
-CVE-2017-8484
-	RESERVED
-CVE-2017-8483
-	RESERVED
-CVE-2017-8482
-	RESERVED
-CVE-2017-8481
-	RESERVED
-CVE-2017-8480
-	RESERVED
-CVE-2017-8479
-	RESERVED
-CVE-2017-8478
-	RESERVED
-CVE-2017-8477
-	RESERVED
-CVE-2017-8476
-	RESERVED
-CVE-2017-8475
-	RESERVED
-CVE-2017-8474
-	RESERVED
-CVE-2017-8473
-	RESERVED
-CVE-2017-8472
-	RESERVED
-CVE-2017-8471
-	RESERVED
-CVE-2017-8470
-	RESERVED
-CVE-2017-8469
-	RESERVED
-CVE-2017-8468
-	RESERVED
+CVE-2017-8485 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
+CVE-2017-8484 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+	TODO: check
+CVE-2017-8483 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
+CVE-2017-8482 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
+CVE-2017-8481 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
+CVE-2017-8480 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
+CVE-2017-8479 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
+CVE-2017-8478 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
+CVE-2017-8477 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+	TODO: check
+CVE-2017-8476 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
+CVE-2017-8475 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+	TODO: check
+CVE-2017-8474 (The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, ...)
+	TODO: check
+CVE-2017-8473 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+	TODO: check
+CVE-2017-8472 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and ...)
+	TODO: check
+CVE-2017-8471 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+	TODO: check
+CVE-2017-8470 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+	TODO: check
+CVE-2017-8469 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
+CVE-2017-8468 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, ...)
+	TODO: check
 CVE-2017-8467
 	RESERVED
-CVE-2017-8466
-	RESERVED
-CVE-2017-8465
-	RESERVED
-CVE-2017-8464
-	RESERVED
+CVE-2017-8466 (Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2, ...)
+	TODO: check
+CVE-2017-8465 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, ...)
+	TODO: check
+CVE-2017-8464 (Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows ...)
+	TODO: check
 CVE-2017-8463
 	RESERVED
-CVE-2017-8462
-	RESERVED
+CVE-2017-8462 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
 CVE-2017-8461
 	RESERVED
-CVE-2017-8460
-	RESERVED
+CVE-2017-8460 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows ...)
+	TODO: check
 CVE-2017-8459 (** DISPUTED ** Brave 0.12.4 has a Status Bar Obfuscation issue in which ...)
 	NOT-FOR-US: Brave
 CVE-2017-8458 (Brave 0.12.4 has a URI Obfuscation issue in which a string such as ...)
@@ -4683,16 +4771,16 @@
 	RESERVED
 CVE-2017-7915 (An Improper Restriction of Excessive Authentication Attempts issue was ...)
 	NOT-FOR-US: Moxa
-CVE-2017-7914
-	RESERVED
+CVE-2017-7914 (A Missing Authorization issue was discovered in Rockwell Automation ...)
+	TODO: check
 CVE-2017-7913 (A Plaintext Storage of a Password issue was discovered in Moxa OnCell ...)
 	NOT-FOR-US: Moxa
 CVE-2017-7912
 	RESERVED
 CVE-2017-7911 (A Code Injection issue was discovered in CyberVision Kaa IoT Platform, ...)
 	NOT-FOR-US: CyberVision Kaa IoT Platform
-CVE-2017-7910
-	RESERVED
+CVE-2017-7910 (A Stack-Based Buffer Overflow issue was discovered in Digital Canal ...)
+	TODO: check
 CVE-2017-7909 (A Use of Client-Side Authentication issue was discovered in Advantech ...)
 	NOT-FOR-US: Advantech
 CVE-2017-7908
@@ -7973,6 +8061,7 @@
 CVE-2017-6893
 	RESERVED
 CVE-2017-6892 (In libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" ...)
+	{DLA-985-1}
 	- libsndfile <unfixed> (bug #864704)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	[jessie] - libsndfile <no-dsa> (Minor issue)
@@ -14321,8 +14410,7 @@
 	RESERVED
 CVE-2017-4987
 	RESERVED
-CVE-2017-4986
-	RESERVED
+CVE-2017-4986 (EMC ESRS VE 3.18 or earlier contains Authentication Bypass that could ...)
 	NOT-FOR-US: EMC
 CVE-2017-4985
 	RESERVED
@@ -14332,8 +14420,7 @@
 	NOT-FOR-US: EMC Data Domain OS
 CVE-2017-4982 (EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and ...)
 	NOT-FOR-US: EMC Mainframe
-CVE-2017-4981
-	RESERVED
+CVE-2017-4981 (EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper ...)
 	NOT-FOR-US: EMC
 CVE-2017-4980 (EMC Isilon OneFS is affected by a path traversal vulnerability that may ...)
 	NOT-FOR-US: EMC
@@ -30741,44 +30828,44 @@
 	NOTE: Upstream fix: https://gitlab.com/gnutls/gnutls/commit/964632f37dfdfb914ebc5e49db4fa29af35b1de9
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1374266
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/18/3
-CVE-2017-0300
-	RESERVED
-CVE-2017-0299
-	RESERVED
-CVE-2017-0298
-	RESERVED
-CVE-2017-0297
-	RESERVED
-CVE-2017-0296
-	RESERVED
-CVE-2017-0295
-	RESERVED
-CVE-2017-0294
-	RESERVED
+CVE-2017-0300 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
+CVE-2017-0299 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
+	TODO: check
+CVE-2017-0298 (A DCOM object in Helppane.exe in Microsoft Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0297 (The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, ...)
+	TODO: check
+CVE-2017-0296 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+	TODO: check
+CVE-2017-0295 (Microsoft Windows 10 1607 and 1703, and Windows Server 2016 allow an ...)
+	TODO: check
+CVE-2017-0294 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...)
+	TODO: check
 CVE-2017-0293
 	RESERVED
-CVE-2017-0292
-	RESERVED
-CVE-2017-0291
-	RESERVED
+CVE-2017-0292 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows ...)
+	TODO: check
+CVE-2017-0291 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows ...)
+	TODO: check
 CVE-2017-0290 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0289
-	RESERVED
-CVE-2017-0288
-	RESERVED
-CVE-2017-0287
-	RESERVED
-CVE-2017-0286
-	RESERVED
-CVE-2017-0285
-	RESERVED
-CVE-2017-0284
-	RESERVED
-CVE-2017-0283
-	RESERVED
-CVE-2017-0282
-	RESERVED
+CVE-2017-0289 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+	TODO: check
+CVE-2017-0288 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+	TODO: check
+CVE-2017-0287 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+	TODO: check
+CVE-2017-0286 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
+	TODO: check
+CVE-2017-0285 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+	TODO: check
+CVE-2017-0284 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+	TODO: check
+CVE-2017-0283 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+	TODO: check
+CVE-2017-0282 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
+	TODO: check
 CVE-2017-0281 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0280 (The Microsoft Server Message Block 1.0 (SMBv1) allows denial of ...)
@@ -30821,8 +30908,8 @@
 	NOT-FOR-US: Microsoft
 CVE-2017-0261 (Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0260
-	RESERVED
+CVE-2017-0260 (A remote code execution vulnerability exists in Microsoft Office when ...)
+	TODO: check
 CVE-2017-0259 (The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0258 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
@@ -30903,16 +30990,16 @@
 	NOT-FOR-US: Microsoft
 CVE-2017-0220 (The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0219
-	RESERVED
-CVE-2017-0218
-	RESERVED
+CVE-2017-0219 (Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and ...)
+	TODO: check
+CVE-2017-0218 (Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and ...)
+	TODO: check
 CVE-2017-0217
 	RESERVED
-CVE-2017-0216
-	RESERVED
-CVE-2017-0215
-	RESERVED
+CVE-2017-0216 (Microsoft Windows 10 1511, Windows 10 1607, and Windows Server 2016 ...)
+	TODO: check
+CVE-2017-0215 (Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to ...)
+	TODO: check
 CVE-2017-0214 (Windows COM in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0213 (Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 ...)
@@ -30955,8 +31042,8 @@
 	NOT-FOR-US: Microsoft
 CVE-2017-0194 (Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, and Office ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0193
-	RESERVED
+CVE-2017-0193 (Windows Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
+	TODO: check
 CVE-2017-0192 (The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0191 (A denial of service vulnerability exists in the way that Windows 7, ...)
@@ -30995,8 +31082,8 @@
 	NOT-FOR-US: Microsoft
 CVE-2017-0174
 	RESERVED
-CVE-2017-0173
-	RESERVED
+CVE-2017-0173 (Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to ...)
+	TODO: check
 CVE-2017-0172
 	RESERVED
 CVE-2017-0171 (Windows DNS Server allows a denial of service vulnerability when ...)
@@ -56135,7 +56222,8 @@
 	- foomatic-filters 4.0.17-7 (bug #807993)
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/13/2
-CVE-2015-9097 [ruby-mail: SMTP injection via recipient email addresses]
+CVE-2015-9097 (The mail gem before 2.5.5 for Ruby (aka A Really Ruby Mail Library) is ...)
+	{DLA-489-1}
 	- ruby-mail 2.6.1+dfsg1-1
 	NOTE: https://github.com/mikel/mail/commit/72befdc4dab3e6e288ce226a7da2aa474cf5be83
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/12/11/3




More information about the Secure-testing-commits mailing list