[Secure-testing-commits] r52856 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Fri Jun 23 21:10:24 UTC 2017 

Author: sectracker
Date: 2017-06-23 21:10:23 +0000 (Fri, 23 Jun 2017)
New Revision: 52856

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-23 18:50:05 UTC (rev 52855)
+++ data/CVE/list	2017-06-23 21:10:23 UTC (rev 52856)
@@ -1,3 +1,7 @@
+CVE-2017-9827
+	RESERVED
+CVE-2017-9826
+	RESERVED
 CVE-2017-XXXX [Improper TSIG validity period check can allow TSIG forgery]
 	- knot <unfixed> (bug #865678)
 	NOTE: https://lists.nic.cz/pipermail/knot-dns-users/2017-June/001144.html
@@ -1334,8 +1338,7 @@
 	- php-horde-image <unfixed> (bug #865504)
 	[jessie] - php-horde-image <not-affected> (Only Horde_Image above 2.3.0 affected)
 	NOTE: https://lists.horde.org/archives/announce/2017/001234.html
-CVE-2017-9772 [local privilege escalation issue with ocaml binaries]
-	RESERVED
+CVE-2017-9772 (Insufficient sanitisation in the OCaml compiler versions 4.04.0 and ...)
 	- ocaml <not-affected> (Only affects 4.04.0 and 4.04.1)
 	NOTE: https://caml.inria.fr/mantis/view.php?id=7557
 	TODO: double-check
@@ -4279,7 +4282,7 @@
 CVE-2017-8814
 	RESERVED
 CVE-2017-8813
-	RESERVED
+	REJECTED
 CVE-2017-8812
 	RESERVED
 CVE-2017-8811
@@ -18462,8 +18465,8 @@
 	RESERVED
 CVE-2017-3949
 	RESERVED
-CVE-2017-3948
-	RESERVED
+CVE-2017-3948 (Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee ...)
+	TODO: check
 CVE-2017-3947
 	RESERVED
 CVE-2017-3946
@@ -25296,12 +25299,12 @@
 	RESERVED
 CVE-2017-1350
 	RESERVED
-CVE-2017-1349
-	RESERVED
-CVE-2017-1348
-	RESERVED
-CVE-2017-1347
-	RESERVED
+CVE-2017-1349 (IBM Sterling B2B Integrator Standard Edition 5.2 stores potentially ...)
+	TODO: check
+CVE-2017-1348 (IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to ...)
+	TODO: check
+CVE-2017-1347 (IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL ...)
+	TODO: check
 CVE-2017-1346
 	RESERVED
 CVE-2017-1345
@@ -25390,8 +25393,8 @@
 	NOT-FOR-US: IBM
 CVE-2017-1303
 	RESERVED
-CVE-2017-1302
-	RESERVED
+CVE-2017-1302 (IBM Sterling B2B Integrator Standard Edition 5.2 could allow a local ...)
+	TODO: check
 CVE-2017-1301
 	RESERVED
 CVE-2017-1300
@@ -25608,8 +25611,8 @@
 	RESERVED
 CVE-2017-1194 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable ...)
 	NOT-FOR-US: IBM
-CVE-2017-1193
-	RESERVED
+CVE-2017-1193 (IBM Sterling B2B Integrator Standard Edition 5.2 could allow user to ...)
+	TODO: check
 CVE-2017-1192
 	RESERVED
 CVE-2017-1191
@@ -25731,10 +25734,10 @@
 	NOT-FOR-US: IBM
 CVE-2017-1133 (IBM QRadar 7.2 is vulnerable to cross-site scripting. This ...)
 	NOT-FOR-US: IBM
-CVE-2017-1132
-	RESERVED
-CVE-2017-1131
-	RESERVED
+CVE-2017-1132 (IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to ...)
+	TODO: check
+CVE-2017-1131 (IBM Sterling B2B Integrator Standard Edition 5.2 could allow an ...)
+	TODO: check
 CVE-2017-1130
 	RESERVED
 CVE-2017-1129
@@ -40326,8 +40329,8 @@
 	RESERVED
 CVE-2016-5894 (IBM WebSphere Commerce Enterprise, Professional, Express, and ...)
 	NOT-FOR-US: IBM
-CVE-2016-5893
-	RESERVED
+CVE-2016-5893 (IBM Sterling B2B Integrator Standard Edition 5.2 allows web pages to ...)
+	TODO: check
 CVE-2016-5892 (Cross-site scripting (XSS) vulnerability in IBM 10x, as used in ...)
 	NOT-FOR-US: IBM
 CVE-2016-5891

More information about the Secure-testing-commits mailing list