[Secure-testing-commits] r49335 - data/CVE

Wed Mar 1 09:10:13 UTC 2017

Author: sectracker
Date: 2017-03-01 09:10:13 +0000 (Wed, 01 Mar 2017)
New Revision: 49335

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-03-01 07:34:03 UTC (rev 49334)
+++ data/CVE/list	2017-03-01 09:10:13 UTC (rev 49335)
@@ -1,3 +1,31 @@
+CVE-2017-6412
+	RESERVED
+CVE-2017-6411
+	RESERVED
+CVE-2017-6410
+	RESERVED
+CVE-2017-6409
+	RESERVED
+CVE-2017-6408
+	RESERVED
+CVE-2017-6407
+	RESERVED
+CVE-2017-6406
+	RESERVED
+CVE-2017-6405
+	RESERVED
+CVE-2017-6404
+	RESERVED
+CVE-2017-6403
+	RESERVED
+CVE-2017-6402
+	RESERVED
+CVE-2017-6401
+	RESERVED
+CVE-2017-6400
+	RESERVED
+CVE-2017-6399
+	RESERVED
 CVE-2017-6398
 	RESERVED
 CVE-2017-6397
@@ -251,22 +279,22 @@
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=778204
 	NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
 CVE-2017-6310 (An issue was discovered in tnef before 1.4.13. Four type confusions ...)
-	{DLA-839-1}
+	{DSA-3798-1 DLA-839-1}
 	- tnef <unfixed> (bug #856117)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
 	NOTE: Fixed by: https://github.com/verdammelt/tnef/commit/8dccf79857ceeb7a6d3e42c1e762e7b865d5344d
 CVE-2017-6309 (An issue was discovered in tnef before 1.4.13. Two type confusions have ...)
-	{DLA-839-1}
+	{DSA-3798-1 DLA-839-1}
 	- tnef <unfixed> (bug #856117)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
 	NOTE: Fixed by: https://github.com/verdammelt/tnef/commit/8dccf79857ceeb7a6d3e42c1e762e7b865d5344d
 CVE-2017-6308 (An issue was discovered in tnef before 1.4.13. Several Integer ...)
-	{DLA-839-1}
+	{DSA-3798-1 DLA-839-1}
 	- tnef <unfixed> (bug #856117)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
 	NOTE: Fixed by: https://github.com/verdammelt/tnef/commit/c5044689e50039635e7700fe2472fd632ac77176
 CVE-2017-6307 (An issue was discovered in tnef before 1.4.13. Two OOB Writes have been ...)
-	{DLA-839-1}
+	{DSA-3798-1 DLA-839-1}
 	- tnef <unfixed> (bug #856117)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
 	NOTE: Fixed by: https://github.com/verdammelt/tnef/commit/1a17af1ed0c791aec44dbdc9eab91218cc1e335a
@@ -726,6 +754,7 @@
 CVE-2017-6102
 	RESERVED
 CVE-2017-6384 [atheme: memory leak could lead to DOS]
+	RESERVED
 	- atheme-services 7.2.9-1 (bug #855588)
 	[jessie] - atheme-services <not-affected> (versions prior to 7.2.7 not vulnerable)
 	NOTE: 7.2.7 vulnerable, fixed in 7.2.8, but the fix introduced another DOS, fixed in 7.2.9
@@ -987,6 +1016,7 @@
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=6eb13f7a2dcf391ec9e19b4c2a79e68305f63c22 (0.6.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1422438
 CVE-2017-5991 (An issue was discovered in Artifex Software, Inc. MuPDF before ...)
+	{DSA-3797-1}
 	- mupdf 1.9a+ds1-4 (low)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697500
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=1912de5f08e90af1d9d0a9791f58ba3afdb9d465
@@ -1290,6 +1320,7 @@
 CVE-2017-5900
 	RESERVED
 CVE-2017-5896 (Heap-based buffer overflow in the fz_subsample_pixmap function in ...)
+	{DSA-3797-1}
 	- mupdf 1.9a+ds1-3 (bug #854734)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697515
@@ -9046,7 +9077,7 @@
 	RESERVED
 CVE-2017-3135 [Assertion failure when using DNS64 and RPZ can lead to crash]
 	RESERVED
-	{DSA-3795-1}
+	{DSA-3795-1 DLA-843-1}
 	- bind9 1:9.10.3.dfsg.P4-12 (bug #855520)
 	NOTE: https://kb.isc.org/article/AA-01453
 	NOTE: Patch for 9.9.9-P6: ftp://ftp.isc.org/isc/bind9/9.9.9-P6/patches/rt44434
@@ -18850,6 +18881,7 @@
 	NOTE: Fixed by: https://github.com/libav/libav/commit/e5b019725f53b79159931d3a7317107cbbfd0860
 	NOTE: Cf. CVE-2016-8676 as well which remain unfixed after e5b019725f53b79159931d3a7317107cbbfd0860
 CVE-2016-8674 (The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows ...)
+	{DSA-3797-1}
 	- mupdf 1.9a+ds1-2 (bug #840957)
 	[wheezy] - mupdf <not-affected> (Crash is not reproducible with reprocuder. Needs clarification from upstream.)
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=1e03c06456d997435019fb3526fa2d4be7dbc6ec
@@ -39269,6 +39301,7 @@
 CVE-2016-2400
 	RESERVED
 CVE-2016-2399 (Integer overflow in the quicktime_read_pascal function in libquicktime ...)
+	{DLA-844-1}
 	- libquicktime 2:1.2.4-10 (bug #855099)
 	NOTE: PoC: http://www.nemux.org/2016/02/23/libquicktime-1-2-4/
 CVE-2016-2398 (Comcast XFINITY Home Security System does not properly maintain ...)


