[Secure-testing-commits] r51350 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Fri May 5 09:10:18 UTC 2017 

Author: sectracker
Date: 2017-05-05 09:10:17 +0000 (Fri, 05 May 2017)
New Revision: 51350

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-05-05 07:31:27 UTC (rev 51349)
+++ data/CVE/list	2017-05-05 09:10:17 UTC (rev 51350)
@@ -1,3 +1,31 @@
+CVE-2017-8796
+	RESERVED
+CVE-2017-8795
+	RESERVED
+CVE-2017-8794
+	RESERVED
+CVE-2017-8793
+	RESERVED
+CVE-2017-8792
+	RESERVED
+CVE-2017-8791
+	RESERVED
+CVE-2017-8790
+	RESERVED
+CVE-2017-8789
+	RESERVED
+CVE-2017-8788
+	RESERVED
+CVE-2017-8787 (The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in ...)
+	TODO: check
+CVE-2017-8786 (pcre2test.c in PCRE2 10.23 allows remote attackers to cause a denial of ...)
+	TODO: check
+CVE-2017-8785
+	RESERVED
+CVE-2017-8784
+	RESERVED
+CVE-2017-8783
+	RESERVED
 CVE-2017-8782
 	RESERVED
 CVE-2017-8781
@@ -31,8 +59,8 @@
 	RESERVED
 CVE-2017-8769
 	RESERVED
-CVE-2017-8768
-	RESERVED
+CVE-2017-8768 (Atlassian SourceTree v2.5c and prior are affected by a command ...)
+	TODO: check
 CVE-2017-8767
 	RESERVED
 CVE-2017-8766
@@ -1707,12 +1735,12 @@
 	[jessie] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/67b0503db9c29b04eadfeede6bebbfe5ddad94ef
-CVE-2017-8060
-	RESERVED
-CVE-2017-8059
-	RESERVED
-CVE-2017-8058
-	RESERVED
+CVE-2017-8060 (Acceptance of invalid/self-signed TLS certificates in "Panda Mobile ...)
+	TODO: check
+CVE-2017-8059 (Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF ...)
+	TODO: check
+CVE-2017-8058 (Acceptance of invalid/self-signed TLS certificates in Atlassian HipChat ...)
+	TODO: check
 CVE-2017-8057 (In Joomla! 3.4.0 through 3.6.5 (fixed in 3.7.0), multiple files caused ...)
 	NOT-FOR-US: Joomla
 CVE-2017-8056 (WatchGuard Fireware v11.12.1 and earlier mishandles requests referring ...)
@@ -5910,8 +5938,8 @@
 	NOT-FOR-US: Agora-Project
 CVE-2017-6558 (iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n ...)
 	NOT-FOR-US: iball Baton
-CVE-2017-6557
-	RESERVED
+CVE-2017-6557 (SQL injection vulnerability in ArrayOS before AG 9.4.0.135, when the ...)
+	TODO: check
 CVE-2017-6556 (Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) ...)
 	NOT-FOR-US: CMS Made Simple
 CVE-2017-6555 (Cross-site scripting (XSS) vulnerability in /admin/moduleinterface.php ...)
@@ -7959,44 +7987,44 @@
 	[wheezy] - libarchive <no-dsa> (Minor issue, not reproducible in Debian)
 	NOTE: https://github.com/libarchive/libarchive/issues/842
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/42a3408ac7df1e69bea9ea12b72e14f59f7400c0 (v3.3.0)
-CVE-2017-5919
-	RESERVED
-CVE-2017-5918
-	RESERVED
+CVE-2017-5919 (The 21st Century Insurance app 10.0.0 for iOS does not verify X.509 ...)
+	TODO: check
+CVE-2017-5918 (The Banco de Costa Rica BCR Movil app 3.7 for iOS does not verify X.509 ...)
+	TODO: check
 CVE-2017-5917
-	RESERVED
-CVE-2017-5916
-	RESERVED
-CVE-2017-5915
-	RESERVED
-CVE-2017-5914
-	RESERVED
-CVE-2017-5913
-	RESERVED
-CVE-2017-5912
-	RESERVED
-CVE-2017-5911
-	RESERVED
+	REJECTED
+CVE-2017-5916 (The America's First Federal Credit Union (FCU) Mobile Banking app 3.1.0 ...)
+	TODO: check
+CVE-2017-5915 (The Emirates NBD Bank P.J.S.C Emirates NBD KSA app 3.10.0 through ...)
+	TODO: check
+CVE-2017-5914 (The DOT IT Banque Zitouna app 2.1 for iOS does not verify X.509 ...)
+	TODO: check
+CVE-2017-5913 (The TradeKing Forex for iPhone app 1.2.1 for iOS does not verify X.509 ...)
+	TODO: check
+CVE-2017-5912 (The FOREX.com FOREXTrader for iPhone app 2.9.12 through 2.9.14 for iOS ...)
+	TODO: check
+CVE-2017-5911 (The Banco Santander Mexico SA Supermovil app 3.5 through 3.7 for iOS ...)
+	TODO: check
 CVE-2017-5910
 	RESERVED
-CVE-2017-5909
-	RESERVED
+CVE-2017-5909 (The Electronic Funds Source (EFS) Mobile Driver Source app 2.5 for iOS ...)
+	TODO: check
 CVE-2017-5908
-	RESERVED
-CVE-2017-5907
-	RESERVED
-CVE-2017-5906
-	RESERVED
-CVE-2017-5905
-	RESERVED
+	REJECTED
+CVE-2017-5907 (The Great Southern Bank Great Southern Mobile Banking app before 4.0.4 ...)
+	TODO: check
+CVE-2017-5906 (The Everyday Health Diabetes in Check: Blood Glucose & Carb Tracker app ...)
+	TODO: check
+CVE-2017-5905 (The Dollar Bank Mobile app 2.6.3 for iOS does not verify X.509 ...)
+	TODO: check
 CVE-2017-5904
 	RESERVED
 CVE-2017-5903
 	RESERVED
-CVE-2017-5902
-	RESERVED
-CVE-2017-5901
-	RESERVED
+CVE-2017-5902 (The PayQuicker app 1.0.0 for iOS does not verify X.509 certificates ...)
+	TODO: check
+CVE-2017-5901 (The State Bank of India State Bank Anywhere app 5.1.0 for iOS does not ...)
+	TODO: check
 CVE-2017-5900 (Cross-site scripting (XSS) vulnerability in the NetComm NB16WV-02 ...)
 	NOT-FOR-US: NetComm
 CVE-2017-5896 (Heap-based buffer overflow in the fz_subsample_pixmap function in ...)
@@ -15990,10 +16018,10 @@
 	RESERVED
 CVE-2017-3214
 	RESERVED
-CVE-2017-3213
-	RESERVED
-CVE-2017-3212
-	RESERVED
+CVE-2017-3213 (The Think Mutual Bank Mobile Banking app 3.1.5 for iOS does not verify ...)
+	TODO: check
+CVE-2017-3212 (The Space Coast Credit Union Mobile app 2.2 for iOS and 2.1.0.1104 for ...)
+	TODO: check
 CVE-2017-3211
 	RESERVED
 CVE-2017-3210

More information about the Secure-testing-commits mailing list