[Secure-testing-commits] r51470 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-05-10 05:16:05 +0000 (Wed, 10 May 2017)
New Revision: 51470

Modified:
   data/CVE/list
Log:
Add new postgresql issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-05-10 04:41:23 UTC (rev 51469)
+++ data/CVE/list	2017-05-10 05:16:05 UTC (rev 51470)
@@ -3579,12 +3579,29 @@
 	RESERVED
 CVE-2017-7487
 	RESERVED
-CVE-2017-7486
+CVE-2017-7486 [Restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options]
 	RESERVED
-CVE-2017-7485
+	- postgresql-9.6 <unfixed>
+	- postgresql-9.4 <removed>
+	- postgresql-9.1 <removed>
+	- postgresql-8.4 <removed>
+	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=c928addfccd7f9905472dddd94e9cd10bc3f6808
+CVE-2017-7485 [Restore libpq's recognition of the PGREQUIRESSL environment variable]
 	RESERVED
-CVE-2017-7484
+	- postgresql-9.6 <unfixed>
+	- postgresql-9.4 <removed>
+	- postgresql-9.1 <removed>
+	- postgresql-8.4 <removed>
+	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=aafbd1df969135c185947c596c46608fc9f4a67c
+CVE-2017-7484 [Prevent exposure of statistical information via leaky operators]
 	RESERVED
+	- postgresql-9.6 <unfixed>
+	- postgresql-9.4 <removed>
+	- postgresql-9.1 <removed>
+	- postgresql-8.4 <removed>
+	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=c33c42362256382ed398df9dcda559cd547c68a7
+	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=cad15943225adbcadea51602b38b04d71d1183d2
+	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=935e77d527a018b652f247c7374c558871210db6
 CVE-2017-7483 (Rxvt 2.7.10 is vulnerable to a denial of service attack by passing the ...)
 	- rxvt <unfixed> (bug #861694)
 	[jessie] - rxvt <no-dsa> (Minor issue)