[Secure-testing-commits] r57382 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Mon Nov 6 21:10:16 UTC 2017 

Author: sectracker
Date: 2017-11-06 21:10:16 +0000 (Mon, 06 Nov 2017)
New Revision: 57382

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-06 20:53:43 UTC (rev 57381)
+++ data/CVE/list	2017-11-06 21:10:16 UTC (rev 57382)
@@ -1,3 +1,127 @@
+CVE-2017-16632
+	RESERVED
+CVE-2017-16631
+	RESERVED
+CVE-2017-16630
+	RESERVED
+CVE-2017-16629
+	RESERVED
+CVE-2017-16628
+	RESERVED
+CVE-2017-16627
+	RESERVED
+CVE-2017-16626
+	RESERVED
+CVE-2017-16625
+	RESERVED
+CVE-2017-16624
+	RESERVED
+CVE-2017-16623
+	RESERVED
+CVE-2017-16622
+	RESERVED
+CVE-2017-16621
+	RESERVED
+CVE-2017-16620
+	RESERVED
+CVE-2017-16619
+	RESERVED
+CVE-2017-16618
+	RESERVED
+CVE-2017-16617
+	RESERVED
+CVE-2017-16616
+	RESERVED
+CVE-2017-16615
+	RESERVED
+CVE-2017-16614
+	RESERVED
+CVE-2017-16613
+	RESERVED
+CVE-2017-16612
+	RESERVED
+CVE-2017-16611
+	RESERVED
+CVE-2017-16610
+	RESERVED
+CVE-2017-16609
+	RESERVED
+CVE-2017-16608
+	RESERVED
+CVE-2017-16607
+	RESERVED
+CVE-2017-16606
+	RESERVED
+CVE-2017-16605
+	RESERVED
+CVE-2017-16604
+	RESERVED
+CVE-2017-16603
+	RESERVED
+CVE-2017-16602
+	RESERVED
+CVE-2017-16601
+	RESERVED
+CVE-2017-16600
+	RESERVED
+CVE-2017-16599
+	RESERVED
+CVE-2017-16598
+	RESERVED
+CVE-2017-16597
+	RESERVED
+CVE-2017-16596
+	RESERVED
+CVE-2017-16595
+	RESERVED
+CVE-2017-16594
+	RESERVED
+CVE-2017-16593
+	RESERVED
+CVE-2017-16592
+	RESERVED
+CVE-2017-16591
+	RESERVED
+CVE-2017-16590
+	RESERVED
+CVE-2017-16589
+	RESERVED
+CVE-2017-16588
+	RESERVED
+CVE-2017-16587
+	RESERVED
+CVE-2017-16586
+	RESERVED
+CVE-2017-16585
+	RESERVED
+CVE-2017-16584
+	RESERVED
+CVE-2017-16583
+	RESERVED
+CVE-2017-16582
+	RESERVED
+CVE-2017-16581
+	RESERVED
+CVE-2017-16580
+	RESERVED
+CVE-2017-16579
+	RESERVED
+CVE-2017-16578
+	RESERVED
+CVE-2017-16577
+	RESERVED
+CVE-2017-16576
+	RESERVED
+CVE-2017-16575
+	RESERVED
+CVE-2017-16574
+	RESERVED
+CVE-2017-16573
+	RESERVED
+CVE-2017-16572
+	RESERVED
+CVE-2017-16571
+	RESERVED
 CVE-2017-16570 (KeystoneJS before 4.0.0-beta.7 allows application-wide CSRF bypass by ...)
 	NOT-FOR-US: KeystoneJS
 CVE-2017-16569 (An Open URL Redirect issue exists in Zurmo 3.2.1.57987acc3018 via an ...)
@@ -1292,8 +1416,8 @@
 	RESERVED
 CVE-2017-16002
 	RESERVED
-CVE-2017-16001
-	RESERVED
+CVE-2017-16001 (In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) ...)
+	TODO: check
 CVE-2017-16000 (SQL injection vulnerability in the EyesOfNetwork web interface (aka ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2017-15999 (In the "NQ Contacts Backup & Restore" application 1.1 for Android, no ...)
@@ -2436,8 +2560,7 @@
 	RESERVED
 CVE-2017-15673
 	RESERVED
-CVE-2017-15672
-	RESERVED
+CVE-2017-15672 (The read_header function in libavcodec/ffv1dec.c in FFmpeg 3.3.4 and ...)
 	- ffmpeg <unfixed>
 	[stretch] - ffmpeg <postponed> (Wait until next round of security releases)
 	- libav <undetermined>
@@ -3303,8 +3426,7 @@
 	RESERVED
 CVE-2017-15307
 	RESERVED
-CVE-2017-15306 [KVM: PPC: Fix oops when checking KVM_CAP_PPC_HTM]
-	RESERVED
+CVE-2017-15306 (The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c ...)
 	- linux <unfixed>
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -11307,6 +11429,7 @@
 CVE-2017-12614
 	RESERVED
 CVE-2017-12613 (When apr_exp_time*() or apr_os_exp_time*() functions are invoked with ...)
+	{DLA-1162-1}
 	- apr 1.6.3-1 (low; bug #879708)
 	[stretch] - apr <no-dsa> (Minor issue)
 	[jessie] - apr <no-dsa> (Minor issue)
@@ -15205,8 +15328,8 @@
 	NOT-FOR-US: FineCMS
 CVE-2017-11178 (In FineCMS through 2017-07-11, application/core/controller/style.php ...)
 	NOT-FOR-US: FineCMS
-CVE-2017-11177
-	RESERVED
+CVE-2017-11177 (TRITON AP-EMAIL 8.2 before 8.2 IB does not properly restrict file ...)
+	TODO: check
 CVE-2017-11176 (The mq_notify function in the Linux kernel through 4.11.9 does not set ...)
 	{DSA-3945-1 DSA-3927-1 DLA-1099-1}
 	- linux 4.11.11-1
@@ -26723,8 +26846,8 @@
 	RESERVED
 CVE-2017-7426
 	RESERVED
-CVE-2017-7425
-	RESERVED
+CVE-2017-7425 (Multiple potential reflected XSS issues exist in NetIQ iManager ...)
+	TODO: check
 CVE-2017-7424 (A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro Focus ...)
 	NOT-FOR-US: Micro Focus
 CVE-2017-7423 (A Cross-Site Request Forgery (CWE-352) vulnerability in esfadmingui in ...)
@@ -80803,8 +80926,7 @@
 	NOT-FOR-US: Entity Registration module for Drupal
 CVE-2015-7879 (Cross-site scripting (XSS) vulnerability in the Stickynote module 7.x ...)
 	NOT-FOR-US: Stickynote module for Drupal
-CVE-2015-7878
-	RESERVED
+CVE-2015-7878 (Cross-site scripting (XSS) vulnerability in the Taxonomy Find module ...)
 	NOT-FOR-US: Taxonomy Find module for Drupal
 CVE-2015-7877 (Multiple SQL injection vulnerabilities in the User Dashboard module ...)
 	NOT-FOR-US: User Dashboard module for Drupal
@@ -81980,8 +82102,7 @@
 	REJECTED
 CVE-2015-7530
 	REJECTED
-CVE-2015-7529 [Usage of predictable temporary files allows privilege escalation]
-	RESERVED
+CVE-2015-7529 (sosreport in SoS 3.x allows local users to obtain sensitive ...)
 	- sosreport 3.2+git276-g7da50d6-3 (unimportant)
 	NOTE: Neutralised by kernel hardening
 CVE-2015-7528 (Kubernetes before 1.2.0-alpha.5 allows remote attackers to read ...)

More information about the Secure-testing-commits mailing list