[Secure-testing-commits] r57614 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Tue Nov 14 09:10:13 UTC 2017 

Author: sectracker
Date: 2017-11-14 09:10:13 +0000 (Tue, 14 Nov 2017)
New Revision: 57614

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-14 08:26:59 UTC (rev 57613)
+++ data/CVE/list	2017-11-14 09:10:13 UTC (rev 57614)
@@ -1,3 +1,23 @@
+CVE-2017-16814
+	RESERVED
+CVE-2017-16813
+	RESERVED
+CVE-2017-16812
+	RESERVED
+CVE-2017-16811
+	RESERVED
+CVE-2017-16810 (Cross-site scripting (XSS) vulnerability in the All Variables tab in ...)
+	TODO: check
+CVE-2017-16809
+	RESERVED
+CVE-2017-16808 (tcpdump 4.9.2 has a heap-based buffer over-read related to aoe_print in ...)
+	TODO: check
+CVE-2017-16807 (A cross-site Scripting (XSS) vulnerability in Kirby Panel before 2.3.3, ...)
+	TODO: check
+CVE-2017-16806 (The Process function in RemoteTaskServer/WebServer/HttpServer.cs in ...)
+	TODO: check
+CVE-2017-16805 (In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a ...)
+	TODO: check
 CVE-2017-16803 (In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree ...)
 	- libav <removed>
 	- ffmpeg <unfixed>
@@ -588,6 +608,7 @@
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=13112
 	NOTE: https://git.samba.org/rsync.git/?p=rsync.git;a=commit;h=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1
 CVE-2017-16547 (The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does ...)
+	{DLA-1170-1}
 	- graphicsmagick 1.3.26-18
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/785758bbbfcc
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/517/
@@ -2429,6 +2450,7 @@
 	RESERVED
 CVE-2017-15923 [Crash in parsing IRC color formatting codes]
 	RESERVED
+	{DSA-4033-1}
 	- konversation 1.7.3-1 (bug #881586)
 	NOTE: https://cgit.kde.org/konversation.git/commit/?h=1.7&id=6a7f59ee1b9dbc6e5cf9e5f3b306504d02b73ef0
 CVE-2017-15922 (In GNU Libextractor 1.4, there is an out-of-bounds read in the ...)
@@ -3283,10 +3305,10 @@
 	RESERVED
 CVE-2017-15527
 	RESERVED
-CVE-2017-15526
-	RESERVED
-CVE-2017-15525
-	RESERVED
+CVE-2017-15526 (Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be ...)
+	TODO: check
+CVE-2017-15525 (Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be ...)
+	TODO: check
 CVE-2017-15524
 	RESERVED
 CVE-2017-15523
@@ -9863,7 +9885,7 @@
 CVE-2017-13135
 	RESERVED
 CVE-2017-13134 (In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer ...)
-	{DSA-4032-1 DLA-1081-1}
+	{DSA-4032-1 DLA-1170-1 DLA-1081-1}
 	- imagemagick <unfixed> (bug #873099)
 	- graphicsmagick 1.3.26-19 (bug #881524)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/670
@@ -44315,8 +44337,8 @@
 	RESERVED
 CVE-2017-1711
 	RESERVED
-CVE-2017-1710
-	RESERVED
+CVE-2017-1710 (A vulnerability in the Service Assistant GUI in IBM Storwize V7000 ...)
+	TODO: check
 CVE-2017-1709
 	RESERVED
 CVE-2017-1708
@@ -44781,8 +44803,8 @@
 	RESERVED
 CVE-2017-1478
 	RESERVED
-CVE-2017-1477
-	RESERVED
+CVE-2017-1477 (IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML ...)
+	TODO: check
 CVE-2017-1476
 	RESERVED
 CVE-2017-1475
@@ -44829,8 +44851,8 @@
 	RESERVED
 CVE-2017-1454
 	RESERVED
-CVE-2017-1453
-	RESERVED
+CVE-2017-1453 (IBM Security Access Manager Appliance 9.0.3 could allow a remote ...)
+	TODO: check
 CVE-2017-1452 (IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 ...)
 	NOT-FOR-US: IBM
 CVE-2017-1451 (IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 ...)
@@ -45277,8 +45299,8 @@
 	RESERVED
 CVE-2017-1230 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) uses ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1229
-	RESERVED
+CVE-2017-1229 (IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) could allow a ...)
+	TODO: check
 CVE-2017-1228 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) could ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
 CVE-2017-1227 (IBM Tivoli Endpoint Manager could allow a unauthorized user to consume ...)
@@ -45293,8 +45315,8 @@
 	NOT-FOR-US: IBM
 CVE-2017-1222 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) does not ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1221
-	RESERVED
+CVE-2017-1221 (IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require ...)
+	TODO: check
 CVE-2017-1220 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
 CVE-2017-1219 (IBM Tivoli Endpoint Manager is vulnerable to a XML External Entity ...)
@@ -51369,8 +51391,7 @@
 	RESERVED
 	- glance <unfixed> (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/27/16
-CVE-2016-8610 [SSL/TLS SSL3_AL_WARNING undefined alert DoS]
-	RESERVED
+CVE-2016-8610 (A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 ...)
 	{DSA-3773-1 DLA-814-1}
 	- openssl 1.0.2j-1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/24/3

More information about the Secure-testing-commits mailing list