[Secure-testing-commits] r56296 - data/CVE

Sat Sep 30 21:10:14 UTC 2017

Author: sectracker
Date: 2017-09-30 21:10:14 +0000 (Sat, 30 Sep 2017)
New Revision: 56296

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-09-30 20:31:57 UTC (rev 56295)
+++ data/CVE/list	2017-09-30 21:10:14 UTC (rev 56296)
@@ -777,6 +777,7 @@
 	- sam2p <removed> (bug #876744)
 	NOTE: https://github.com/pts/sam2p/issues/14 (bug 4)
 CVE-2017-14635 (In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before ...)
+	{DLA-1119-1}
 	- otrs2 5.0.23-1 (bug #876462)
 	NOTE: https://github.com/OTRS/otrs/commit/a4093dc404fcbd87b235b31c72913141672f2a85 (rel-5_0)
 	NOTE: https://github.com/OTRS/otrs/commit/00bcc89dc2443b5d8b34a0908e224373926aa618 (rel-5_0)
@@ -2424,7 +2425,7 @@
 	NOTE: https://bugs.ruby-lang.org/issues/13853
 	NOTE: https://github.com/flori/json/commit/8f782fd8e181d9cfe9387ded43a5ca9692266b85
 CVE-2017-14062 (Integer overflow in the decode_digit function in puny_decode.c in ...)
-	{DLA-1085-1 DLA-1084-1}
+	{DSA-3988-1 DLA-1085-1 DLA-1084-1}
 	- libidn2-0 2.0.2-4 (bug #873902)
 	- libidn 1.33-2 (bug #873903)
 	NOTE: https://gitlab.com/libidn/libidn2/commit/3284eb342cd0ed1a18786e3fcdf0cdd7e76676bd
@@ -20134,14 +20135,14 @@
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7825
 CVE-2017-7824
 	RESERVED
-	{DSA-3987-1}
+	{DSA-3987-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7824
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7824
 CVE-2017-7823
 	RESERVED
-	{DSA-3987-1}
+	{DSA-3987-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7823
@@ -20160,14 +20161,14 @@
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7820
 CVE-2017-7819
 	RESERVED
-	{DSA-3987-1}
+	{DSA-3987-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7819
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7819
 CVE-2017-7818
 	RESERVED
-	{DSA-3987-1}
+	{DSA-3987-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7818
@@ -20186,7 +20187,7 @@
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7815
 CVE-2017-7814
 	RESERVED
-	{DSA-3987-1}
+	{DSA-3987-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7814
@@ -20205,7 +20206,7 @@
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7811
 CVE-2017-7810
 	RESERVED
-	{DSA-3987-1}
+	{DSA-3987-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7810
@@ -20230,7 +20231,7 @@
 	- firefox 55.0-1
 CVE-2017-7805
 	RESERVED
-	{DSA-3987-1}
+	{DSA-3987-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7805
@@ -20285,7 +20286,7 @@
 	- firefox 55.0-1
 CVE-2017-7793
 	RESERVED
-	{DSA-3987-1}
+	{DSA-3987-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7793
@@ -117395,10 +117396,12 @@
 CVE-2014-2555
 	RESERVED
 CVE-2014-2554 (OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 ...)
+	{DLA-1119-1}
 	- otrs2 3.3.6-1
 	[squeeze] - otrs2 <no-dsa> (Minor issue)
 	NOTE: https://www.otrs.com/security-advisory-2014-05-clickjacking-issue/
 CVE-2014-2553 (Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...)
+	{DLA-1119-1}
 	- otrs2 3.3.6-1
 	[squeeze] - otrs2 <no-dsa> (Minor issue)
 CVE-2014-2552
@@ -119918,6 +119921,7 @@
 CVE-2014-1696 (Siemens SIMATIC WinCC OA before 3.12 P002 January uses a weak hash ...)
 	NOT-FOR-US: Siemens SIMATIC WinCC OA
 CVE-2014-1695 (Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...)
+	{DLA-1119-1}
 	- otrs2 3.3.5-1
 	[squeeze] - otrs2 <no-dsa> (Minor issue)
 	NOTE: https://www.otrs.com/security-advisory-2014-03-xss-issue/


