[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Sat Mar 3 09:10:22 UTC 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ee853802 by security tracker role at 2018-03-03T09:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -26430,6 +26430,7 @@ CVE-2017-15133 (A denial of service flaw was found in miekg-dns before 1.0.4. A 
 	NOTE: https://github.com/miekg/dns/issues/627
 	NOTE: https://github.com/miekg/dns/pull/631
 CVE-2017-15132 (A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of ...)
+	{DSA-4130-1}
 	- dovecot 1:2.2.34-1 (bug #888432)
 	NOTE: Fixed by: https://github.com/dovecot/core/commit/1a29ed2f96da1be22fa5a4d96c7583aa81b8b060.patch
 	NOTE: Regression fix needed on top: https://github.com/dovecot/core/commit/a9b135760aea6d1790d447d351c56b78889dac22
@@ -26447,6 +26448,7 @@ CVE-2017-15131 (It was found that system umask policy is not being honored when 
 	NOTE: Enforcements can be achieved e.g. by using pam_umask.
 	NOTE: http://bugs.freedesktop.org/show_bug.cgi?id=102303
 CVE-2017-15130 (A denial of service flaw was found in dovecot before 2.2.34. An ...)
+	{DSA-4130-1}
 	- dovecot 1:2.2.34-1 (bug #891820)
 	NOTE: https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
 	NOTE: https://github.com/dovecot/core/commit/22311315b9f780211329c1522eb5aaa4faaa9391
@@ -28711,6 +28713,7 @@ CVE-2017-14463
 CVE-2017-14462
 	RESERVED
 CVE-2017-14461 (A specially crafted email delivered over SMTP and passed on to Dovecot ...)
+	{DSA-4130-1}
 	- dovecot 1:2.2.34-1 (bug #891819)
 	NOTE: https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
 	NOTE: https://github.com/dovecot/core/commit/30dc856f7b97b75b0e0d69f5003d5d99a13249b4
@@ -67215,7 +67218,7 @@ CVE-2017-1656
 	RESERVED
 CVE-2017-1655
 	RESERVED
-CVE-2017-1654 (IBM Spectrum Scale 4.1.1 and 4.2,0 - 4.2.3 could allow a local ...)
+CVE-2017-1654 (IBM Spectrum Scale 4.1.1 and 4.2.0 - 4.2.3 could allow a local ...)
 	TODO: check
 CVE-2017-1653 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management ...)
 	NOT-FOR-US: IBM Jazz Foundation
@@ -104222,20 +104225,20 @@ CVE-2015-7969 (Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest 
 	NOTE: http://xenbits.xen.org/xsa/advisory-151.html
 CVE-2015-7968
 	RESERVED
-CVE-2015-7967
-	RESERVED
-CVE-2015-7966
-	RESERVED
-CVE-2015-7965
-	RESERVED
-CVE-2015-7964
-	RESERVED
-CVE-2015-7963
-	RESERVED
-CVE-2015-7962
-	RESERVED
-CVE-2015-7961
-	RESERVED
+CVE-2015-7967 (SafeNet Authentication Service for Citrix Web Interface Agent uses a ...)
+	TODO: check
+CVE-2015-7966 (SafeNet Authentication Service Windows Logon Agent uses a weak ACL for ...)
+	TODO: check
+CVE-2015-7965 (SafeNet Authentication Service Windows Logon Agent uses a weak ACL for ...)
+	TODO: check
+CVE-2015-7964 (SafeNet Authentication Service for NPS Agent uses a weak ACL for ...)
+	TODO: check
+CVE-2015-7963 (SafeNet Authentication Service for AD FS Agent uses a weak ACL for ...)
+	TODO: check
+CVE-2015-7962 (SafeNet Authentication Service for Outlook Web App Agent uses a weak ...)
+	TODO: check
+CVE-2015-7961 (SafeNet Authentication Service Remote Web Workplace Agent uses a weak ...)
+	TODO: check
 CVE-2015-7960
 	REJECTED
 CVE-2015-7959
@@ -105360,12 +105363,12 @@ CVE-2015-7600 (Cisco VPN Client 5.x through 5.0.07.0440 uses weak permissions fo
 	NOT-FOR-US: Cisco VPN Client
 CVE-2015-7599 (Integer overflow in the _authenticate function in svc_auth.c in Wind ...)
 	NOT-FOR-US: Wind River VxWorks
-CVE-2015-7598
-	RESERVED
-CVE-2015-7597
-	RESERVED
-CVE-2015-7596
-	RESERVED
+CVE-2015-7598 (SafeNet Authentication Service TokenValidator Proxy Agent uses a weak ...)
+	TODO: check
+CVE-2015-7597 (SafeNet Authentication Service IIS Agent uses a weak ACL for ...)
+	TODO: check
+CVE-2015-7596 (SafeNet Authentication Service End User Software Tools for Windows ...)
+	TODO: check
 CVE-2015-7595
 	REJECTED
 CVE-2015-7594



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ee8538023be193789f1e59f56223f15f716d202d

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ee8538023be193789f1e59f56223f15f716d202d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180303/9ed9b2b3/attachment-0001.html>
