[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Nov 29 20:10:27 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cc21234f by security tracker role at 2018-11-29T20:10:19Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,65 @@
+CVE-2018-19697
+ RESERVED
+CVE-2018-19696
+ RESERVED
+CVE-2018-19695
+ RESERVED
+CVE-2018-19694
+ RESERVED
+CVE-2018-19693 (An issue was discovered in tp5cms through 2017-05-25. ...)
+ TODO: check
+CVE-2018-19692 (An issue was discovered in tp5cms through 2017-05-25. ...)
+ TODO: check
+CVE-2018-19691
+ RESERVED
+CVE-2018-19690
+ RESERVED
+CVE-2018-19689
+ RESERVED
+CVE-2018-19688
+ RESERVED
+CVE-2018-19687
+ RESERVED
+CVE-2018-19686
+ RESERVED
+CVE-2018-19685
+ RESERVED
+CVE-2018-19684
+ RESERVED
+CVE-2018-19683
+ RESERVED
+CVE-2018-19682
+ RESERVED
+CVE-2018-19681
+ RESERVED
+CVE-2018-19680
+ RESERVED
+CVE-2018-19679
+ RESERVED
+CVE-2018-19678
+ RESERVED
+CVE-2018-19677
+ RESERVED
+CVE-2018-19676
+ RESERVED
+CVE-2018-19675
+ RESERVED
+CVE-2018-19674
+ RESERVED
+CVE-2018-19673
+ RESERVED
+CVE-2018-19672
+ RESERVED
+CVE-2018-19671
+ RESERVED
+CVE-2018-19670
+ RESERVED
+CVE-2018-19669
+ RESERVED
+CVE-2018-19668
+ RESERVED
+CVE-2018-19667
+ RESERVED
CVE-2018-19666 (The agent in OSSEC through 3.1.0 on Windows allows local users to gain ...)
- ossec-hids <itp> (bug #361954)
CVE-2018-19665
@@ -5421,8 +5483,7 @@ CVE-2018-18651 (An issue was discovered in Xpdf 4.00. catalog->getNumPages()
- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
CVE-2018-18650 (An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc ...)
- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
-CVE-2018-18649 [RCE in Gitlab Wiki API]
- RESERVED
+CVE-2018-18649 (An issue was discovered in the wiki API in GitLab Community and ...)
- gitlab <not-affected> (Only affects 11.3 and later)
NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
CVE-2018-18648 [Information exposure through stack trace error message]
@@ -7281,14 +7342,14 @@ CVE-2018-17965 (ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGI
CVE-2018-17964 (Aryanic HighPortal 12.5 has XSS via an Add Tags action. ...)
NOT-FOR-US: Aryanic HighPortal
CVE-2018-17963 (qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes ...)
- {DSA-4338-1}
+ {DSA-4338-1 DLA-1599-1}
- qemu <unfixed> (bug #911469)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html
NOTE: https://www.openwall.com/lists/oss-security/2018/10/08/1
NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=1592a9947036d60dde5404204a5d45975133caf5
CVE-2018-17962 (Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because ...)
- {DSA-4338-1}
+ {DSA-4338-1 DLA-1599-1}
- qemu <unfixed> (bug #911468)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03268.html
@@ -9855,8 +9916,7 @@ CVE-2018-16861
- foreman <itp> (bug #663101)
CVE-2018-16860
RESERVED
-CVE-2018-16859 [become password logged in plaintext when used with PowerShell on Windows]
- RESERVED
+CVE-2018-16859 (Execution of Ansible playbooks on Windows platforms with PowerShell ...)
- ansible <not-affected> (Only issue when executing Ansible playbooks on Windows platforms)
CVE-2018-16858
RESERVED
@@ -10454,7 +10514,7 @@ CVE-2018-16647 (In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in ...)
[jessie] - mupdf <ignored> (Minor issue)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699686
CVE-2018-16646 (In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause ...)
- {DLA-1562-1}
+ {DLA-1562-2 DLA-1562-1}
- poppler <unfixed> (low; bug #909802)
[stretch] - poppler <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1622951
@@ -15514,8 +15574,7 @@ CVE-2018-14627 (The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does
- wildfly <itp> (bug #752018)
NOTE: https://issues.jboss.org/browse/WFLY-9107
NOTE: https://github.com/wildfly/wildfly/pull/10675
-CVE-2018-14626 [Packet cache pollution via crafted query]
- RESERVED
+CVE-2018-14626 (PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS ...)
- pdns 4.1.5-1 (bug #913163)
[stretch] - pdns <not-affected> (Vulnerable code present only in >= 4.1.0)
[jessie] - pdns <not-affected> (Vulnerable code not present)
@@ -21786,8 +21845,8 @@ CVE-2018-12247 (An issue was discovered in mruby 1.4.1. There is a NULL pointer
NOTE: https://github.com/mruby/mruby/issues/4036
CVE-2018-12246 (Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a ...)
NOT-FOR-US: Symantec
-CVE-2018-12245
- RESERVED
+CVE-2018-12245 (Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a ...)
+ TODO: check
CVE-2018-12244
RESERVED
CVE-2018-12243 (The Symantec Messaging Gateway product prior to 10.6.6 may be ...)
@@ -21798,10 +21857,10 @@ CVE-2018-12241 (The Symantec Security Analytics (SA) 7.x prior to 7.3.4 Web UI i
NOT-FOR-US: Symantec
CVE-2018-12240 (The Norton Identity Safe product prior to 5.3.0.976 may be susceptible ...)
NOT-FOR-US: Norton
-CVE-2018-12239
- RESERVED
-CVE-2018-12238
- RESERVED
+CVE-2018-12239 (Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to ...)
+ TODO: check
+CVE-2018-12238 (Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to ...)
+ TODO: check
CVE-2018-12237
RESERVED
CVE-2018-12236
@@ -25055,8 +25114,8 @@ CVE-2018-11004 (An issue was discovered in SDcms v1.5. Cross-site request forger
NOT-FOR-US: SDcms
CVE-2018-11003 (An issue was discovered in YXcms 1.4.7. Cross-site request forgery ...)
NOT-FOR-US: YXcms
-CVE-2018-11002
- RESERVED
+CVE-2018-11002 (Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on ...)
+ TODO: check
CVE-2018-11001
RESERVED
CVE-2018-11000
@@ -25645,8 +25704,7 @@ CVE-2018-10852 (The UNIX pipe which sudo uses to contact SSSD and read the avail
{DLA-1429-1}
- sssd <unfixed> (bug #902860)
NOTE: https://pagure.io/SSSD/sssd/issue/3766
-CVE-2018-10851 [Crafted answer can cause a denial of service]
- RESERVED
+CVE-2018-10851 (PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and ...)
- pdns 4.1.5-1 (bug #913163)
[stretch] - pdns <no-dsa> (Minor issue; will be fixed via point release)
[jessie] - pdns <ignored> (Minor issue)
@@ -25726,7 +25784,7 @@ CVE-2018-10840 (Linux kernel is vulnerable to a heap-based buffer overflow in th
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199347
NOTE: Fixed by: https://git.kernel.org/linus/8a2b307c21d4b290e3cbe33f768f194286d07c23
CVE-2018-10839 (Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is ...)
- {DSA-4338-1}
+ {DSA-4338-1 DLA-1599-1}
- qemu <unfixed> (bug #910431)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03273.html
@@ -30949,18 +31007,18 @@ CVE-2018-8791
RESERVED
CVE-2018-8790
RESERVED
-CVE-2018-8789
- RESERVED
-CVE-2018-8788
- RESERVED
-CVE-2018-8787
- RESERVED
-CVE-2018-8786
- RESERVED
-CVE-2018-8785
- RESERVED
-CVE-2018-8784
- RESERVED
+CVE-2018-8789 (FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds ...)
+ TODO: check
+CVE-2018-8788 (FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of ...)
+ TODO: check
+CVE-2018-8787 (FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that ...)
+ TODO: check
+CVE-2018-8786 (FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that ...)
+ TODO: check
+CVE-2018-8785 (FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer ...)
+ TODO: check
+CVE-2018-8784 (FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer ...)
+ TODO: check
CVE-2018-8783
RESERVED
CVE-2018-8782
@@ -51182,8 +51240,8 @@ CVE-2018-1764
RESERVED
CVE-2018-1763
RESERVED
-CVE-2018-1762
- RESERVED
+CVE-2018-1762 (IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and ...)
+ TODO: check
CVE-2018-1761
RESERVED
CVE-2018-1760
@@ -64930,18 +64988,21 @@ CVE-2017-14504 (ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not e
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/465/
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/466/
CVE-2017-14503 (libarchive 3.3.2 suffers from an out-of-bounds read within ...)
+ {DLA-1600-1}
- libarchive 3.2.2-4.1 (bug #875960)
[stretch] - libarchive <no-dsa> (Minor issue)
[wheezy] - libarchive <no-dsa> (Minor issue)
NOTE: https://github.com/libarchive/libarchive/issues/948
NOTE: https://github.com/libarchive/libarchive/commit/2c8c83b9731ff822fad6cc8c670ea5519c366a14
CVE-2017-14502 (read_header in archive_read_support_format_rar.c in libarchive 3.3.2 ...)
+ {DLA-1600-1}
- libarchive 3.2.2-4.1 (bug #875974)
[stretch] - libarchive <no-dsa> (Minor issue)
[wheezy] - libarchive <no-dsa> (Minor issue)
NOTE: https://github.com/libarchive/libarchive/commit/5562545b5562f6d12a4ef991fae158bf4ccf92b6
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=573
CVE-2017-14501 (An out-of-bounds read flaw exists in parse_file_info in ...)
+ {DLA-1600-1}
- libarchive 3.2.2-4.2 (bug #875966)
[stretch] - libarchive <no-dsa> (Minor issue)
[wheezy] - libarchive <no-dsa> (Minor issue)
@@ -65952,7 +66013,7 @@ CVE-2017-14162
CVE-2017-14161
RESERVED
CVE-2017-14166 (libarchive 3.3.2 allows remote attackers to cause a denial of service ...)
- {DLA-1092-1}
+ {DLA-1600-1 DLA-1092-1}
- libarchive 3.2.2-3.1 (bug #874539)
[stretch] - libarchive <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2017/09/06/5
@@ -76527,7 +76588,7 @@ CVE-2017-9998 (The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwar
CVE-2017-9997
RESERVED
CVE-2017-10664 (qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which ...)
- {DSA-3920-1 DLA-1071-1 DLA-1070-1}
+ {DSA-3920-1 DLA-1599-1 DLA-1071-1 DLA-1070-1}
- qemu 1:2.8+dfsg-7 (bug #866674)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02693.html
@@ -83473,13 +83534,13 @@ CVE-2016-10351 (Telegram Desktop 0.10.19 uses 0755 permissions for ...)
- telegram-desktop 1.1.19-2
NOTE: https://github.com/telegramdesktop/tdesktop/issues/2666
CVE-2016-10350 (The archive_read_format_cab_read_header function in ...)
- {DLA-1006-1}
+ {DLA-1600-1 DLA-1006-1}
- libarchive 3.2.2-3.1 (bug #861609)
[stretch] - libarchive <no-dsa> (Minor issue)
NOTE: https://github.com/libarchive/libarchive/issues/835
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/88eb9e1d73fef46f04677c25b1697b8e25777ed3 (v3.3.0)
CVE-2016-10349 (The archive_le32dec function in archive_endian.h in libarchive 3.2.2 ...)
- {DLA-1006-1}
+ {DLA-1600-1 DLA-1006-1}
- libarchive 3.2.2-3.1 (bug #861609)
[stretch] - libarchive <no-dsa> (Minor issue)
NOTE: https://github.com/libarchive/libarchive/issues/834
@@ -91379,7 +91440,7 @@ CVE-2016-10210 (libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a
[jessie] - yara 3.1.0-2+deb8u1
NOTE: https://github.com/VirusTotal/yara/issues/576
CVE-2016-10209 (The archive_wstring_append_from_mbs function in archive_string.c in ...)
- {DLA-1006-1}
+ {DLA-1600-1 DLA-1006-1}
- libarchive 3.2.2-3.1 (low; bug #859456)
[stretch] - libarchive <no-dsa> (Minor issue)
NOTE: https://github.com/libarchive/libarchive/issues/842
@@ -92431,7 +92492,7 @@ CVE-2017-5603 (An incorrect implementation of "XEP-0280: Message Carbons&qu
CVE-2017-5602 (An incorrect implementation of "XEP-0280: Message Carbons" in multiple ...)
- jappix <itp> (bug #619347)
CVE-2017-5601 (An error in the lha_read_file_header_1() function ...)
- {DLA-810-1}
+ {DLA-1600-1 DLA-810-1}
- libarchive 3.2.1-6 (bug #853278)
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/98dcbbf0bf4854bf987557e55e55fff7abbf3ea9
NOTE: https://secunia.com/secunia_research/2017-3/
@@ -109040,34 +109101,34 @@ CVE-2014-9910 (An elevation of privilege vulnerability in the Broadcom Wi-Fi dri
CVE-2014-9909 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
NOT-FOR-US: Android Broadcom driver
CVE-2016-9106 (Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #842463)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02623.html
NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/4
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=fdfcc9aeea1492f4b819a24c94dfb678145b1bf9
CVE-2016-9105 (Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #842463)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02608.html
NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/3
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=4c1586787ff43c9acd18a56c12d720e3e6be9f7c
CVE-2016-9104 (Multiple integer overflows in the (1) v9fs_xattr_read and (2) ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #842463)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02942.html
NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/2
CVE-2016-9103 (The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #842463)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01790.html
NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/1
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=eb687602853b4ae656e9236ee4222609f3a6887d
CVE-2016-9102 (Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #842463)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01861.html
@@ -109075,7 +109136,7 @@ CVE-2016-9102 (Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in Q
NOTE: http://www.openwall.com/lists/oss-security/2016/10/27/15
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ff55e94d23ae94c8628b0115320157c763eb3e06
CVE-2016-9101 (Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #842455)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg03024.html
@@ -110008,13 +110069,13 @@ CVE-2016-1000034
CVE-2016-1000032 (TGCaptcha2 version 0.3.0 is vulnerable to a replay attack due to a ...)
NOT-FOR-US: TGCaptcha2
CVE-2016-8910 (The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #841955)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html
NOTE: http://www.openwall.com/lists/oss-security/2016/10/24/2
CVE-2016-8909 (The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #841950)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg04717.html
@@ -110230,13 +110291,13 @@ CVE-2016-8690 (The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer bef
NOTE: The original fix is incomplete resulting in two follow ups CVE-2016-8884 and
NOTE: CVE-2016-8885.
CVE-2016-8689 (The read_Header function in archive_read_support_format_7zip.c in ...)
- {DLA-661-1}
+ {DLA-1600-1 DLA-661-1}
- libarchive 3.2.1-5 (bug #840934)
NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-read_header-archive_read_support_format_7zip-c/
NOTE: https://github.com/libarchive/libarchive/issues/761
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/7f17c791dcfd8c0416e2cd2485b19410e47ef126
CVE-2016-8688 (The mtree bidder in libarchive 3.2.1 does not keep track of line sizes ...)
- {DLA-661-1}
+ {DLA-1600-1 DLA-661-1}
- libarchive 3.2.1-5 (bug #840935)
NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-detect_form-archive_read_support_format_mtree-c/
NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-memory-corruptionunknown-crash-in-bid_entry-archive_read_support_format_mtree-c/
@@ -110245,7 +110306,7 @@ CVE-2016-8688 (The mtree bidder in libarchive 3.2.1 does not keep track of line
NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-use-after-free-in-detect_form-archive_read_support_format_mtree-c/
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/eec077f52bfa2d3f7103b4b74d52572ba8a15aca
CVE-2016-8687 (Stack-based buffer overflow in the safe_fprintf function in tar/util.c ...)
- {DLA-661-1}
+ {DLA-1600-1 DLA-661-1}
- libarchive 3.2.1-5 (bug #840936)
NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-stack-based-buffer-overflow-in-bsdtar_expand_char-util-c/
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/e37b620fe8f14535d737e89a4dcabaed4517bf1a
@@ -110884,13 +110945,13 @@ CVE-2016-8602 (The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.
CVE-2016-8601
REJECTED
CVE-2016-8578 (The v9fs_iov_vunmarshal function in fsdev/9p-iov-marshal.c in QEMU ...)
- {DLA-679-1 DLA-678-1}
+ {DLA-1599-1 DLA-679-1 DLA-678-1}
- qemu 1:2.8+dfsg-1 (bug #840340)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07143.html
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ba42ebb863ab7d40adc79298422ed9596df8f73a
CVE-2016-8577 (Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka ...)
- {DLA-679-1 DLA-678-1}
+ {DLA-1599-1 DLA-679-1 DLA-678-1}
- qemu 1:2.8+dfsg-1 (bug #840341)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07127.html
@@ -111665,6 +111726,7 @@ CVE-2016-7422 (The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (ak
NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=3b3b0628217e2726069990ff9942a5d6d9816bd7 (v2.6.0-rc0)
NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/4
CVE-2016-7421 (The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU ...)
+ {DLA-1599-1}
- qemu 1:2.7+dfsg-1 (bug #838147)
[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after 1.5)
- qemu-kvm <not-affected> (Vulnerable code not present, introduced after 1.5)
@@ -113098,12 +113160,12 @@ CVE-2016-7910 (Use-after-free vulnerability in the disk_seqf_stop function in ..
[jessie] - linux 3.16.39-1
NOTE: Fixed by: https://git.kernel.org/linus/77da160530dd1dc94f6ae15a981f24e5f0021e84 (v4.8-rc1)
CVE-2016-7909 (The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #839834)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07942.html
CVE-2016-7908 (The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick ...)
- {DLA-653-1 DLA-652-1}
+ {DLA-1599-1 DLA-653-1 DLA-652-1}
- qemu 1:2.8+dfsg-1 (bug #839835)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05557.html
@@ -114915,7 +114977,7 @@ CVE-2016-7172 (NetApp Snap Creator Framework before 4.3.1 discloses sensitive ..
CVE-2016-7171 (NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use ...)
NOT-FOR-US: NetApp
CVE-2016-7170 (The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka ...)
- {DLA-653-1 DLA-652-1}
+ {DLA-1599-1 DLA-653-1 DLA-652-1}
- qemu 1:2.8+dfsg-1 (bug #837316)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01764.html
@@ -114950,7 +115012,7 @@ CVE-2016-7162 (The _g_file_remove_directory function in file-utils.c in File Rol
NOTE: Introduced by: https://git.gnome.org/browse/file-roller/commit/?id=34b64f3a897c4b4e8e180c028f326bc921eb08ec (3.5.4)
NOTE: Fixed by: https://git.gnome.org/browse/file-roller/commit/?id=f70be1f41688859ec8dbe266df35a1839ceb96c5 (3.20.3)
CVE-2016-7161 (Heap-based buffer overflow in the .receive callback of ...)
- {DLA-653-1 DLA-652-1}
+ {DLA-1599-1 DLA-653-1 DLA-652-1}
- qemu 1:2.7+dfsg-1 (bug #838850)
- qemu-kvm <removed>
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=a0d1cbdacff5df4ded16b753b38fdd9da6092968 (2.7.0-rc3)
@@ -115026,6 +115088,7 @@ CVE-2016-7122 (The avi_read_nikon function in libavformat/avidec.c in FFmpeg bef
CVE-2016-7121
RESERVED
CVE-2016-7155 (hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-3.1 (bug #837174)
[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after v1.5)
- qemu-kvm <removed>
@@ -115035,6 +115098,7 @@ CVE-2016-7155 (hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local gu
NOTE: http://www.openwall.com/lists/oss-security/2016/09/06/2
NOTE: Vulnerable code introduced after version 1.5: http://wiki.qemu.org/ChangeLog/1.5
CVE-2016-7156 (The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-3.1 (bug #837339)
[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after v1.5)
- qemu-kvm <removed>
@@ -115253,7 +115317,7 @@ CVE-2016-7118 (fs/fcntl.c in the "aufs 3.2.x+setfl-debian" patch in th
NOTE: released version, thus should be n/a. wheezy OTOH, has already the issue in a released version. Issue then was fixed in 3.2.81-2 in DLA-609-1
NOTE: http://www.openwall.com/lists/oss-security/2016/08/31/1
CVE-2016-7116 (Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick ...)
- {DLA-619-1 DLA-618-1}
+ {DLA-1599-1 DLA-619-1 DLA-618-1}
- qemu 1:2.6+dfsg-3.1 (bug #836502)
- qemu-kvm <removed>
NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=56f101ecce0eafd09e2daf1c4eeb1377d6959261
@@ -115960,6 +116024,7 @@ CVE-2016-6825 (Huawei XH620 V3, XH622 V3, and XH628 V3 servers with software bef
CVE-2016-6824 (Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with ...)
NOT-FOR-US: Huawei Campus Switch
CVE-2016-6888 (Integer overflow in the net_tx_pkt_init function in ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-3.1 (bug #834902)
[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
- qemu-kvm <removed>
@@ -116446,6 +116511,7 @@ CVE-2016-6833 (Use-after-free vulnerability in the vmxnet3_io_bar0_write functio
NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01602.html
NOTE: http://www.openwall.com/lists/oss-security/2016/08/12/1
CVE-2016-6834 (The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-3.1 (bug #834905)
[wheezy] - qemu <not-affected> (Vulnerable code not present, packet abstraction introduced in 1.5)
- qemu-kvm <removed>
@@ -116462,6 +116528,7 @@ CVE-2016-6835 (The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.
NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-stable/2016-08/msg00077.html
NOTE: http://www.openwall.com/lists/oss-security/2016/08/11/7
CVE-2016-6836 (The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-3.1 (bug #834944)
[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
- qemu-kvm <removed>
@@ -117862,7 +117929,7 @@ CVE-2016-6354 (Heap-based buffer overflow in the yy_get_next_buffer function in
NOTE: Intorduced by: https://github.com/westes/flex/commit/9ba3187a537d6a58d345f2874d06087fd4050399 (flex-2-5-36)
NOTE: Fixed by: https://github.com/westes/flex/commit/a5cbe929ac3255d371e698f62dc256afe7006466 (v2.6.1)
CVE-2016-6351 (The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emulator), ...)
- {DLA-574-1 DLA-573-1}
+ {DLA-1599-1 DLA-574-1 DLA-573-1}
- qemu 1:2.6+dfsg-3.1 (bug #832621)
- qemu-kvm <removed>
NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=926cde5f3e4d2504ed161ed0cb771ac7cad6fd11 (v2.7.0-rc0)
@@ -121085,6 +121152,7 @@ CVE-2016-5360 (HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule
[jessie] - haproxy <not-affected> (Issue introduced in 1.6.0)
NOTE: Fixed by: http://git.haproxy.org/?p=haproxy-1.6.git;a=commit;h=60f01f8c89e4fb2723d5a9f2046286e699567e0b
CVE-2016-5338 (The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-2 (bug #827024)
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -121093,6 +121161,7 @@ CVE-2016-5338 (The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/e
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01507.html
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ff589551c8e8e9e95e211b9d8daafb4ed39f1aec
CVE-2016-5337 (The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-2 (bug #827026)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <not-affected> (Vulnerable code not present)
@@ -121386,7 +121455,7 @@ CVE-2015-8916 (bsdtar in libarchive before 3.2.0 returns a success code without
NOTE: https://github.com/libarchive/libarchive/issues/504
NOTE: Fixed by https://github.com/libarchive/libarchive/commit/b2e2abb
CVE-2015-8915 (bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a ...)
- {DLA-617-1}
+ {DLA-1600-1 DLA-617-1}
- libarchive 3.2.0-2 (low; bug #784213)
[squeeze] - libarchive <no-dsa> (Minor issue)
NOTE: https://github.com/libarchive/libarchive/issues/503
@@ -121951,6 +122020,7 @@ CVE-2016-5239 (The gnuplot delegate functionality in ImageMagick before 6.9.4-0
NOTE: http://git.imagemagick.org/repos/ImageMagick/commit/70a2cf326ed32bedee144b961005c63846541a16
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/e38b4f74ca19
CVE-2016-5238 (The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-3 (bug #826152)
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -122939,6 +123009,7 @@ CVE-2016-XXXX [AST-2016-005]
[wheezy] - asterisk <not-affected> (Only affects 13.x)
NOTE: http://downloads.asterisk.org/pub/security/AST-2016-005.html
CVE-2016-5107 (The megasas_lookup_frame function in QEMU, when built with MegaRAID ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-2 (bug #825616)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <not-affected> (Vulnerable code not present)
@@ -122946,12 +123017,14 @@ CVE-2016-5107 (The megasas_lookup_frame function in QEMU, when built with MegaRA
NOTE: Introduced after: http://git.qemu.org/?p=qemu.git;a=commit;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09 (v1.2.0-rc0)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1336461
CVE-2016-5106 (The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-2 (bug #825615)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <not-affected> (Vulnerable code not present)
NOTE: Introduced after: http://git.qemu.org/?p=qemu.git;a=commit;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09 (v1.2.0-rc0)
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04340.html
CVE-2016-5105 (The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-2 (bug #825614)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <not-affected> (Vulnerable code not present)
@@ -123219,6 +123292,7 @@ CVE-2016-XXXX [mediawiki issues from 1.26.3, 1.25.6 and 1.23.14]
[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-May/000188.html
CVE-2016-4952 (QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-2 (bug #825210)
[wheezy] - qemu <not-affected> (VMWare PVSCSI paravirtual device implementation introduced later)
- qemu-kvm <not-affected> (VMWare PVSCSI paravirtual device implementation introduced later)
@@ -124549,6 +124623,7 @@ CVE-2016-4457 (CloudForms Management Engine before 5.8 includes a default SSL/TL
CVE-2016-4455 (The Subscription Manager package (aka subscription-manager) before ...)
NOT-FOR-US: Red Hat Subscription Manager
CVE-2016-4454 (The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-3
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -124556,6 +124631,7 @@ CVE-2016-4454 (The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in Q
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg05271.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1336429
CVE-2016-4453 (The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-3
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -124598,6 +124674,7 @@ CVE-2016-4443 (Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local
CVE-2016-4442 (The rack-mini-profiler gem before 0.10.1 for Ruby allows remote ...)
NOT-FOR-US: rack-mini-profiler gem
CVE-2016-4441 (The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-2 (bug #824856)
[wheezy] - qemu <no-dsa> (Minor issue; can be fixed along with a future DSA)
- qemu-kvm <removed>
@@ -124612,7 +124689,7 @@ CVE-2016-4440 (arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles t
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1337806
NOTE: http://comments.gmane.org/gmane.comp.emulators.kvm.devel/152100
CVE-2016-4439 (The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI ...)
- {DLA-574-1 DLA-573-1}
+ {DLA-1599-1 DLA-574-1 DLA-573-1}
- qemu 1:2.6+dfsg-2 (bug #824856)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03273.html
@@ -125706,6 +125783,7 @@ CVE-2016-4032 (Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build
CVE-2016-4031 (Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build ...)
NOT-FOR-US: Samsung
CVE-2016-4037 (The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-1 (bug #822344)
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -125795,7 +125873,7 @@ CVE-2016-4003 (Cross-site scripting (XSS) vulnerability in the URLDecoder functi
- libstruts1.2-java <not-affected> (Only affects 2.x)
NOTE: http://struts.apache.org/docs/s2-028.html
CVE-2016-4020 (The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not ...)
- {DLA-574-1 DLA-573-1}
+ {DLA-1599-1 DLA-574-1 DLA-573-1}
- qemu 1:2.6+dfsg-2 (bug #821062)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01118.html
@@ -125884,6 +125962,7 @@ CVE-2016-3978 (The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.
CVE-2015-8841 (Heap-based buffer overflow in the Archive support module in ESET NOD32 ...)
NOT-FOR-US: ESET NOD32
CVE-2016-4002 (Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-2 (bug #821061)
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -125892,6 +125971,7 @@ CVE-2016-4002 (Buffer overflow in the mipsnet_receive function in hw/net/mipsnet
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01131.html
NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/6
CVE-2016-4001 (Buffer overflow in the stellaris_enet_receive function in ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-1 (bug #821038)
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -128977,6 +129057,7 @@ CVE-2016-3141 (Use-after-free vulnerability in wddx.c in the WDDX extension in P
NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/5
NOTE: http://www.openwall.com/lists/oss-security/2016/03/13/1
CVE-2016-2858 (QEMU, when built with the Pseudo Random Number Generator (PRNG) ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-1 (bug #817183)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
[squeeze] - qemu <not-affected> (Vulnerable code not present)
@@ -129002,7 +129083,7 @@ CVE-2016-8000
CVE-2016-2840 (An issue was discovered in Open-Xchange Server 6 / OX AppSuite before ...)
NOT-FOR-US: Open-Xchange
CVE-2016-2857 (The net_checksum_calculate function in net/checksum.c in QEMU allows ...)
- {DLA-574-1 DLA-573-1}
+ {DLA-1599-1 DLA-574-1 DLA-573-1}
- qemu 1:2.6+dfsg-1 (bug #817182)
- qemu-kvm <removed>
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=362786f14a753d8a5256ef97d7c10ed576d6572b (v2.6.0-rc0)
@@ -129327,6 +129408,7 @@ CVE-2015-8820 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before ...
CVE-2015-8819
RESERVED
CVE-2016-2841 (The ne2000_receive function in the NE2000 NIC emulation support ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-1 (bug #817181)
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -130243,6 +130325,7 @@ CVE-2016-2512 (The utils.http.is_safe_url function in Django before 1.8.10 and 1
- python-django 1.9.4-1 (bug #816434)
NOTE: https://www.djangoproject.com/weblog/2016/mar/01/security-releases/
CVE-2016-2538 (Multiple integer overflows in the USB Net device emulator ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-1 (bug #815680)
[wheezy] - qemu <no-dsa> (Minor issue)
[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -130574,6 +130657,7 @@ CVE-2015-8815 (Multiple cross-site scripting (XSS) vulnerabilities in Umbraco be
CVE-2015-8814 (Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery ...)
NOT-FOR-US: Umbraco
CVE-2016-2392 (The is_rndis function in the USB Net device emulator ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-1 (bug #815008)
[wheezy] - qemu <no-dsa> (Minor issue)
[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -130583,6 +130667,7 @@ CVE-2016-2392 (The is_rndis function in the USB Net device emulator ...)
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=80eecda8e5d09c442c24307f340840a5b70ea3b9 (v2.6.0-rc0)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1302299
CVE-2016-2391 (The ohci_bus_start function in the USB OHCI emulation support ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-1 (bug #815009)
[wheezy] - qemu <no-dsa> (Minor issue)
[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc21234fba1dcd3b95f7fbdcbb5e21b8af416419
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc21234fba1dcd3b95f7fbdcbb5e21b8af416419
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181129/73df05af/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list