Author: sectracker
Date: 2017-04-29 21:10:12 +0000 (Sat, 29 Apr 2017)
New Revision: 51195
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-29 20:40:44 UTC (rev 51194)
+++ data/CVE/list 2017-04-29 21:10:12 UTC (rev 51195)
@@ -1,3 +1,9 @@
+CVE-2017-8327 (The bmpr_read_uncompressed function in imagew-bmp.c in ...)
+ TODO: check
+CVE-2017-8326 (libimageworsener.a in ImageWorsener before 1.3.1 has "left
shift cannot ...)
+ TODO: check
+CVE-2017-8325 (The iw_process_cols_to_intermediate function in imagew-main.c
in ...)
+ TODO: check
CVE-2017-8324
RESERVED
CVE-2017-8323
@@ -51,6 +57,7 @@
CVE-2017-8297 (A path traversal vulnerability exists in simple-file-manager
before ...)
NOT-FOR-US: simple-file-manager
CVE-2017-8296 (kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history
that is ...)
+ {DLA-925-1}
- kedpm <removed> (bug #860817)
[jessie] - kedpm <no-dsa> (Minor issue, can be fixed via point release)
NOTE: patch in BTS gives workaround to always prompt for password and
do not save to database
@@ -438,8 +445,7 @@
RESERVED
CVE-2017-8115 (Directory traversal in setup/processors/url_search.php (aka the
search ...)
NOT-FOR-US: MODX
-CVE-2017-8114 [Fix security issue in virtualmin and sasl drivers]
- RESERVED
+CVE-2017-8114 (Roundcube Webmail allows arbitrary password resets by
authenticated ...)
- roundcube <unfixed> (bug #861388)
NOTE: https://github.com/roundcube/roundcubemail/releases/tag/1.2.5
NOTE:
https://github.com/roundcube/roundcubemail/commit/6e054a37d13dc3772d0aa454a32d5dc3bdcc7003
(1.2.x)
@@ -804,8 +810,8 @@
NOTE: https://github.com/libimobiledevice/libplist/issues/103
NOTE: The issue seems covered in prior versions of upstream
dccd9290745345896e3a4a73154576a599fd8b7b
NOTE: which is CVE-2017-6440.
-CVE-2017-7981
- RESERVED
+CVE-2017-7981 (Tuleap before 9.7 allows command injection via the PhpWiki
1.3.10 ...)
+ TODO: check
CVE-2017-7980
RESERVED
- qemu 1:2.8+dfsg-4
@@ -867,8 +873,8 @@
RESERVED
CVE-2017-7958
RESERVED
-CVE-2017-7957
- RESERVED
+CVE-2017-7957 (XStream through 1.4.9, when a certain denyTypes workaround is
not used, ...)
+ TODO: check
CVE-2017-7956
RESERVED
CVE-2017-7955
@@ -1546,11 +1552,13 @@
CVE-2017-7743
RESERVED
CVE-2017-7742 (In libsndfile before 1.0.28, an error in the
"flac_buffer_copy()" ...)
+ {DLA-928-1}
- libsndfile <unfixed> (bug #860255)
[jessie] - libsndfile <no-dsa> (Minor issue)
NOTE: Fixed by:
https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
NOTE:
https://blogs.gentoo.org/ago/2017/04/11/libsndfile-invalid-memory-read-and-invalid-memory-write-in/
CVE-2017-7741 (In libsndfile before 1.0.28, an error in the
"flac_buffer_copy()" ...)
+ {DLA-928-1}
- libsndfile 1.0.27-2
[jessie] - libsndfile <no-dsa> (Minor issue)
NOTE: Fixed by:
https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
@@ -2013,6 +2021,7 @@
CVE-2017-7587
RESERVED
CVE-2017-7586 (In libsndfile before 1.0.28, an error in the
"header_read()" function ...)
+ {DLA-928-1}
- libsndfile 1.0.27-2
[jessie] - libsndfile <no-dsa> (Minor issue)
NOTE:
https://github.com/erikd/libsndfile/commit/708e996c87c5fae77b104ccfeb8f6db784c32074
@@ -2020,6 +2029,7 @@
NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to
address this issue
NOTE:
https://sources.debian.net/data/main/libs/libsndfile/1.0.27-2/debian/patches/fix_bufferoverflows.patch
CVE-2017-7585 (In libsndfile before 1.0.28, an error in the
"flac_buffer_copy()" ...)
+ {DLA-928-1}
- libsndfile 1.0.27-2
[jessie] - libsndfile <no-dsa> (Minor issue)
NOTE:
https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
@@ -2570,6 +2580,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/3
NOTE: https://github.com/asarubbo/poc/blob/master/00250-podofo-nullptr1
CVE-2017-7379 (The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in
...)
+ {DLA-929-1}
- libpodofo <unfixed> (bug #859331)
NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/2
NOTE: upstream fix: https://sourceforge.net/p/podofo/code/1842/
@@ -4781,8 +4792,8 @@
NOT-FOR-US: CMS Made Simple
CVE-2017-6554 (pmmasterd in Quest Privilege Manager 6.0.0-27 and 6.0.0-50
allows ...)
NOT-FOR-US: Quest Privilege Manager
-CVE-2017-6553
- RESERVED
+CVE-2017-6553 (Buffer Overflow in Quest One Identity Privilege Manager for
Unix before ...)
+ TODO: check
CVE-2017-6552 (Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an
insufficiently ...)
NOT-FOR-US: Livebox 3 Sagemcom
CVE-2017-6551
@@ -5253,6 +5264,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/6
NOTE:
https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfcoloroperator-pdfcolor-cpp
CVE-2017-6844 (Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection
function ...)
+ {DLA-929-1}
- libpodofo <unfixed> (bug #856592)
NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/5
NOTE:
https://blogs.gentoo.org/ago/2017/03/02/podofo-global-buffer-overflow-in-podofopdfparserreadxrefsubsection-pdfparser-cpp
@@ -6976,6 +6988,7 @@
NOTE: Fixed by:
https://github.com/torvalds/linux/commit/3a4b77cd47bb837b8557595ec7425f281f2ca1fe
(4.10-rc1)
NOTE: Introduced by:
https://github.com/torvalds/linux/commit/952fc18ef9ec707ebdc16c0786ec360295e5ff15
(3.6-rc1)
CVE-2017-5886 (Heap-based buffer overflow in the
PoDoFo::PdfTokenizer::GetNextToken ...)
+ {DLA-929-1}
- libpodofo <unfixed> (bug #854604)
[jessie] - libpodofo <no-dsa> (Minor issue)
NOTE:
https://blogs.gentoo.org/ago/2017/02/03/podofo-heap-based-buffer-overflow-in-podofopdftokenizergetnexttoken-pdftokenizer-cpp
@@ -7511,6 +7524,7 @@
NOTE:
https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2017/02/02/21
CVE-2015-8981 (Heap-based buffer overflow in the PdfParser::ReadXRefSubsection
...)
+ {DLA-929-1}
- libpodofo 0.9.4-1 (bug #854599)
[jessie] - libpodofo <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/podofo/mailman/message/34205419/
@@ -7522,12 +7536,14 @@
NOTE:
https://blogs.gentoo.org/ago/2017/02/01/podofo-null-pointer-dereference-in-podofopdfparserreadxrefsubsection-pdfparser-cpp
NOTE:
https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936
CVE-2017-5854 (base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote
attackers to ...)
+ {DLA-929-1}
- libpodofo <unfixed> (bug #854602)
[jessie] - libpodofo <no-dsa> (Minor issue)
NOTE:
https://blogs.gentoo.org/ago/2017/02/01/podofo-null-pointer-dereference-in-pdfoutputstream-cpp
NOTE:
https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936
NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1836
CVE-2017-5853 (Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows
remote ...)
+ {DLA-929-1}
- libpodofo <unfixed> (bug #854601)
[jessie] - libpodofo <no-dsa> (Minor issue)
NOTE:
https://blogs.gentoo.org/ago/2017/02/01/podofo-signed-integer-overflow-in-pdfparser-cpp
@@ -7535,6 +7551,7 @@
NOTE: Proposed fix:
https://sourceforge.net/p/podofo/mailman/message/35692197/
NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1840/
CVE-2017-5852 (The PoDoFo::PdfPage::GetInheritedKeyFromObject function in ...)
+ {DLA-929-1}
- libpodofo <unfixed> (bug #854600)
[jessie] - libpodofo <no-dsa> (Minor issue)
NOTE:
https://blogs.gentoo.org/ago/2017/02/01/podofo-infinite-loop-in-podofopdfpagegetinheritedkeyfromobject-pdfpage-cpp
@@ -7585,12 +7602,14 @@
CVE-2017-5663
RESERVED
CVE-2017-5662 (In Apache Batik before 1.9, files lying on the filesystem of
the ...)
+ {DLA-926-1}
- batik <unfixed> (bug #860566)
NOTE: http://www.openwall.com/lists/oss-security/2017/04/18/1
NOTE: Upstream bug: https://issues.apache.org/jira/browse/BATIK-1139
NOTE: Fixed by: http://svn.apache.org/r1743326
NOTE: Similar issue to CVE-2015-0250
CVE-2017-5661 (In Apache FOP before 2.2, files lying on the filesystem of the
server ...)
+ {DLA-927-1}
- fop <unfixed> (bug #860567)
NOTE: http://www.openwall.com/lists/oss-security/2017/04/18/2
NOTE: Upstream bug: https://issues.apache.org/jira/browse/FOP-2668
@@ -55895,7 +55914,7 @@
CVE-2015-7806
RESERVED
CVE-2015-7805 (Heap-based buffer overflow in libsndfile 1.0.25 allows remote
...)
- {DLA-356-1}
+ {DLA-928-1 DLA-356-1}
- libsndfile 1.0.25-10 (bug #804445)
[jessie] - libsndfile 1.0.25-9.1+deb8u1
NOTE: http://www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/
@@ -56130,7 +56149,7 @@
CVE-2015-7706 (Multiple cross-site scripting (XSS) vulnerabilities in Secure
Data ...)
NOT-FOR-US: Secure Data Space
CVE-2014-9756 (The psf_fwrite function in file_io.c in libsndfile allows
attackers to ...)
- {DLA-356-1}
+ {DLA-928-1 DLA-356-1}
- libsndfile 1.0.25-10 (bug #804447)
[jessie] - libsndfile 1.0.25-9.1+deb8u1
NOTE:
https://github.com/erikd/libsndfile/commit/725c7dbb95bfaf8b4bb7b04820e3a00cceea9ce6
@@ -78210,7 +78229,7 @@
NOTE: Introduced by
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=610bfc6bc99bc83680d190ebc69359a05fc7f605
(v3.13-rc1)
NOTE: Fixed by:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5b6698b0e4a37053de35cc24ee695b98a7eb712b
CVE-2014-9496 (The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows
...)
- {DLA-356-1}
+ {DLA-928-1 DLA-356-1}
- libsndfile 1.0.25-9.1 (low; bug #774162)
[squeeze] - libsndfile <no-dsa> (Minor issue)
CVE-2014-XXXX [a2p: buffer overflow]
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
