Author: sectracker Date: 2017-05-23 21:10:13 +0000 (Tue, 23 May 2017) New Revision: 51902
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-05-23 20:35:17 UTC (rev 51901) +++ data/CVE/list 2017-05-23 21:10:13 UTC (rev 51902) @@ -1,3 +1,11 @@ +CVE-2017-9215 + RESERVED +CVE-2017-9214 (In Open vSwitch (OvS) 2.7.0, while parsing an ...) + TODO: check +CVE-2017-9213 + RESERVED +CVE-2017-9212 (The Bluetooth stack on the BMW 330i 2011 allows a remote crash of the ...) + TODO: check CVE-2017-9211 (The crypto_skcipher_init_tfm function in crypto/skcipher.c in the Linux ...) - linux <unfixed> [jessie] - linux <not-affected> (Vulnerable code not present) @@ -6387,6 +6395,7 @@ CVE-2017-6892 RESERVED CVE-2017-6891 (Two errors in the "asn1_find_node()" function (lib/parser_aux.c) ...) + {DLA-950-1} - libtasn1-6 <unfixed> (bug #863186) - libtasn1-3 <removed> NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-11/ @@ -8588,8 +8597,8 @@ RESERVED CVE-2017-6132 RESERVED -CVE-2017-6131 - RESERVED +CVE-2017-6131 (In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and ...) + TODO: check CVE-2017-6130 (F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is ...) NOT-FOR-US: F5 CVE-2017-6129 @@ -17497,8 +17506,8 @@ RESERVED CVE-2017-3129 RESERVED -CVE-2017-3128 - RESERVED +CVE-2017-3128 (A stored XSS (Cross-Site-Scripting) vulnerability in Fortinet FortiOS ...) + TODO: check CVE-2017-3127 RESERVED CVE-2017-3126 @@ -18424,16 +18433,16 @@ RESERVED CVE-2017-2798 RESERVED -CVE-2017-2797 - RESERVED +CVE-2017-2797 (An exploitable heap overflow vulnerability exists in the ...) + TODO: check CVE-2017-2796 RESERVED CVE-2017-2795 RESERVED -CVE-2017-2794 - RESERVED -CVE-2017-2793 - RESERVED +CVE-2017-2794 (An exploitable stack-based buffer overflow vulnerability exists in the ...) + TODO: check +CVE-2017-2793 (An exploitable heap corruption vulnerability exists in the ...) + TODO: check CVE-2017-2792 RESERVED CVE-2017-2791 (JustSystems Ichitaro 2016 Trial contains a vulnerability that exists ...) @@ -18457,8 +18466,8 @@ [wheezy] - polarssl <not-affected> (Vulnerable code not present) NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-01 NOTE: Wheezy do not have any elliptic curve functionality. Jessie is affected however. -CVE-2017-2783 - RESERVED +CVE-2017-2783 (An exploitable heap corruption vulnerability exists in the ...) + TODO: check CVE-2017-2782 RESERVED CVE-2017-2781 @@ -23869,14 +23878,12 @@ RESERVED CVE-2017-0375 RESERVED -CVE-2017-0374 - RESERVED +CVE-2017-0374 (lib/Config/Model.pm in Config-Model (aka libconfig-model-perl) before ...) - libconfig-model-perl 2.097-2 [jessie] - libconfig-model-perl <no-dsa> (Minor issue) [wheezy] - libconfig-model-perl <no-dsa> (Minor issue. Perl itself has to fix this and this can not be done easily) NOTE: https://anonscm.debian.org/cgit/pkg-perl/packages/libconfig-model-perl.git/commit/?h=stretch&id=0de8471e5a8958ad37446dfcd0362a269e3ec573 -CVE-2017-0373 - RESERVED +CVE-2017-0373 (The gen_class_pod implementation in ...) - libconfig-model-perl 2.097-2 [jessie] - libconfig-model-perl <no-dsa> (Minor issue) [wheezy] - libconfig-model-perl <not-affected> (Vulnerable code do not exist) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits