Author: sectracker
Date: 2017-11-06 09:10:22 +0000 (Mon, 06 Nov 2017)
New Revision: 57358
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-06 05:30:22 UTC (rev 57357)
+++ data/CVE/list 2017-11-06 09:10:22 UTC (rev 57358)
@@ -1,3 +1,55 @@
+CVE-2017-16570 (KeystoneJS before 4.0.0-beta.7 allows application-wide CSRF
bypass by ...)
+ TODO: check
+CVE-2017-16569 (An Open URL Redirect issue exists in Zurmo 3.2.1.57987acc3018
via an ...)
+ TODO: check
+CVE-2017-16568
+ RESERVED
+CVE-2017-16567
+ RESERVED
+CVE-2017-16566
+ RESERVED
+CVE-2017-16565 (Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage
...)
+ TODO: check
+CVE-2017-16564 (Stored Cross-site scripting (XSS) vulnerability in
/cgi-bin/config2 on ...)
+ TODO: check
+CVE-2017-16563 (Cross-Site Request Forgery (CSRF) in the Basic Settings screen
on ...)
+ TODO: check
+CVE-2017-16562
+ RESERVED
+CVE-2017-16561
+ RESERVED
+CVE-2017-16560
+ RESERVED
+CVE-2017-16559
+ RESERVED
+CVE-2017-16558
+ RESERVED
+CVE-2017-16557
+ RESERVED
+CVE-2017-16556
+ RESERVED
+CVE-2017-16555
+ RESERVED
+CVE-2017-16554
+ RESERVED
+CVE-2017-16553
+ RESERVED
+CVE-2017-16552
+ RESERVED
+CVE-2017-16551
+ RESERVED
+CVE-2017-16550
+ RESERVED
+CVE-2017-16549
+ RESERVED
+CVE-2017-16548 (The receive_xattr function in xattrs.c in rsync 3.1.2 and ...)
+ TODO: check
+CVE-2017-16547 (The DrawImage function in magick/render.c in GraphicsMagick
1.3.26 does ...)
+ TODO: check
+CVE-2017-16546 (The ReadWPGImage function in coders/wpg.c in ImageMagick
7.0.7-9 does ...)
+ TODO: check
+CVE-2017-16545 (The ReadWPGImage function in coders/wpg.c in GraphicsMagick
1.3.26 does ...)
+ TODO: check
CVE-2017-16544
RESERVED
CVE-2017-16543 (Zoho ManageEngine Applications Manager 13 allows SQL injection
via ...)
@@ -54,8 +106,8 @@
NOTE: Fixed by:
https://git.kernel.org/linus/bbf26183b7a6236ba602f4d6a2f7cade35bba043
CVE-2017-16525 (The usb_serial_console_disconnect function in ...)
- linux 4.13.10-1
-CVE-2017-16524
- RESERVED
+CVE-2017-16524 (Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from
an ...)
+ TODO: check
CVE-2017-16523 (MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ...)
NOT-FOR-US: MitraStar
CVE-2017-16522 (MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ...)
@@ -3001,48 +3053,59 @@
RESERVED
CVE-2017-15396
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- libv8 <unfixed> (unimportant)
NOTE: libv8 not covered by security support
CVE-2017-15395
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-15394
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-15393
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-15392
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-15391
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-15390
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-15389
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-15388
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-15387
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-15386
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-15385 (The store_versioninfo_gnu_verdef function in
libr/bin/format/elf/elf.c ...)
@@ -4004,8 +4067,8 @@
NOTE:
https://groups.google.com/d/msg/golang-dev/RinSE3EiJBI/kYL7zb07AgAJ
CVE-2017-15040
RESERVED
-CVE-2017-15039
- RESERVED
+CVE-2017-15039 (Cross-site scripting (XSS) exists in Zurmo 3.2.1.57987acc3018
via a ...)
+ TODO: check
CVE-2017-15038 (Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c
in QEMU ...)
{DLA-1129-1 DLA-1128-1}
- qemu 1:2.10.0+dfsg-2 (bug #877890)
@@ -34331,14 +34394,17 @@
RESERVED
CVE-2017-5133
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5132
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5131
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5130
@@ -34353,26 +34419,32 @@
TODO: waiting for upstream confirmation that mapping is correct, and
initially triaged by gcs
CVE-2017-5129
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5128
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5127
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5126
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5125
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5124
RESERVED
+ {DSA-4020-1}
- chromium-browser 62.0.3202.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5123 [waitid() not calling access_ok()]
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
