Author: sectracker
Date: 2017-05-11 09:10:11 +0000 (Thu, 11 May 2017)
New Revision: 51533
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-11 09:02:57 UTC (rev 51532)
+++ data/CVE/list 2017-05-11 09:10:11 UTC (rev 51533)
@@ -1,3 +1,5 @@
+CVE-2017-8895 (In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15
before ...)
+ TODO: check
CVE-2017-8894
RESERVED
CVE-2017-8893
@@ -272,8 +274,7 @@
RESERVED
CVE-2017-8799 (Untrusted input execution via igetwild in all iRODS versions
before ...)
NOT-FOR-US: iRODS
-CVE-2017-8798 [miniupnp integer signedness error]
- RESERVED
+CVE-2017-8798 (Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221
through ...)
- miniupnpc <unfixed> (bug #862273)
NOTE:
https://github.com/tintinweb/pub/blob/master/pocs/cve-2017-8798/Readme.md
NOTE: Fixed by:
https://github.com/miniupnp/miniupnp/commit/f0f1f4b22d6a98536377a1bb07e7c20e4703d229
@@ -2250,6 +2251,7 @@
NOT-FOR-US: Enalean Tuleap
CVE-2017-7980
RESERVED
+ {DLA-939-1}
- qemu 1:2.8+dfsg-4
- qemu-kvm <removed>
NOTE: Fixed by:
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=026aeffcb4752054830ba203020ed6eb05bcaba8
@@ -3055,6 +3057,7 @@
CVE-2017-7719 (SQL injection in the Spider Event Calendar (aka
spider-event-calendar) ...)
NOT-FOR-US: Spider Event Calendar
CVE-2017-7718 (hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows
local ...)
+ {DLA-939-1}
- qemu 1:2.8+dfsg-4
- qemu-kvm <removed>
NOTE:
http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=215902d7b6fb50c6fc216fc74f770858278ed904
@@ -5620,12 +5623,12 @@
RESERVED
CVE-2017-6868
RESERVED
-CVE-2017-6867
- RESERVED
+CVE-2017-6867 (A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3
before ...)
+ TODO: check
CVE-2017-6866
RESERVED
-CVE-2017-6865
- RESERVED
+CVE-2017-6865 (Siemens SIMATIC WinCC (TIA Portal) (V13 all versions before SP2
and V14 ...)
+ TODO: check
CVE-2017-6864 (The integrated web server in Siemens RUGGEDCOM ROX I (all
versions) at ...)
NOT-FOR-US: Siemens
CVE-2017-6863
@@ -10037,8 +10040,7 @@
- nss <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5462
NOTE: https://hg.mozilla.org/projects/nss/rev/7248d38b76e5
-CVE-2017-5461
- RESERVED
+CVE-2017-5461 (Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x
through ...)
{DSA-3831-1 DLA-906-1}
- firefox 52.0.1-1
[experimental] - nss 2:3.30.1-1
@@ -17833,10 +17835,10 @@
NOT-FOR-US: Siemens
CVE-2017-2682 (The Siemens web application RUGGEDCOM NMS < V1.2 on port
8080/TCP and ...)
NOT-FOR-US: Siemens
-CVE-2017-2681
- RESERVED
-CVE-2017-2680
- RESERVED
+CVE-2017-2681 (Siemens SIMATIC S7-300 incl. F and T (All versions before
V3.X.14), ...)
+ TODO: check
+CVE-2017-2680 (Siemens SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions),
SIMATIC CP ...)
+ TODO: check
CVE-2017-2679
RESERVED
CVE-2017-2678
@@ -23382,6 +23384,7 @@
NOTE: Fixed by:
https://git.kernel.org/linus/ee8f844e3c5a73b999edf733df1c529d6503ec2f
CVE-2016-9603 [cirrus: heap buffer overflow via vnc connection]
RESERVED
+ {DLA-939-1}
- qemu 1:2.8+dfsg-4 (bug #857744)
- qemu-kvm <removed>
- xen 4.4.0-1
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
