Author: sectracker Date: 2017-06-15 09:10:13 +0000 (Thu, 15 Jun 2017) New Revision: 52582
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-06-15 06:20:24 UTC (rev 52581) +++ data/CVE/list 2017-06-15 09:10:13 UTC (rev 52582) @@ -1,3 +1,91 @@ +CVE-2017-9664 + RESERVED +CVE-2017-9663 + RESERVED +CVE-2017-9662 + RESERVED +CVE-2017-9661 + RESERVED +CVE-2017-9660 + RESERVED +CVE-2017-9659 + RESERVED +CVE-2017-9658 + RESERVED +CVE-2017-9657 + RESERVED +CVE-2017-9656 + RESERVED +CVE-2017-9655 + RESERVED +CVE-2017-9654 + RESERVED +CVE-2017-9653 + RESERVED +CVE-2017-9652 + RESERVED +CVE-2017-9651 + RESERVED +CVE-2017-9650 + RESERVED +CVE-2017-9649 + RESERVED +CVE-2017-9648 + RESERVED +CVE-2017-9647 + RESERVED +CVE-2017-9646 + RESERVED +CVE-2017-9645 + RESERVED +CVE-2017-9644 + RESERVED +CVE-2017-9643 + RESERVED +CVE-2017-9642 + RESERVED +CVE-2017-9641 + RESERVED +CVE-2017-9640 + RESERVED +CVE-2017-9639 + RESERVED +CVE-2017-9638 + RESERVED +CVE-2017-9637 + RESERVED +CVE-2017-9636 + RESERVED +CVE-2017-9635 + RESERVED +CVE-2017-9634 + RESERVED +CVE-2017-9633 + RESERVED +CVE-2017-9632 + RESERVED +CVE-2017-9631 + RESERVED +CVE-2017-9630 + RESERVED +CVE-2017-9629 + RESERVED +CVE-2017-9628 + RESERVED +CVE-2017-9627 + RESERVED +CVE-2017-9626 + RESERVED +CVE-2017-9625 + RESERVED +CVE-2017-9624 (Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI ...) + TODO: check +CVE-2017-9623 (Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI ...) + TODO: check +CVE-2017-9622 (Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI ...) + TODO: check +CVE-2017-9621 (Cross-site scripting (XSS) vulnerability in ...) + TODO: check CVE-2017-9620 RESERVED CVE-2017-9619 @@ -30,8 +118,8 @@ RESERVED CVE-2017-9607 RESERVED -CVE-2017-9606 - RESERVED +CVE-2017-9606 (Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local ...) + TODO: check CVE-2017-9604 (KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in ...) - kdepim <unfixed> (bug #864804) - kf5-messagelib <unfixed> (bug #864803) @@ -383,9 +471,9 @@ NOTE: https://github.com/VirusTotal/yara/issues/678 NOTE: https://github.com/VirusTotal/yara/commit/992480c30f75943e9cd6245bb2015c7737f9b661 CVE-2017-9464 (An open redirect vulnerability is present in Piwigo 2.9 and probably ...) - - piwigo <removed> + - piwigo <removed> CVE-2017-9463 (The application Piwigo is affected by a SQL injection vulnerability in ...) - - piwigo <removed> + - piwigo <removed> CVE-2017-9460 RESERVED CVE-2017-9459 @@ -2155,7 +2243,7 @@ NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697810 NOTE: edgebuffer scan converter was made default only in: http://git.ghostscript.com/?p=ghostpdl.git;h=dd5da2cb3e08398ac6d86598b36b00994d058308 NOTE: But the vulnerable code via base/gxscan.c, a new scan converter introduced in 9.20 is present. -CVE-2017-8907 (Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.3 did not ...) +CVE-2017-8907 (Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 did not ...) TODO: check CVE-2017-8906 (An integer underflow vulnerability exists in pixel-a.asm, the x86 ...) - x265 <not-affected> (Affected code is not enabled) @@ -2990,32 +3078,32 @@ RESERVED CVE-2017-8556 RESERVED -CVE-2017-8555 - RESERVED +CVE-2017-8555 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...) + TODO: check CVE-2017-8554 RESERVED -CVE-2017-8553 - RESERVED -CVE-2017-8552 - RESERVED -CVE-2017-8551 - RESERVED -CVE-2017-8550 - RESERVED -CVE-2017-8549 - RESERVED -CVE-2017-8548 - RESERVED -CVE-2017-8547 - RESERVED +CVE-2017-8553 (An information disclosure vulnerability exists in Microsoft Windows ...) + TODO: check +CVE-2017-8552 (A kernel-mode driver in Windows Server 2008 SP2 and R2 SP1, and ...) + TODO: check +CVE-2017-8551 (An elevation of privilege vulnerability exists when Microsoft ...) + TODO: check +CVE-2017-8550 (A remote code execution vulnerability exists in Skype for Business ...) + TODO: check +CVE-2017-8549 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...) + TODO: check +CVE-2017-8548 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...) + TODO: check +CVE-2017-8547 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...) + TODO: check CVE-2017-8546 RESERVED -CVE-2017-8545 - RESERVED -CVE-2017-8544 - RESERVED -CVE-2017-8543 - RESERVED +CVE-2017-8545 (A spoofing vulnerability exists in when Microsoft Outlook for Mac does ...) + TODO: check +CVE-2017-8544 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...) + TODO: check +CVE-2017-8543 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...) + TODO: check CVE-2017-8542 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...) NOT-FOR-US: Microsoft CVE-2017-8541 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...) @@ -3032,68 +3120,68 @@ NOT-FOR-US: Microsoft CVE-2017-8535 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...) NOT-FOR-US: Microsoft -CVE-2017-8534 - RESERVED -CVE-2017-8533 - RESERVED -CVE-2017-8532 - RESERVED -CVE-2017-8531 - RESERVED -CVE-2017-8530 - RESERVED -CVE-2017-8529 - RESERVED -CVE-2017-8528 - RESERVED -CVE-2017-8527 - RESERVED +CVE-2017-8534 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...) + TODO: check +CVE-2017-8533 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...) + TODO: check +CVE-2017-8532 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...) + TODO: check +CVE-2017-8531 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...) + TODO: check +CVE-2017-8530 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...) + TODO: check +CVE-2017-8529 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...) + TODO: check +CVE-2017-8528 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...) + TODO: check +CVE-2017-8527 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...) + TODO: check CVE-2017-8526 RESERVED CVE-2017-8525 RESERVED -CVE-2017-8524 - RESERVED -CVE-2017-8523 - RESERVED -CVE-2017-8522 - RESERVED -CVE-2017-8521 - RESERVED -CVE-2017-8520 - RESERVED -CVE-2017-8519 - RESERVED +CVE-2017-8524 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...) + TODO: check +CVE-2017-8523 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...) + TODO: check +CVE-2017-8522 (Microsoft browsers in Microsoft Windows 8.1 and Windows RT 8.1, ...) + TODO: check +CVE-2017-8521 (Microsoft Edge in Windows 10 1703 allows an attacker to execute ...) + TODO: check +CVE-2017-8520 (Microsoft Edge in Windows 10 1703 allows an attacker to execute ...) + TODO: check +CVE-2017-8519 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and ...) + TODO: check CVE-2017-8518 RESERVED -CVE-2017-8517 - RESERVED +CVE-2017-8517 (Microsoft browsers in Microsoft Windows Server 2008 SP2 and R2 SP1, ...) + TODO: check CVE-2017-8516 RESERVED -CVE-2017-8515 - RESERVED -CVE-2017-8514 - RESERVED -CVE-2017-8513 - RESERVED -CVE-2017-8512 - RESERVED -CVE-2017-8511 - RESERVED -CVE-2017-8510 - RESERVED -CVE-2017-8509 - RESERVED -CVE-2017-8508 - RESERVED -CVE-2017-8507 - RESERVED -CVE-2017-8506 - RESERVED +CVE-2017-8515 (Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 ...) + TODO: check +CVE-2017-8514 (An information disclosure vulnerability exists when Microsoft ...) + TODO: check +CVE-2017-8513 (A remote code execution vulnerability exists in Microsoft PowerPoint ...) + TODO: check +CVE-2017-8512 (A remote code execution vulnerability exists in Microsoft Office when ...) + TODO: check +CVE-2017-8511 (A remote code execution vulnerability exists in Microsoft Office when ...) + TODO: check +CVE-2017-8510 (A remote code execution vulnerability exists in Microsoft Office when ...) + TODO: check +CVE-2017-8509 (A remote code execution vulnerability exists in Microsoft Office when ...) + TODO: check +CVE-2017-8508 (A security feature bypass vulnerability exists in Microsoft Office ...) + TODO: check +CVE-2017-8507 (A remote code execution vulnerability exists in the way Microsoft ...) + TODO: check +CVE-2017-8506 (A remote code execution vulnerability exists in Microsoft Office when ...) + TODO: check CVE-2017-8505 RESERVED -CVE-2017-8504 - RESERVED +CVE-2017-8504 (Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 ...) + TODO: check CVE-2017-8503 RESERVED CVE-2017-8502 @@ -3102,86 +3190,86 @@ RESERVED CVE-2017-8500 RESERVED -CVE-2017-8499 - RESERVED -CVE-2017-8498 - RESERVED -CVE-2017-8497 - RESERVED -CVE-2017-8496 - RESERVED +CVE-2017-8499 (Microsoft Edge in Windows 10 1703 allows an attacker to execute ...) + TODO: check +CVE-2017-8498 (Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 ...) + TODO: check +CVE-2017-8497 (Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an ...) + TODO: check +CVE-2017-8496 (Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an ...) + TODO: check CVE-2017-8495 RESERVED -CVE-2017-8494 - RESERVED -CVE-2017-8493 - RESERVED -CVE-2017-8492 - RESERVED -CVE-2017-8491 - RESERVED -CVE-2017-8490 - RESERVED -CVE-2017-8489 - RESERVED -CVE-2017-8488 - RESERVED +CVE-2017-8494 (Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server ...) + TODO: check +CVE-2017-8493 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, ...) + TODO: check +CVE-2017-8492 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check +CVE-2017-8491 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check +CVE-2017-8490 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check +CVE-2017-8489 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check +CVE-2017-8488 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check CVE-2017-8487 RESERVED CVE-2017-8486 RESERVED -CVE-2017-8485 - RESERVED -CVE-2017-8484 - RESERVED -CVE-2017-8483 - RESERVED -CVE-2017-8482 - RESERVED -CVE-2017-8481 - RESERVED -CVE-2017-8480 - RESERVED -CVE-2017-8479 - RESERVED -CVE-2017-8478 - RESERVED -CVE-2017-8477 - RESERVED -CVE-2017-8476 - RESERVED -CVE-2017-8475 - RESERVED -CVE-2017-8474 - RESERVED -CVE-2017-8473 - RESERVED -CVE-2017-8472 - RESERVED -CVE-2017-8471 - RESERVED -CVE-2017-8470 - RESERVED -CVE-2017-8469 - RESERVED -CVE-2017-8468 - RESERVED +CVE-2017-8485 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check +CVE-2017-8484 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...) + TODO: check +CVE-2017-8483 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check +CVE-2017-8482 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check +CVE-2017-8481 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check +CVE-2017-8480 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check +CVE-2017-8479 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check +CVE-2017-8478 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check +CVE-2017-8477 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...) + TODO: check +CVE-2017-8476 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check +CVE-2017-8475 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...) + TODO: check +CVE-2017-8474 (The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, ...) + TODO: check +CVE-2017-8473 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...) + TODO: check +CVE-2017-8472 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and ...) + TODO: check +CVE-2017-8471 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...) + TODO: check +CVE-2017-8470 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...) + TODO: check +CVE-2017-8469 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check +CVE-2017-8468 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, ...) + TODO: check CVE-2017-8467 RESERVED -CVE-2017-8466 - RESERVED -CVE-2017-8465 - RESERVED -CVE-2017-8464 - RESERVED +CVE-2017-8466 (Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2, ...) + TODO: check +CVE-2017-8465 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, ...) + TODO: check +CVE-2017-8464 (Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows ...) + TODO: check CVE-2017-8463 RESERVED -CVE-2017-8462 - RESERVED +CVE-2017-8462 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check CVE-2017-8461 RESERVED -CVE-2017-8460 - RESERVED +CVE-2017-8460 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows ...) + TODO: check CVE-2017-8459 (** DISPUTED ** Brave 0.12.4 has a Status Bar Obfuscation issue in which ...) NOT-FOR-US: Brave CVE-2017-8458 (Brave 0.12.4 has a URI Obfuscation issue in which a string such as ...) @@ -4683,16 +4771,16 @@ RESERVED CVE-2017-7915 (An Improper Restriction of Excessive Authentication Attempts issue was ...) NOT-FOR-US: Moxa -CVE-2017-7914 - RESERVED +CVE-2017-7914 (A Missing Authorization issue was discovered in Rockwell Automation ...) + TODO: check CVE-2017-7913 (A Plaintext Storage of a Password issue was discovered in Moxa OnCell ...) NOT-FOR-US: Moxa CVE-2017-7912 RESERVED CVE-2017-7911 (A Code Injection issue was discovered in CyberVision Kaa IoT Platform, ...) NOT-FOR-US: CyberVision Kaa IoT Platform -CVE-2017-7910 - RESERVED +CVE-2017-7910 (A Stack-Based Buffer Overflow issue was discovered in Digital Canal ...) + TODO: check CVE-2017-7909 (A Use of Client-Side Authentication issue was discovered in Advantech ...) NOT-FOR-US: Advantech CVE-2017-7908 @@ -7973,6 +8061,7 @@ CVE-2017-6893 RESERVED CVE-2017-6892 (In libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" ...) + {DLA-985-1} - libsndfile <unfixed> (bug #864704) [stretch] - libsndfile <no-dsa> (Minor issue) [jessie] - libsndfile <no-dsa> (Minor issue) @@ -14321,8 +14410,7 @@ RESERVED CVE-2017-4987 RESERVED -CVE-2017-4986 - RESERVED +CVE-2017-4986 (EMC ESRS VE 3.18 or earlier contains Authentication Bypass that could ...) NOT-FOR-US: EMC CVE-2017-4985 RESERVED @@ -14332,8 +14420,7 @@ NOT-FOR-US: EMC Data Domain OS CVE-2017-4982 (EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and ...) NOT-FOR-US: EMC Mainframe -CVE-2017-4981 - RESERVED +CVE-2017-4981 (EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper ...) NOT-FOR-US: EMC CVE-2017-4980 (EMC Isilon OneFS is affected by a path traversal vulnerability that may ...) NOT-FOR-US: EMC @@ -30741,44 +30828,44 @@ NOTE: Upstream fix: https://gitlab.com/gnutls/gnutls/commit/964632f37dfdfb914ebc5e49db4fa29af35b1de9 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1374266 NOTE: http://www.openwall.com/lists/oss-security/2016/09/18/3 -CVE-2017-0300 - RESERVED -CVE-2017-0299 - RESERVED -CVE-2017-0298 - RESERVED -CVE-2017-0297 - RESERVED -CVE-2017-0296 - RESERVED -CVE-2017-0295 - RESERVED -CVE-2017-0294 - RESERVED +CVE-2017-0300 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check +CVE-2017-0299 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) + TODO: check +CVE-2017-0298 (A DCOM object in Helppane.exe in Microsoft Windows Server 2008 SP2 and ...) + TODO: check +CVE-2017-0297 (The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, ...) + TODO: check +CVE-2017-0296 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...) + TODO: check +CVE-2017-0295 (Microsoft Windows 10 1607 and 1703, and Windows Server 2016 allow an ...) + TODO: check +CVE-2017-0294 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...) + TODO: check CVE-2017-0293 RESERVED -CVE-2017-0292 - RESERVED -CVE-2017-0291 - RESERVED +CVE-2017-0292 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows ...) + TODO: check +CVE-2017-0291 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows ...) + TODO: check CVE-2017-0290 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...) NOT-FOR-US: Microsoft -CVE-2017-0289 - RESERVED -CVE-2017-0288 - RESERVED -CVE-2017-0287 - RESERVED -CVE-2017-0286 - RESERVED -CVE-2017-0285 - RESERVED -CVE-2017-0284 - RESERVED -CVE-2017-0283 - RESERVED -CVE-2017-0282 - RESERVED +CVE-2017-0289 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...) + TODO: check +CVE-2017-0288 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...) + TODO: check +CVE-2017-0287 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...) + TODO: check +CVE-2017-0286 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...) + TODO: check +CVE-2017-0285 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...) + TODO: check +CVE-2017-0284 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...) + TODO: check +CVE-2017-0283 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...) + TODO: check +CVE-2017-0282 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...) + TODO: check CVE-2017-0281 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office ...) NOT-FOR-US: Microsoft CVE-2017-0280 (The Microsoft Server Message Block 1.0 (SMBv1) allows denial of ...) @@ -30821,8 +30908,8 @@ NOT-FOR-US: Microsoft CVE-2017-0261 (Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a ...) NOT-FOR-US: Microsoft -CVE-2017-0260 - RESERVED +CVE-2017-0260 (A remote code execution vulnerability exists in Microsoft Office when ...) + TODO: check CVE-2017-0259 (The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, ...) NOT-FOR-US: Microsoft CVE-2017-0258 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...) @@ -30903,16 +30990,16 @@ NOT-FOR-US: Microsoft CVE-2017-0220 (The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) NOT-FOR-US: Microsoft -CVE-2017-0219 - RESERVED -CVE-2017-0218 - RESERVED +CVE-2017-0219 (Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and ...) + TODO: check +CVE-2017-0218 (Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and ...) + TODO: check CVE-2017-0217 RESERVED -CVE-2017-0216 - RESERVED -CVE-2017-0215 - RESERVED +CVE-2017-0216 (Microsoft Windows 10 1511, Windows 10 1607, and Windows Server 2016 ...) + TODO: check +CVE-2017-0215 (Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to ...) + TODO: check CVE-2017-0214 (Windows COM in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...) NOT-FOR-US: Microsoft CVE-2017-0213 (Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 ...) @@ -30955,8 +31042,8 @@ NOT-FOR-US: Microsoft CVE-2017-0194 (Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, and Office ...) NOT-FOR-US: Microsoft -CVE-2017-0193 - RESERVED +CVE-2017-0193 (Windows Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, ...) + TODO: check CVE-2017-0192 (The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows ...) NOT-FOR-US: Microsoft CVE-2017-0191 (A denial of service vulnerability exists in the way that Windows 7, ...) @@ -30995,8 +31082,8 @@ NOT-FOR-US: Microsoft CVE-2017-0174 RESERVED -CVE-2017-0173 - RESERVED +CVE-2017-0173 (Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to ...) + TODO: check CVE-2017-0172 RESERVED CVE-2017-0171 (Windows DNS Server allows a denial of service vulnerability when ...) @@ -56135,7 +56222,8 @@ - foomatic-filters 4.0.17-7 (bug #807993) NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419 NOTE: http://www.openwall.com/lists/oss-security/2015/12/13/2 -CVE-2015-9097 [ruby-mail: SMTP injection via recipient email addresses] +CVE-2015-9097 (The mail gem before 2.5.5 for Ruby (aka A Really Ruby Mail Library) is ...) + {DLA-489-1} - ruby-mail 2.6.1+dfsg1-1 NOTE: https://github.com/mikel/mail/commit/72befdc4dab3e6e288ce226a7da2aa474cf5be83 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/12/11/3 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits