Author: sectracker
Date: 2016-05-16 21:10:11 +0000 (Mon, 16 May 2016)
New Revision: 41784
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-16 21:08:56 UTC (rev 41783)
+++ data/CVE/list 2016-05-16 21:10:11 UTC (rev 41784)
@@ -1,10 +1,30 @@
+CVE-2016-4808
+ RESERVED
+CVE-2016-4807
+ RESERVED
+CVE-2016-4806
+ RESERVED
+CVE-2016-4803
+ RESERVED
+CVE-2016-4802
+ RESERVED
+CVE-2016-4801
+ RESERVED
+CVE-2016-4800
+ RESERVED
+CVE-2015-8874 (Stack consumption vulnerability in GD in PHP before 5.6.12
allows ...)
+ TODO: check
+CVE-2015-8873 (Stack consumption vulnerability in Zend/zend_exceptions.c in
PHP ...)
+ TODO: check
CVE-2016-XXXX [moodle issues fixed in 2.7.14]
- moodle 2.7.14+dfsg-1
CVE-2016-4805 [ppp: take reference on channels netns]
+ RESERVED
- linux 4.5.2-1
NOTE: Fixed by:
https://git.kernel.org/linus/1f461dcdd296eecedaffffc6bae2bfa90bd7eb89 (v4.6-rc1)
NOTE: Introduced by:
https://git.kernel.org/linus/273ec51dd7ceaa76e038875d85061ec856d8905e (v2.6.30)
CVE-2016-4804
+ RESERVED
{DLA-474-1}
- dosfstools 4.0-1
[jessie] - dosfstools <no-dsa> (Minor issue)
@@ -596,12 +616,14 @@
NOTE: Exploitable since:
https://git.kernel.org/linus/1be7f75d1668d6296b80bf35dcf6762393530afc (v4.4-rc1)
NOTE: http://www.openwall.com/lists/oss-security/2016/05/06/4
CVE-2016-4556 (Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18
and 4.x ...)
+ {DLA-478-1}
- squid3 3.5.19-1 (bug #823968)
- squid <not-affected> (Does not affect 2.x)
NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_9.txt
NOTE:
http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch
NOTE:
http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch
CVE-2016-4555 (client_side_request.cc in Squid 3.x before 3.5.18 and 4.x
before ...)
+ {DLA-478-1}
- squid3 3.5.19-1 (bug #823968)
[wheezy] - squid3 <not-affected> (3.1 not vulnerable)
- squid <not-affected> (Does not affect 2.x)
@@ -609,6 +631,7 @@
NOTE:
http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch
NOTE:
http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch
CVE-2016-4554 (mime_header.cc in Squid before 3.5.18 allows remote attackers
to ...)
+ {DLA-478-1}
- squid3 3.5.19-1 (bug #823968)
- squid <removed>
NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_8.txt
@@ -887,8 +910,7 @@
NOTE:
https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92
NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4536 [various client functionality leak stack data onto the wire in
the clear]
- RESERVED
+CVE-2016-4536 (The client in OpenAFS before 1.6.17 does not properly
initialize the ...)
- openafs 1.6.17-1
[jessie] - openafs <no-dsa> (Minor issue, can be included in a future
DSA or via jessie-pu)
NOTE: https://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt
@@ -1016,6 +1038,7 @@
NOTE: https://github.com/symfony/symfony/pull/18733
NOTE:
https://symfony.com/blog/cve-2016-4423-large-username-storage-in-session
CVE-2015-8872
+ RESERVED
{DLA-474-1}
- dosfstools 4.0-1
[jessie] - dosfstools <no-dsa> (Minor issue)
@@ -1254,8 +1277,8 @@
RESERVED
CVE-2016-4326
RESERVED
-CVE-2016-4325
- RESERVED
+CVE-2016-4325 (Lantronix xPrintServer devices with firmware before 5.0.1-65
have ...)
+ TODO: check
CVE-2016-4324
RESERVED
CVE-2016-4323
@@ -1923,6 +1946,7 @@
- typo3-src <removed>
[wheezy] - typo3-src <end-of-life> (See DSA 3314)
CVE-2016-4054 (Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9
allows ...)
+ {DLA-478-1}
- squid3 3.5.17-1
- squid <not-affected> (Squid 2.x are not vulnerable)
NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_6.txt
@@ -1931,6 +1955,7 @@
NOTE:
http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13235.patch
(Squid 3.4)
NOTE:
http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14034.patch
(Squid 3.5)
CVE-2016-4053 (Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote
attackers to ...)
+ {DLA-478-1}
- squid3 3.5.17-1
- squid <not-affected> (Squid 2.x are not vulnerable)
NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_6.txt
@@ -1939,6 +1964,7 @@
NOTE:
http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13235.patch
(Squid 3.4)
NOTE:
http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14034.patch
(Squid 3.5)
CVE-2016-4052 (Multiple stack-based buffer overflows in Squid 3.x before
3.5.17 and ...)
+ {DLA-478-1}
- squid3 3.5.17-1
- squid <not-affected> (Squid 2.x are not vulnerable)
NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_6.txt
@@ -1947,6 +1973,7 @@
NOTE:
http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13235.patch
(Squid 3.4)
NOTE:
http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14034.patch
(Squid 3.5)
CVE-2016-4051 (Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before
3.5.17, and ...)
+ {DLA-478-1}
- squid3 3.5.17-1
- squid <removed>
NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_5.txt
@@ -2075,8 +2102,7 @@
RESERVED
CVE-2015-8843 (The Foxit Cloud Update Service (FoxitCloudUpdateService) in
Foxit ...)
NOT-FOR-US: Foxit Reader
-CVE-2016-4024 [integer overflow resulting in insufficient heap allocation]
- RESERVED
+CVE-2016-4024 (Integer overflow in imlib2 before 1.4.9 on 32-bit platforms
allows ...)
{DSA-3555-1}
- imlib2 1.4.8-1 (bug #821732)
NOTE: Upstream fix:
https://git.enlightenment.org/legacy/imlib2.git/commit/?id=7eba2e4c8ac0e20838947f10f29d0efe1add8227
@@ -2207,8 +2233,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/3
NOTE:
http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=f435825c0f527a8e52e6ffbc3ad0bc60531d537e
NOTE:
http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=a6e0a0b58f5cdaf4e9beca5bce69c09808cbb625
-CVE-2011-5326 [divide-by-zero on 2x1 ellipse]
- RESERVED
+CVE-2011-5326 (imlib2 before 1.4.9 allows remote attackers to cause a denial
of ...)
{DSA-3555-1}
- imlib2 1.4.8-1 (bug #639414)
NOTE:
https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c94d83ccab15d5ef02f88d42dce38ed3f0892882
@@ -2221,8 +2246,7 @@
NOTE: https://github.com/weidai11/cryptopp/issues/146
NOTE: http://www.openwall.com/lists/oss-security/2016/04/10/6
NOTE: Initial upload in 5.6.3-5 was incomplete
-CVE-2016-3994 [GIF loader: out-of-bounds read]
- RESERVED
+CVE-2016-3994 (The GIF loader in imlib2 before 1.4.9 allows remote attackers
to cause ...)
{DSA-3555-1}
- imlib2 1.4.8-1 (bug #785369)
NOTE:
https://git.enlightenment.org/legacy/imlib2.git/commit/?id=37a96801663b7b4cd3fbe56cc0eb8b6a17e766a8
@@ -2281,8 +2305,7 @@
RESERVED
CVE-2015-8840 (The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS
Java does ...)
NOT-FOR-US: SAP
-CVE-2014-9771 [exploitable integer overflow in _imlib_SaveImage]
- RESERVED
+CVE-2014-9771 (Integer overflow in imlib2 before 1.4.7 allows remote attackers
to ...)
{DSA-3555-1}
- imlib2 1.4.7-1 (bug #820206)
NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=143f299
@@ -2396,8 +2419,7 @@
NOTE:
http://git.php.net/?p=php-src.git;a=commit;h=fe13566c93f118a15a96320a546c7878fd0cfc5e
NOTE: PHP fixed in 7.0.5, 5.6.20, 5.5.34
NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7
-CVE-2016-3993 [off-by-one OOB read in __imlib_MergeUpdate]
- RESERVED
+CVE-2016-3993 (Off-by-one error in the __imlib_MergeUpdate function in
lib/updates.c ...)
{DSA-3555-1}
- imlib2 1.4.8-1 (bug #819818)
NOTE:
https://git.enlightenment.org/legacy/imlib2.git/commit/?id=ce94edca1ccfbe314cb7cd9453433fad404ec7ef
@@ -2889,22 +2911,27 @@
CVE-2016-3719
RESERVED
CVE-2016-3718 (The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10
and 7.x ...)
+ {DSA-3580-1}
- imagemagick <unfixed>
- graphicsmagick <unfixed>
NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
CVE-2016-3717 (The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before
7.0.1-1 ...)
+ {DSA-3580-1}
- imagemagick <unfixed>
- graphicsmagick <unfixed>
NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
CVE-2016-3716 (The MSL coder in ImageMagick before 6.9.3-10 and 7.x before
7.0.1-1 ...)
+ {DSA-3580-1}
- imagemagick <unfixed>
- graphicsmagick <unfixed>
NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
CVE-2016-3715 (The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x
before ...)
+ {DSA-3580-1}
- imagemagick <unfixed>
- graphicsmagick <unfixed>
NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
CVE-2016-3714 (The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6)
SHOW, ...)
+ {DSA-3580-1}
- imagemagick <unfixed>
NOTE: Workaround: https://bugzilla.redhat.com/show_bug.cgi?id=1332492#c3
NOTE:
https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588
@@ -3079,8 +3106,7 @@
NOTE:
https://git.kernel.org/linus/32ebffd3bbb4162da5ff88f9a35dd32d0a28ea70 (v4.5-rc1)
NOTE:
https://git.kernel.org/linus/011278485ecc3cd2a3954b5d4c73101d919bf1fa (v4.5-rc1)
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=972174
-CVE-2015-8838
- RESERVED
+CVE-2015-8838 (ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before
5.5.27, and ...)
- php5 5.6.11+dfsg-1
[jessie] - php5 5.6.12+dfsg-0+deb8u1
[wheezy] - php5 5.4.44-0+deb7u1
@@ -4139,8 +4165,7 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1319503
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2536
NOTE: Proposed patch from Red Hat:
https://bugzilla.redhat.com/attachment.cgi?id=1144235&action=diff
-CVE-2016-3185 [Type Confusion Vulnerability - SOAP / make_http_soap_request()]
- RESERVED
+CVE-2016-3185 (The make_http_soap_request function in ext/soap/php_http.c in
PHP ...)
- php7.0 7.0.4-1
NOTE: https://bugs.php.net/bug.php?id=71610
NOTE:
https://git.php.net/?p=php-src.git;a=commit;h=eaf4e77190d402ea014207e9a7d5da1a4f3727ba
@@ -4936,8 +4961,7 @@
RESERVED
CVE-2016-2861
RESERVED
-CVE-2016-2860
- RESERVED
+CVE-2016-2860 (The newEntry function in ptserver/ptprocs.c in OpenAFS before
1.6.17 ...)
{DSA-3569-1}
- openafs 1.6.17-1
NOTE:
http://git.openafs.org/?p=openafs.git;a=commitdiff;h=396240cf070a806b91fea81131d034e1399af1e0
@@ -4991,8 +5015,7 @@
NOTE: http://marc.info/?l=netfilter-devel&m=145757136822750&w=2
NOTE: https://patchwork.ozlabs.org/patch/595576/
NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/7
-CVE-2015-8835
- RESERVED
+CVE-2015-8835 (The make_http_soap_request function in ext/soap/php_http.c in
PHP ...)
- php5 5.6.12+dfsg-1
[jessie] - php5 5.6.12+dfsg-0+deb8u1
[wheezy] - php5 5.4.44-0+deb7u1
@@ -5030,12 +5053,10 @@
- libotr 4.1.1-1 (bug #817799)
NOTE:
https://lists.cypherpunks.ca/pipermail/otr-announce/2016-March/000062.html
NOTE: https://www.x41-dsec.de/lab/advisories/x41-2016-001-libotr/
-CVE-2016-2850
- RESERVED
+CVE-2016-2850 (Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1)
...)
- botan1.10 <not-affected> (Introduced in 1.11.0)
NOTE: Introduced in 1.11.0, fixed in 1.11.29
-CVE-2016-2849 [ECDSA side channel attack]
- RESERVED
+CVE-2016-2849 (Botan before 1.10.13 and 1.11.x before 1.11.29 does not use a
...)
{DSA-3565-1 DLA-449-1}
- botan1.10 <unfixed> (bug #822698)
NOTE: http://botan.randombit.net/security.html
@@ -6898,8 +6919,7 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305540
NOTE:
https://git.php.net/?p=php-src.git;a=commit;h=1c1b8b69982375700d4b011eb89ea48b66dbd5aa
NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
-CVE-2016-2554 [Stack overflow when decompressing tar archives]
- RESERVED
+CVE-2016-2554 (Stack-based buffer overflow in ext/phar/tar.c in PHP before
5.5.32, ...)
- php5 5.6.18+dfsg-1
[jessie] - php5 5.6.19+dfsg-0+deb8u1
[wheezy] - php5 <no-dsa> (Minor issue, can be fixed in next update
round)
@@ -7013,12 +7033,12 @@
NOT-FOR-US: Ecava IntegraXor
CVE-2016-2299 (SQL injection vulnerability in Ecava IntegraXor before 5.0
build 4522 ...)
NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2298
- RESERVED
-CVE-2016-2297
- RESERVED
-CVE-2016-2296
- RESERVED
+CVE-2016-2298 (Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited
allows ...)
+ TODO: check
+CVE-2016-2297 (Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited
allows ...)
+ TODO: check
+CVE-2016-2296 (Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited
does not ...)
+ TODO: check
CVE-2016-2295
RESERVED
CVE-2016-2294 (The AXM-NET module in Accuenergy Acuvim II NET Firmware 3.08
and ...)
@@ -7356,19 +7376,16 @@
[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
- libav <not-affected> (Vulnerable code not present)
NOTE:
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=0aada30510d809bccfd539a90ea37b61188f2cb4
-CVE-2016-2196 [Overwrite in P-521 reduction]
- RESERVED
+CVE-2016-2196 (Heap-based buffer overflow in the P-521 reduction function in
Botan ...)
- botan1.10 <not-affected> (Introduced in 1.11.10)
NOTE: Introduced in 1.11.10, fixed in 1.11.27
NOTE: http://botan.randombit.net/security.html
-CVE-2016-2195 [Heap overflow on invalid ECC point]
- RESERVED
+CVE-2016-2195 (Integer overflow in the PointGFp constructor in Botan before
1.10.11 ...)
{DSA-3565-1 DLA-449-1}
- botan1.10 1.10.12-1
NOTE: Introduced in 1.9.18, fixed in 1.11.27 and 1.10.11
NOTE: http://botan.randombit.net/security.html
-CVE-2016-2194 [Infinite loop in modulur square root algorithm]
- RESERVED
+CVE-2016-2194 (The ressol function in Botan before 1.10.11 and 1.11.x before
1.11.27 ...)
{DSA-3565-1 DLA-449-1}
- botan1.10 1.10.12-1
NOTE: Introduced in 1.7.15, fixed in 1.11.27 and 1.10.11
@@ -7672,8 +7689,7 @@
CVE-2016-2100
RESERVED
- foreman <itp> (bug #663101)
-CVE-2016-2099 [use-after-free]
- RESERVED
+CVE-2016-2099 (Use-after-free vulnerability in validators/DTD/DTDScanner.cpp
in ...)
{DSA-3579-1 DLA-467-1}
- xerces-c 3.1.3+debian-2 (bug #823863)
NOTE: https://issues.apache.org/jira/browse/XERCESC-2066
@@ -8170,10 +8186,10 @@
RESERVED
CVE-2016-2017
RESERVED
-CVE-2016-2016
- RESERVED
-CVE-2016-2015
- RESERVED
+CVE-2016-2016 (Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501
B.05.01.0 ...)
+ TODO: check
+CVE-2016-2015 (HPE System Management Homepage before 7.5.5 allows local users
to ...)
+ TODO: check
CVE-2016-2014 (HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25,
10.00, and ...)
TODO: check
CVE-2016-2013 (HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25,
10.00, and ...)
@@ -9229,62 +9245,50 @@
RESERVED
CVE-2016-1672
RESERVED
-CVE-2016-1671
- RESERVED
+CVE-2016-1671 (Google Chrome before 50.0.2661.102 on Android mishandles /
(slash) and ...)
- chromium-browser <not-affected> (Android-specific)
-CVE-2016-1670
- RESERVED
+CVE-2016-1670 (Race condition in the ResourceDispatcherHostImpl::BeginRequest
...)
- chromium-browser <unfixed>
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1669
- RESERVED
+CVE-2016-1669 (The Zone::New function in zone.cc in Google V8 before
5.0.71.47, as ...)
- chromium-browser <unfixed>
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- libv8 <unfixed> (unimportant)
NOTE: libv8 not covered by security support
-CVE-2016-1668
- RESERVED
+CVE-2016-1668 (The forEachForBinding function in ...)
- chromium-browser <unfixed>
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
TODO: check, possibly as well libv8
-CVE-2016-1667
- RESERVED
+CVE-2016-1667 (The TreeScope::adoptIfNeeded function in ...)
- chromium-browser <unfixed>
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1666
- RESERVED
+CVE-2016-1666 (Multiple unspecified vulnerabilities in Google Chrome before
...)
{DSA-3564-1}
- chromium-browser 50.0.2661.94-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1665
- RESERVED
+CVE-2016-1665 (The JSGenericLowering class in compiler/js-generic-lowering.cc
in ...)
{DSA-3564-1}
- chromium-browser 50.0.2661.94-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- libv8 <unfixed> (unimportant)
NOTE: libv8 not covered by security support
-CVE-2016-1664
- RESERVED
+CVE-2016-1664 (The HistoryController::UpdateForCommit function in ...)
{DSA-3564-1}
- chromium-browser 50.0.2661.94-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1663
- RESERVED
+CVE-2016-1663 (The SerializedScriptValue::transferArrayBuffers function in ...)
{DSA-3564-1}
- chromium-browser 50.0.2661.94-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1662
- RESERVED
+CVE-2016-1662 (extensions/renderer/gc_callback.cc in Google Chrome before ...)
{DSA-3564-1}
- chromium-browser 50.0.2661.94-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1661
- RESERVED
+CVE-2016-1661 (Blink, as used in Google Chrome before 50.0.2661.94, does not
ensure ...)
{DSA-3564-1}
- chromium-browser 50.0.2661.94-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1660
- RESERVED
+CVE-2016-1660 (Blink, as used in Google Chrome before 50.0.2661.94, mishandles
...)
{DSA-3564-1}
- chromium-browser 50.0.2661.94-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -9580,12 +9584,12 @@
RESERVED
CVE-2016-1581
RESERVED
-CVE-2016-1580
- RESERVED
+CVE-2016-1580 (The setup_snappy_os_mounts function in the ubuntu-core-launcher
...)
+ TODO: check
CVE-2016-1579
RESERVED
-CVE-2016-1578
- RESERVED
+CVE-2016-1578 (Use-after-free vulnerability in Oxide allows remote attackers
to cause ...)
+ TODO: check
CVE-2016-1577 (Double free vulnerability in the jas_iccattrval_destroy
function in ...)
{DSA-3508-1}
- jasper <unfixed> (bug #816625)
@@ -10125,8 +10129,8 @@
RESERVED
CVE-2016-1400
RESERVED
-CVE-2016-1399
- RESERVED
+CVE-2016-1399 (The packet-processing microcode in Cisco IOS 15.2(2)EA,
15.2(2)EA1, ...)
+ TODO: check
CVE-2016-1398
RESERVED
CVE-2016-1397
@@ -10717,18 +10721,15 @@
NOTE: https://github.com/htacg/tidy-html5/issues/341
NOTE: https://github.com/htacg/tidy-html5/pull/368
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/01/03/4
-CVE-2014-9764 [Fix segfault when opening
input/queue/id:000007,src:000000,op:flip1,pos:51 with feh]
- RESERVED
+CVE-2014-9764 (imlib2 before 1.4.7 allows remote attackers to cause a denial
of ...)
{DSA-3537-1 DLA-401-1}
- imlib2 1.4.7-1
NOTE:
https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=1f9b0b32728803a1578e658cd0955df773e34f49
-CVE-2014-9763 [Prevent division-by-zero crashes]
- RESERVED
+CVE-2014-9763 (imlib2 before 1.4.7 allows remote attackers to cause a denial
of ...)
{DSA-3537-1 DLA-401-1}
- imlib2 1.4.7-1
NOTE:
https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=c21beaf1780cf3ca291735ae7d58a3dde63277a2
-CVE-2014-9762 GIF loader: Fix segv on images without colormap]
- RESERVED
+CVE-2014-9762 (imlib2 before 1.4.7 allows remote attackers to cause a denial
of ...)
{DSA-3537-1 DLA-401-1}
- imlib2 1.4.7-1
NOTE:
https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=39641e74a560982fbf93f29bf96b37d27803cb56
@@ -10951,14 +10952,14 @@
RESERVED
CVE-2016-1210
RESERVED
-CVE-2016-1209
- RESERVED
-CVE-2016-1208
- RESERVED
-CVE-2016-1207
- RESERVED
-CVE-2016-1206
- RESERVED
+CVE-2016-1209 (The Ninja Forms plugin before 2.9.42.1 for WordPress allows
remote ...)
+ TODO: check
+CVE-2016-1208 (The server in Apple FileMaker before 14.0.4 on OS X allows
remote ...)
+ TODO: check
+CVE-2016-1207 (Cross-site scripting (XSS) vulnerability on I-O DATA DEVICE
WN-G300R ...)
+ TODO: check
+CVE-2016-1206 (The WPS implementation on I-O DATA DEVICE WN-GDN/R3,
WN-GDN/R3-C, ...)
+ TODO: check
CVE-2016-1205 (Cross-site scripting (XSS) vulnerability in the shiro8 (1) ...)
TODO: check
CVE-2016-1204
@@ -13667,8 +13668,8 @@
RESERVED
CVE-2016-0391
RESERVED
-CVE-2016-0390
- RESERVED
+CVE-2016-0390 (Cross-site scripting (XSS) vulnerability in IBM Algorithmics
Algo One ...)
+ TODO: check
CVE-2016-0389
RESERVED
CVE-2016-0388
@@ -13685,8 +13686,8 @@
RESERVED
CVE-2016-0382
RESERVED
-CVE-2016-0381
- RESERVED
+CVE-2016-0381 (IBM Cognos TM1 10.2.2 before FP5, when the host/pmhub/pm/admin
...)
+ TODO: check
CVE-2016-0380
RESERVED
CVE-2016-0379
@@ -13765,8 +13766,8 @@
RESERVED
CVE-2016-0342
RESERVED
-CVE-2016-0341
- RESERVED
+CVE-2016-0341 (IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1
and B2B ...)
+ TODO: check
CVE-2016-0340
RESERVED
CVE-2016-0339
@@ -14063,8 +14064,8 @@
RESERVED
CVE-2015-8531 (Cross-site scripting (XSS) vulnerability in IBM Security Access
...)
NOT-FOR-US: IBM
-CVE-2015-8530
- RESERVED
+CVE-2015-8530 (Stack-based buffer overflow in the Initialize function in an
ActiveX ...)
+ TODO: check
CVE-2015-8529
RESERVED
CVE-2015-8528
@@ -15143,8 +15144,7 @@
- gnutls28 <not-affected> (Vulnerable code not present)
- gnutls26 <removed>
NOTE:
https://blog.hboeck.de/archives/877-A-little-POODLE-left-in-GnuTLS-old-versions.html
-CVE-2015-8312
- RESERVED
+CVE-2015-8312 (Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might
allow ...)
{DSA-3569-1}
- openafs 1.6.17-1
NOTE:
http://git.openafs.org/?p=openafs.git;a=commitdiff;h=2ef863720da4d9f368aaca0461c672a3008195ca
@@ -15540,8 +15540,8 @@
TODO: check
CVE-2015-8157
RESERVED
-CVE-2015-8156
- RESERVED
+CVE-2015-8156 (Unquoted Windows search path vulnerability in EEDService in
Symantec ...)
+ TODO: check
CVE-2015-8155
RESERVED
CVE-2015-8154 (The SysPlant.sys driver in the Application and Device Control
(ADC) ...)
@@ -15751,8 +15751,8 @@
RESERVED
CVE-2015-8101
RESERVED
-CVE-2015-8099
- RESERVED
+CVE-2015-8099 (F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and
PEM ...)
+ TODO: check
CVE-2015-8098 (F5 BIG-IP APM 11.4.1 before 11.4.1 HF9, 11.5.x before 11.5.3,
and ...)
NOT-FOR-US: BIG-IP
CVE-2015-8097
@@ -16652,8 +16652,7 @@
NOT-FOR-US: Adobe
CVE-2015-7828 (SAP HANA Database 1.00 SPS10 and earlier do not require ...)
NOT-FOR-US: SAP HANA
-CVE-2015-7827 [PKCS #1 v1.5 decoding was not constant time]
- RESERVED
+CVE-2015-7827 (Botan before 1.10.13 and 1.11.x before 1.11.22 makes it easier
for ...)
{DSA-3565-1 DLA-449-1}
- botan1.10 <unfixed> (bug #817932)
NOTE: Fixed in 1.11.22. Affected all previous versions
@@ -19532,8 +19531,7 @@
NOTE:
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=b85c8d6645039fc9d403791750510e439731d479
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2015/09/08/5
NOTE: Thread on oss-security to clarify if this should be CVE-2015-5738
or a new CVE
-CVE-2015-6838 [NULL pointer dereference]
- RESERVED
+CVE-2015-6838 (The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in
PHP ...)
{DSA-3358-1 DLA-341-1}
- php5 5.6.13+dfsg-1
- hhvm 3.12.1+dfsg-1
@@ -19541,8 +19539,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/09/07/5
NOTE: Fixed in 5.5.45 and 5.6.13
NOTE:
https://github.com/facebook/hhvm/commit/f358ec0e905df41feaa9dc75f4dee814cfe5a60a
-CVE-2015-6837 [NULL pointer dereference]
- RESERVED
+CVE-2015-6837 (The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in
PHP ...)
{DSA-3358-1 DLA-341-1}
- php5 5.6.13+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69782
@@ -19554,16 +19551,14 @@
NOTE: https://bugs.php.net/bug.php?id=70388
NOTE: http://www.openwall.com/lists/oss-security/2015/09/07/5
NOTE: Fixed in 5.5.45 and 5.6.13
-CVE-2015-6835 [Use after free vulnerability in session deserializer]
- RESERVED
+CVE-2015-6835 (The session deserializer in PHP before 5.4.45, 5.5.x before
5.5.29, ...)
{DSA-3358-1}
- php5 5.6.13+dfsg-1
[squeeze] - php5 <no-dsa> (Too intrusive to backport)
NOTE: https://bugs.php.net/bug.php?id=70219
NOTE: http://www.openwall.com/lists/oss-security/2015/09/07/5
NOTE: Fixed in 5.5.45 and 5.6.13
-CVE-2015-6834 [Vulnerability in unserialize(), discoverer
taoguangc...@icloud.com]
- RESERVED
+CVE-2015-6834 (Multiple use-after-free vulnerabilities in PHP before 5.4.45,
5.5.x ...)
{DSA-3358-1 DLA-341-1}
- php5 5.6.13+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=70172
@@ -22201,22 +22196,19 @@
RESERVED
CVE-2015-5728
RESERVED
-CVE-2015-5727 [Excess memory allocation in BER decoder]
- RESERVED
+CVE-2015-5727 (The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x
before ...)
{DSA-3565-1 DLA-449-1}
- botan1.10 1.10.10-1
NOTE: Fixed in 1.11.19 and 1.10.10, affected all previous versions of
1.10 and 1.11
NOTE: http://botan.randombit.net/security.html
-CVE-2015-5726 [Crash in BER decoder]
- RESERVED
+CVE-2015-5726 (The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x
before ...)
{DSA-3565-1 DLA-449-1}
- botan1.10 1.10.10-1
NOTE: Fixed in 1.11.19 and 1.10.10, affected all previous versions of
1.10 and 1.11
NOTE: http://botan.randombit.net/security.html
CVE-2015-5725
RESERVED
-CVE-2014-9742 [Insufficient randomness in Miller-Rabin primality check]
- RESERVED
+CVE-2014-9742 (The Miller-Rabin primality check in Botan before 1.10.8 and
1.11.x ...)
{DLA-449-1}
- botan1.10 1.10.8-1
NOTE: Introduced in 1.8.3, fixed in 1.10.8 and 1.11.9
@@ -22966,8 +22958,7 @@
NOTE: https://bugs.php.net/bug.php?id=69923
NOTE:
http://git.php.net/?p=php-src.git;a=commit;h=6dedeb40db13971af45276f80b5375030aa7e76f
NOTE: Fixed in 5.6.11, 5.4.43
-CVE-2015-5589 [Segfault in Phar::convertToData on invalid file]
- RESERVED
+CVE-2015-5589 (The phar_convert_to_other function in ext/phar/phar_object.c in
PHP ...)
{DSA-3344-1 DLA-307-1}
- php5 5.6.11+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69958
@@ -25723,22 +25714,19 @@
[jessie] - squashfs-tools <no-dsa> (Minor issue)
[wheezy] - squashfs-tools <no-dsa> (Minor issue)
[squeeze] - squashfs-tools <no-dsa> (Minor issue)
-CVE-2015-4642 [OS command injection vulnerability in escapeshellarg]
- RESERVED
+CVE-2015-4642 (The escapeshellarg function in ext/standard/exec.c in PHP
before ...)
- php5 <not-affected> (Windows specific)
NOTE: https://bugs.php.net/bug.php?id=69646
NOTE:
http://git.php.net/?p=php-src.git;a=commitdiff;h=d2ac264ffea5ca2e85640b6736e0c7cd4ee9a4a9
NOTE: http://www.openwall.com/lists/oss-security/2015/06/18/3
-CVE-2015-4643 [Improved fix for bug #69545 (Integer overflow in ftp_genlist()
resulting in heap overflow)]
- RESERVED
+CVE-2015-4643 (Integer overflow in the ftp_genlist function in ext/ftp/ftp.c
in PHP ...)
{DSA-3344-1 DLA-307-1}
- php5 5.6.11+dfsg-1
NOTE: Fixed in 5.6.10 / 5.5.26 / 5.4.42
NOTE: https://bugs.php.net/bug.php?id=69545#1431550655
NOTE:
http://git.php.net/?p=php-src.git;a=commitdiff;h=0765623d6991b62ffcd93ddb6be8a5203a2fa7e2
NOTE: http://www.openwall.com/lists/oss-security/2015/06/18/3
-CVE-2015-4644 [Fixed bug #69667 (segfault in php_pgsql_meta_data)]
- RESERVED
+CVE-2015-4644 (The php_pgsql_meta_data function in pgsql.c in the PostgreSQL
(aka ...)
{DSA-3344-1 DLA-307-1}
- php5 5.6.11+dfsg-1
NOTE: Fixed in 5.6.10 / 5.5.26 / 5.4.42
@@ -26223,46 +26211,40 @@
NOT-FOR-US: Cisco
CVE-2014-9733
RESERVED
-CVE-2015-4603 [exception::getTraceAsString issue]
- RESERVED
+CVE-2015-4603 (The exception::getTraceAsString function in
Zend/zend_exceptions.c in ...)
- php5 5.6.9+dfsg-1
[jessie] - php5 5.6.9+dfsg-0+deb8u1
[wheezy] - php5 5.4.41-0+deb7u1
NOTE: https://bugs.php.net/bug.php?id=69152 [2015-03-03 04:30 UTC]
-CVE-2015-4602
- RESERVED
+CVE-2015-4602 (The __PHP_Incomplete_Class function in
ext/standard/incomplete_class.c ...)
{DLA-307-1}
- php5 5.6.9+dfsg-1
[jessie] - php5 5.6.9+dfsg-0+deb8u1
[wheezy] - php5 5.4.41-0+deb7u1
NOTE:
http://git.php.net/?p=php-src.git;a=commitdiff;h=fb83c76deec58f1fab17c350f04c9f042e5977d1
NOTE: https://bugs.php.net/bug.php?id=69152
-CVE-2015-4601
- RESERVED
+CVE-2015-4601 (PHP before 5.6.7 might allow remote attackers to cause a denial
of ...)
{DLA-307-1}
- php5 5.6.9+dfsg-1
[jessie] - php5 5.6.9+dfsg-0+deb8u1
[wheezy] - php5 5.4.41-0+deb7u1
NOTE:
http://git.php.net/?p=php-src.git;a=commitdiff;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8
NOTE: https://bugs.php.net/bug.php?id=69152
-CVE-2015-4600
- RESERVED
+CVE-2015-4600 (The SoapClient implementation in PHP before 5.4.40, 5.5.x
before ...)
{DLA-307-1}
- php5 5.6.9+dfsg-1
[jessie] - php5 5.6.9+dfsg-0+deb8u1
[wheezy] - php5 5.4.41-0+deb7u1
NOTE:
http://git.php.net/?p=php-src.git;a=commitdiff;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8
NOTE: https://bugs.php.net/bug.php?id=69152
-CVE-2015-4599 [Type confusion vulnerability in exception::getTraceAsString]
- RESERVED
+CVE-2015-4599 (The SoapFault::__toString method in ext/soap/soap.c in PHP
before ...)
{DLA-307-1}
- php5 5.6.9+dfsg-1
[jessie] - php5 5.6.9+dfsg-0+deb8u1
[wheezy] - php5 5.4.41-0+deb7u1
NOTE: https://bugs.php.net/bug.php?id=69152
NOTE:
http://git.php.net/?p=php-src.git;a=commitdiff;h=51856a76f87ecb24fe1385342be43610fb6c86e4
-CVE-2015-4598 [Incorrect handling of paths with NULs]
- RESERVED
+CVE-2015-4598 (PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10
does ...)
{DSA-3344-1 DLA-307-1}
- php5 5.6.11+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69719
@@ -27124,8 +27106,8 @@
NOT-FOR-US: ISPConfig
CVE-2015-4117
RESERVED
-CVE-2015-4116
- RESERVED
+CVE-2015-4116 (Use-after-free vulnerability in the spl_ptr_heap_insert
function in ...)
+ TODO: check
CVE-2015-4115
RESERVED
CVE-2015-4114
@@ -29062,8 +29044,7 @@
RESERVED
- hhvm 3.11.0+dfsg-1
NOTE:
https://github.com/facebook/hhvm/commit/02a7a8f086c9181002fca0f0d9cef42963fdf46a
-CVE-2015-3412
- RESERVED
+CVE-2015-3412 (PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8
does ...)
{DLA-307-1}
- php5 5.6.9+dfsg-1
[jessie] - php5 5.6.9+dfsg-0+deb8u1
@@ -29071,8 +29052,7 @@
NOTE:
http://git.php.net/?p=php-src.git;a=commit;h=52b93f0cfd3cba7ff98cc5198df6ca4f23865f80
NOTE:
http://git.php.net/?p=php-src.git;a=commit;h=4435b9142ff9813845d5c97ab29a5d637bedb257
NOTE: https://bugs.php.net/bug.php?id=69353
-CVE-2015-3411
- RESERVED
+CVE-2015-3411 (PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8
does ...)
{DLA-307-1}
- php5 5.6.9+dfsg-1
[jessie] - php5 5.6.9+dfsg-0+deb8u1
@@ -29334,8 +29314,7 @@
[wheezy] - xen 4.1.4-3+deb7u8
[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
NOTE: http://xenbits.xen.org/xsa/advisory-132.html
-CVE-2015-4605 [denial of service when processing a crafted file with Fileinfo
-- 2015-02-09 17:10 UTC]
- RESERVED
+CVE-2015-4605 (The mcopy function in softmagic.c in file 5.x, as used in the
Fileinfo ...)
{DLA-307-1}
- php5 5.6.9+dfsg-1 (bug #783099)
[jessie] - php5 5.6.9+dfsg-0+deb8u1
@@ -29343,8 +29322,7 @@
- file <not-affected> (Not reproducible with file, see #783108)
NOTE:
https://git.php.net/?p=php-src.git;a=commitdiff;h=f938112c495b0d26572435c0be73ac0bfe642ecd
NOTE: https://bugs.php.net/bug.php?id=68819
-CVE-2015-4604 [denial of service when processing a crafted file with Fileinfo
-- 2015-02-05 13:53 UTC]
- RESERVED
+CVE-2015-4604 (The mget function in softmagic.c in file 5.x, as used in the
Fileinfo ...)
{DLA-307-1}
- php5 5.6.9+dfsg-1 (bug #783099)
[jessie] - php5 5.6.9+dfsg-0+deb8u1
@@ -30112,8 +30090,7 @@
[wheezy] - curl <no-dsa> (Too intrusive to backport)
[squeeze] - curl <no-dsa> (Too intrusive to backport)
NOTE: http://curl.haxx.se/docs/adv_20150429.html
-CVE-2015-3152 [MySQL SSL/TLS downgrade]
- RESERVED
+CVE-2015-3152 (Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka ...)
{DSA-3311-1}
- mariadb-10.0 10.0.20-1
- percona-xtradb-cluster-5.5 <removed>
@@ -65326,8 +65303,7 @@
NOTE:
https://github.com/file/file/commit/b8acc83781d5a24cc5101e525d15efe0482c280d
- php5 5.6.0~beta4+dfsg-1 (low)
NOTE: https://bugs.php.net/bug.php?id=67328
-CVE-2014-0236 [root_storage NULL pointer deference flaw in CDF parser]
- RESERVED
+CVE-2014-0236 (file before 5.18, as used in the Fileinfo component in PHP
before ...)
- file 1:5.19-1
[wheezy] - file <not-affected> (Introduced in 5.18)
[squeeze] - file <not-affected> (Introduced in 5.18)
@@ -198673,7 +198649,7 @@
NOT-FOR-US: PerlDiver
CVE-2005-3066 (Cross-site scripting (XSS) vulnerability in perldiver.pl in
PerlDiver ...)
NOT-FOR-US: PerlDiver
-CVE-2005-3065 (MultiTheftAuto 0.5 patch 1 and earlier allows remote attackers
cause a ...)
+CVE-2005-3065 (MultiTheftAuto 0.5 patch 1 and earlier allows remote attackers
to ...)
NOT-FOR-US: MultiTheftAuto
CVE-2005-3064 (MultiTheftAuto 0.5 patch 1 and earlier does not properly verify
client ...)
NOT-FOR-US: MultiTheftAuto
@@ -224515,7 +224491,7 @@
NOT-FOR-US: Cisco
CVE-2001-0782 (KDE ktvision 0.1.1-271 and earlier allows local attackers to
gain root ...)
NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0781 (Buffer overflow in SpoonFTP 1.0.0.12 allows remote attacker to
execute ...)
+CVE-2001-0781 (Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to
...)
NOT-FOR-US: Data pre-dating the Security Tracker
CVE-2001-0780 (Directory traversal vulnerability in cosmicpro.cgi in
Cosmicperl ...)
NOT-FOR-US: Data pre-dating the Security Tracker
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
