Author: sectracker Date: 2016-12-12 21:10:11 +0000 (Mon, 12 Dec 2016) New Revision: 47010
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-12-12 21:06:08 UTC (rev 47009) +++ data/CVE/list 2016-12-12 21:10:11 UTC (rev 47010) @@ -1,3 +1,17 @@ +CVE-2016-9931 + RESERVED +CVE-2016-9930 + RESERVED +CVE-2016-9929 + RESERVED +CVE-2016-9927 + RESERVED +CVE-2016-9926 + RESERVED +CVE-2016-9925 + RESERVED +CVE-2016-9924 + RESERVED CVE-2016-9936 [Use After Free in PHP7 unserialize()] - php7.0 7.0.14-1 NOTE: Fixed in PHP 7.0.14 and 7.1.0 @@ -7973,101 +7987,80 @@ NOTE: Upstream patch: https://bugs.php.net/patch-display.php?bug_id=67397&patch=bug67397-patch&revision=latest NOTE: PHP workaround for CVE-2014-9911 in icu TODO: double-check first fixing version in unstable -CVE-2016-4412 [phpMyAdmin PMASA-2016-57] - RESERVED +CVE-2016-4412 (An issue was discovered in phpMyAdmin. A user can be tricked into ...) - phpmyadmin 4:4.1.7-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-57/ NOTE: may affect wheezy only. -CVE-2016-9847 [phpMyAdmin PMASA-2016-58] - RESERVED +CVE-2016-9847 (An issue was discovered in phpMyAdmin. When the user does not specify ...) - phpmyadmin 4:4.6.5.1-1 (unimportant) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-58/ NOTE: Debian packaging generates blowfish secret -CVE-2016-9848 [phpMyAdmin PMASA-2016-59] - RESERVED +CVE-2016-9848 (An issue was discovered in phpMyAdmin. phpinfo (phpinfo.php) shows PHP ...) - phpmyadmin 4:4.6.5.1-1 (unimportant) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-59/ NOTE: disabled by default, debugging setting required -CVE-2016-9849 [phpMyAdmin PMASA-2016-60] - RESERVED +CVE-2016-9849 (An issue was discovered in phpMyAdmin. It is possible to bypass ...) - phpmyadmin 4:4.6.5.1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-60/ -CVE-2016-9850 [phpMyAdmin PMASA-2016-61] - RESERVED +CVE-2016-9850 (An issue was discovered in phpMyAdmin. Username matching for the ...) - phpmyadmin 4:4.6.5.1-1 (low) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-61/ -CVE-2016-9851 [phpMyAdmin PMASA-2016-62] - RESERVED +CVE-2016-9851 (An issue was discovered in phpMyAdmin. With a crafted request ...) - phpmyadmin 4:4.6.5.1-1 (unimportant) [jessie] - phpmyadmin <not-affected> (Vulnerable code not present) [wheezy] - phpmyadmin <not-affected> (Vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-62/ -CVE-2016-9852 [phpMyAdmin PMASA-2016-63] - RESERVED +CVE-2016-9852 (An issue was discovered in phpMyAdmin. By calling some scripts that ...) - phpmyadmin 4:4.6.5.1-1 (unimportant) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-63/ NOTE: path disclosure not relevant in Debian -CVE-2016-9853 [phpMyAdmin PMASA-2016-63] - RESERVED +CVE-2016-9853 (An issue was discovered in phpMyAdmin. By calling some scripts that ...) - phpmyadmin 4:4.6.5.1-1 (unimportant) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-63/ NOTE: path disclosure not relevant in Debian -CVE-2016-9854 [phpMyAdmin PMASA-2016-63] - RESERVED +CVE-2016-9854 (An issue was discovered in phpMyAdmin. By calling some scripts that ...) - phpmyadmin 4:4.6.5.1-1 (unimportant) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-63/ NOTE: path disclosure not relevant in Debian -CVE-2016-9855 [phpMyAdmin PMASA-2016-63] - RESERVED +CVE-2016-9855 (An issue was discovered in phpMyAdmin. By calling some scripts that ...) - phpmyadmin 4:4.6.5.1-1 (unimportant) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-63/ NOTE: path disclosure not relevant in Debian -CVE-2016-9856 [phpMyAdmin PMASA-2016-64] - RESERVED +CVE-2016-9856 (An XSS issue was discovered in phpMyAdmin because of an improper fix ...) - phpmyadmin 4:4.6.5.1-1 (unimportant) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-64/ -CVE-2016-9857 [phpMyAdmin PMASA-2016-64] - RESERVED +CVE-2016-9857 (An issue was discovered in phpMyAdmin. XSS is possible because of a ...) - phpmyadmin 4:4.6.5.1-1 (unimportant) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-64/ -CVE-2016-9858 [phpMyAdmin PMASA-2016-65] - RESERVED +CVE-2016-9858 (An issue was discovered in phpMyAdmin. With a crafted request ...) - phpmyadmin 4:4.6.5.1-1 (unimportant) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-65/ -CVE-2016-9859 [phpMyAdmin PMASA-2016-65] - RESERVED +CVE-2016-9859 (An issue was discovered in phpMyAdmin. With a crafted request ...) - phpmyadmin 4:4.6.5.1-1 (unimportant) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-65/ -CVE-2016-9860 [phpMyAdmin PMASA-2016-65] - RESERVED +CVE-2016-9860 (An issue was discovered in phpMyAdmin. An unauthenticated user can ...) - phpmyadmin 4:4.6.5.1-1 (unimportant) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-65/ -CVE-2016-9861 [phpMyAdmin PMASA-2016-66] - RESERVED +CVE-2016-9861 (An issue was discovered in phpMyAdmin. Due to the limitation in URL ...) - phpmyadmin 4:4.6.5.1-1 (low) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-66/ -CVE-2016-9862 [phpMyAdmin PMASA-2016-67] - RESERVED +CVE-2016-9862 (An issue was discovered in phpMyAdmin. With a crafted login request it ...) - phpmyadmin 4:4.6.5.1-1 [jessie] - phpmyadmin <not-affected> (Vulnerable code not present) [wheezy] - phpmyadmin <not-affected> (Vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-67/ -CVE-2016-9863 [phpMyAdmin PMASA-2016-68] - RESERVED +CVE-2016-9863 (An issue was discovered in phpMyAdmin. With a very large request to ...) - phpmyadmin 4:4.6.5.1-1 (unimportant) [jessie] - phpmyadmin <not-affected> (Vulnerable code not present) [wheezy] - phpmyadmin <not-affected> (Vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-68/ -CVE-2016-9864 [phpMyAdmin PMASA-2016-69] - RESERVED +CVE-2016-9864 (An issue was discovered in phpMyAdmin. With a crafted username or a ...) - phpmyadmin 4:4.6.5.1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-69/ -CVE-2016-9865 [phpMyAdmin PMASA-2016-70] - RESERVED +CVE-2016-9865 (An issue was discovered in phpMyAdmin. Due to a bug in serialized ...) - phpmyadmin 4:4.6.5.1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-70/ -CVE-2016-9866 [phpMyAdmin PMASA-2016-71] - RESERVED +CVE-2016-9866 (An issue was discovered in phpMyAdmin. When the arg_separator is ...) - phpmyadmin 4:4.6.5.1-1 (unimportant) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-71/ NOTE: unlikely PHP configuration required, unclear impact @@ -8173,75 +8166,63 @@ NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=fec77de8cbb0c8192b77aff2e563705ba421f2f2 NOTE: Fixed by (later followed up): https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=45dcd0b9ccf33ed85cdafeb871a3781f5be57fd9 NOTE: Fixed by (later followed up): https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=153a8ae752c90d07190ef45803422a4f71ea8bff -CVE-2016-9633 - RESERVED +CVE-2016-9633 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-33 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/23 -CVE-2016-9632 - RESERVED +CVE-2016-9632 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-33 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/43 -CVE-2016-9631 - RESERVED +CVE-2016-9631 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-33 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/42 -CVE-2016-9630 - RESERVED +CVE-2016-9630 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-33 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/41 -CVE-2016-9629 - RESERVED +CVE-2016-9629 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-33 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/40 -CVE-2016-9628 - RESERVED +CVE-2016-9628 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-33 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/39 -CVE-2016-9627 - RESERVED +CVE-2016-9627 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-33 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/38 NOTE: https://github.com/tats/w3m/commit/0c3f5d0e0d9269ad47b8f4b061d7818993913189 -CVE-2016-9626 - RESERVED +CVE-2016-9626 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-33 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/37 -CVE-2016-9625 - RESERVED +CVE-2016-9625 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-33 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/36 -CVE-2016-9624 - RESERVED +CVE-2016-9624 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-33 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/35 -CVE-2016-9623 - RESERVED +CVE-2016-9623 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-33 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/33 -CVE-2016-9622 - RESERVED +CVE-2016-9622 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-33 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) @@ -8340,6 +8321,7 @@ CVE-2016-9444 RESERVED CVE-2016-9928 [MCabber before 1.0.4 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza] + RESERVED {DLA-724-1} - mcabber <unfixed> (bug #845258) [jessie] - mcabber <no-dsa> (Minor issue) @@ -8682,44 +8664,37 @@ - drupal7 7.52-1 NOTE: https://www.drupal.org/SA-CORE-2016-005 NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8 -CVE-2016-9443 - RESERVED +CVE-2016-9443 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/28 -CVE-2016-9442 - RESERVED +CVE-2016-9442 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/commit/d43527cfa0dbb3ccefec4a6f7b32c1434739aa29 -CVE-2016-9441 - RESERVED +CVE-2016-9441 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/24 -CVE-2016-9440 - RESERVED +CVE-2016-9440 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/22 -CVE-2016-9439 - RESERVED +CVE-2016-9439 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-33 (bug #844726) [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/20 -CVE-2016-9438 - RESERVED +CVE-2016-9438 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/18 -CVE-2016-9437 - RESERVED +CVE-2016-9437 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) @@ -8738,50 +8713,42 @@ [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/16 NOTE: Fixed by: https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd -CVE-2016-9434 - RESERVED +CVE-2016-9434 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/15 -CVE-2016-9433 - RESERVED +CVE-2016-9433 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/14 -CVE-2016-9432 - RESERVED +CVE-2016-9432 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/13 -CVE-2016-9431 - RESERVED +CVE-2016-9431 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/10 -CVE-2016-9430 - RESERVED +CVE-2016-9430 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/7 -CVE-2016-9429 - RESERVED +CVE-2016-9429 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/29 -CVE-2016-9428 - RESERVED +CVE-2016-9428 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/26 -CVE-2016-9427 - RESERVED +CVE-2016-9427 (Integer overflow vulnerability in bdwgc before 2016-09-27 allows ...) {DLA-721-1} [experimental] - libgc 1:7.4.4-1 - libgc <unfixed> (bug #844771) @@ -8789,32 +8756,27 @@ NOTE: Fixed by https://github.com/ivmai/bdwgc/commit/4e1a6f9d8f2a49403bbd00b8c8e5324048fb84d4 NOTE: Fixed by https://github.com/ivmai/bdwgc/commit/7292c02fac2066d39dd1bcc37d1a7054fd1e32ee NOTE: Fixed by https://github.com/ivmai/bdwgc/commit/552ad0834672fed86ada6430150ef9ebdd3f54d7 -CVE-2016-9426 - RESERVED +CVE-2016-9426 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/25 -CVE-2016-9425 - RESERVED +CVE-2016-9425 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/21 -CVE-2016-9424 - RESERVED +CVE-2016-9424 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/12 -CVE-2016-9423 - RESERVED +CVE-2016-9423 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/issues/9 -CVE-2016-9422 - RESERVED +CVE-2016-9422 (An issue was discovered in the Tatsuya Kinoshita w3m fork before ...) - w3m 0.5.3-30 [jessie] - w3m <no-dsa> (Minor issue) [wheezy] - w3m <no-dsa> (Minor issue) @@ -9665,8 +9627,7 @@ RESERVED CVE-2014-9909 RESERVED -CVE-2016-9106 [9pfs: memory leakage in v9fs_write] - RESERVED +CVE-2016-9106 (Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka ...) {DLA-698-1 DLA-689-1} - qemu <unfixed> (bug #842463) - qemu-kvm <removed> @@ -9676,8 +9637,7 @@ NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02623.html NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/4 NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=fdfcc9aeea1492f4b819a24c94dfb678145b1bf9 -CVE-2016-9105 [memory leakage in v9fs_link] - RESERVED +CVE-2016-9105 (Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka ...) {DLA-698-1 DLA-689-1} - qemu <unfixed> (bug #842463) - qemu-kvm <removed> @@ -9687,8 +9647,7 @@ NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02608.html NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/3 NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=4c1586787ff43c9acd18a56c12d720e3e6be9f7c -CVE-2016-9104 [9pfs: integer overflow leading to OOB access] - RESERVED +CVE-2016-9104 (Multiple integer overflows in the (1) v9fs_xattr_read and (2) ...) {DLA-698-1 DLA-689-1} - qemu <unfixed> (bug #842463) - qemu-kvm <removed> @@ -9697,8 +9656,7 @@ NOTE: Xen switched to qemu-system in 4.4.0-1 NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02942.html NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/2 -CVE-2016-9103 [9pfs: information leakage via xattribute] - RESERVED +CVE-2016-9103 (The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick ...) {DLA-698-1 DLA-689-1} - qemu <unfixed> (bug #842463) - qemu-kvm <removed> @@ -9708,8 +9666,7 @@ NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01790.html NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/1 NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=eb687602853b4ae656e9236ee4222609f3a6887d -CVE-2016-9102 [memory leakage when creating extended attribute] - RESERVED +CVE-2016-9102 (Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU ...) {DLA-698-1 DLA-689-1} - qemu <unfixed> (bug #842463) - qemu-kvm <removed> @@ -9720,8 +9677,7 @@ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1389550 NOTE: http://www.openwall.com/lists/oss-security/2016/10/27/15 NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ff55e94d23ae94c8628b0115320157c763eb3e06 -CVE-2016-9101 [net: eepro100 memory leakage at device unplug] - RESERVED +CVE-2016-9101 (Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows ...) {DLA-698-1 DLA-689-1} - qemu <unfixed> (bug #842455) - qemu-kvm <removed> @@ -9946,15 +9902,13 @@ CVE-2016-9015 [certificate verification failure] RESERVED - python-urllib3 <not-affected> (Issue only present in 1.17 and 1.18 releases) -CVE-2016-9014 [DNS rebinding vulnerability when DEBUG=True] - RESERVED +CVE-2016-9014 (Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x ...) {DLA-706-1} - python-django 1:1.10.3-1 (bug #842856) [jessie] - python-django <no-dsa> (Minor issue; can be updated via point release) NOTE: https://www.djangoproject.com/weblog/2016/nov/01/security-releases/ NOTE: https://github.com/django/django/commit/7fe2d8d940fdddd1a02c4754008a27060c4a03e9 -CVE-2016-9013 [User with hardcoded password created when running tests on Oracle] - RESERVED +CVE-2016-9013 (Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before ...) - python-django 1:1.10.3-1 (bug #842856) [jessie] - python-django <no-dsa> (Minor issue; can be updated via point release) [wheezy] - python-django <no-dsa> (Minor issue; specific to Oracle) @@ -12188,8 +12142,7 @@ NOTE: Apache say that issue needs to be fixed in any vendor/product using Apache Commons FileUpload NOTE: DiskFileItem as described in the given advisory. NOTE: Thus we are not going to diverge from Apache upstream here. -CVE-2016-7466 [usb: xhci memory leakage during device unplug] - RESERVED +CVE-2016-7466 (Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU ...) - qemu 1:2.7+dfsg-1 (bug #838687) [jessie] - qemu <no-dsa> (Minor issue, needs qemu monitor access to unplug nec-xhci controller) [wheezy] - qemu <no-dsa> (Minor issue, needs qemu monitor access to unplug nec-xhci controller) @@ -12337,8 +12290,7 @@ NOTE: LSI SAS1068 (mptsas) device support added in NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=e351b82611293683c4cabe4b69b7552bde5d4e2a (v2.6.0-rc0) NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=670e56d3ed2918b3861d9216f2c0540d9e9ae0d5 -CVE-2016-7422 [virtio: null pointer dereference in virtqueue_map_desc] - RESERVED +CVE-2016-7422 (The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka ...) - qemu 1:2.7+dfsg-1 (bug #838146) [jessie] - qemu <not-affected> (Vulnerable code introduced later) [wheezy] - qemu <not-affected> (Vulnerable code introduced later) @@ -12350,8 +12302,7 @@ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1376755 NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=3b3b0628217e2726069990ff9942a5d6d9816bd7 (v2.6.0-rc0) NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/4 -CVE-2016-7421 [scsi: pvscsi: infinite loop when processing IO requests] - RESERVED +CVE-2016-7421 (The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU ...) - qemu 1:2.7+dfsg-1 (bug #838147) [wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after 1.5) - qemu-kvm <not-affected> (Vulnerable code not present, introduced after 1.5) @@ -13442,8 +13393,7 @@ NOTE: 1.3.21-2 the build is done with --with-quantum-depth=16 switching NOTE: away from the default with QuantumDepth=8 NOTE: patch for this and CVE-2016-7997 at: http://openwall.com/lists/oss-security/2016/10/07/4 -CVE-2016-7995 [usb: hcd-ehci: memory leak in ehci_process_itd] - RESERVED +CVE-2016-7995 (Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in ...) - qemu <unfixed> (bug #840236) [jessie] - qemu <not-affected> (Vulnerable code introduced in v2.6.0-rc0) [wheezy] - qemu <not-affected> (Vulnerable code introduced in v2.6.0-rc0) @@ -13457,8 +13407,7 @@ NOTE: Though this commit fixed an OOB read access issue which might need NOTE: potentially a new separate CVE id if it does not have one yet. TODO: double-check notes and analysis -CVE-2016-7994 [virtio-gpu: memory leak in virtio_gpu_resource_create_2d] - RESERVED +CVE-2016-7994 (Memory leak in the virtio_gpu_resource_create_2d function in ...) - qemu <unfixed> (bug #840228) [jessie] - qemu <not-affected> (Vulnerable code introduced in 2.4.0-rc0) [wheezy] - qemu <not-affected> (Vulnerable code introduced in 2.4.0-rc0) @@ -15586,8 +15535,7 @@ RESERVED CVE-2016-7171 (NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use ...) TODO: check -CVE-2016-7170 [vmware_vga: OOB stack memory access when processing svga command] - RESERVED +CVE-2016-7170 (The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka ...) {DLA-653-1 DLA-652-1} - qemu <unfixed> (bug #837316) - qemu-kvm <removed> @@ -15709,8 +15657,7 @@ NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/ed38046c5c2e3b310980be32287179895c83e0d8 (n3.1.4) CVE-2016-7121 RESERVED -CVE-2016-7155 [scsi: pvscsi: OOB read and infinite loop while setting descriptor rings] - RESERVED +CVE-2016-7155 (hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest ...) - qemu 1:2.6+dfsg-3.1 (bug #837174) [jessie] - qemu <no-dsa> (Minor issue) [wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after v1.5) @@ -15723,8 +15670,7 @@ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373462 NOTE: http://www.openwall.com/lists/oss-security/2016/09/06/2 NOTE: Vulnerable code introduced after version 1.5: http://wiki.qemu.org/ChangeLog/1.5 -CVE-2016-7156 [scsi: pvscsi: infintie loop when building SG list] - RESERVED +CVE-2016-7156 (The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU ...) - qemu 1:2.6+dfsg-3.1 (bug #837339) [jessie] - qemu <no-dsa> (Minor issue) [wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after v1.5) @@ -15737,8 +15683,7 @@ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373478 NOTE: http://www.openwall.com/lists/oss-security/2016/09/06/3 NOTE: Vulnerable code introduced after version 1.5: http://wiki.qemu.org/ChangeLog/1.5 -CVE-2016-7157 [mptsas: invalid memory access while building configuration pages] - RESERVED +CVE-2016-7157 (The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 ...) - qemu 1:2.6+dfsg-3.1 (bug #837603) [jessie] - qemu <not-affected> (Vulnerable code not present, introduced after v2.6) [wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after v2.6) @@ -15941,8 +15886,7 @@ NOTE: Bit of complicated tracking information. For jessie the affected version is not in any yet NOTE: released version, thus should be n/a. wheezy OTOH, has already the issue in a released version. Issue then was fixed in 3.2.81-2 in DLA-609-1 NOTE: http://www.openwall.com/lists/oss-security/2016/08/31/1 -CVE-2016-7116 [9p: directory traversal flaw in 9p virtio backend] - RESERVED +CVE-2016-7116 (Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick ...) {DLA-619-1 DLA-618-1} - qemu 1:2.6+dfsg-3.1 (bug #836502) [jessie] - qemu <no-dsa> (Minor issue) @@ -16627,8 +16571,8 @@ NOT-FOR-US: Huawei FusionAccess CVE-2016-6838 (Huawei X6800 and XH620 V3 servers with software before ...) NOT-FOR-US: Huawei FusionServer -CVE-2016-6829 - RESERVED +CVE-2016-6829 (The trove service user in (1) Openstack deployment (aka ...) + TODO: check CVE-2016-6827 (Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES ...) NOT-FOR-US: Huawei FusionCompute CVE-2016-6826 (Huawei AnyMail before 2.6.0301.0060 allows remote attackers to cause a ...) @@ -16637,8 +16581,7 @@ NOT-FOR-US: Huawei FusionServer Node CVE-2016-6824 (Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with ...) NOT-FOR-US: Huawei Campus Switch -CVE-2016-6888 [net: vmxnet: integer overflow in packet initialisation] - RESERVED +CVE-2016-6888 (Integer overflow in the net_tx_pkt_init function in ...) - qemu 1:2.6+dfsg-3.1 (bug #834902) [jessie] - qemu <no-dsa> (Minor issue) [wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5) @@ -17118,8 +17061,7 @@ [wheezy] - imagemagick 8:6.7.7.10-5+deb7u8 NOTE: Workaround entry for DLA-731-1 until CVE is assigned NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30245 -CVE-2016-6833 [net: vmxnet3: use after free while writing] - RESERVED +CVE-2016-6833 (Use-after-free vulnerability in the vmxnet3_io_bar0_write function in ...) - qemu 1:2.6+dfsg-3.1 (bug #834904) [wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5) - qemu-kvm <removed> @@ -17130,8 +17072,7 @@ NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=6c352ca9b4ee3e1e286ea9e8434bd8e69ac7d0d8 NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01602.html NOTE: http://www.openwall.com/lists/oss-security/2016/08/12/1 -CVE-2016-6834 [an infinite loop during packet fragmentation] - RESERVED +CVE-2016-6834 (The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in ...) - qemu 1:2.6+dfsg-3.1 (bug #834905) [jessie] - qemu <no-dsa> (Minor issue) [wheezy] - qemu <not-affected> (Vulnerable code not present, packet abstraction introduced in 1.5) @@ -17143,8 +17084,7 @@ NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ead315e43ea0c2ca3491209c6c8db8ce3f2bbe05 NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01601.html NOTE: http://www.openwall.com/lists/oss-security/2016/08/11/8 -CVE-2016-6835 [buffer overflow in vmxnet_tx_pkt_parse_headers() in vmxnet3 device emulation] - RESERVED +CVE-2016-6835 (The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in ...) - qemu 1:2.6+dfsg-3.1 (bug #835031) [wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5) - qemu-kvm <removed> @@ -17154,8 +17094,7 @@ NOTE: Xen switched to qemu-system in 4.4.0-1 NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-stable/2016-08/msg00077.html NOTE: http://www.openwall.com/lists/oss-security/2016/08/11/7 -CVE-2016-6836 [Information leak in vmxnet3_complete_packet] - RESERVED +CVE-2016-6836 (The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka ...) - qemu 1:2.6+dfsg-3.1 (bug #834944) [jessie] - qemu <no-dsa> (Minor issue) [wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5) @@ -17346,47 +17285,38 @@ NOTE: http://codex.wordpress.org/Version_4.5 NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37124 NOTE: Fixed by: https://github.com/WordPress/WordPress/commit/cb2b3ed3c7d68f6505bfb5c90257e6aaa3e5fcb9 -CVE-2016-6633 - RESERVED +CVE-2016-6633 (An issue was discovered in phpMyAdmin. phpMyAdmin can be used to ...) - phpmyadmin 4:4.6.4+dfsg1-1 [wheezy] - phpmyadmin <not-affected> (Vulnerable code not present) -CVE-2016-6632 - RESERVED +CVE-2016-6632 (An issue was discovered in phpMyAdmin where, under certain conditions, ...) - phpmyadmin 4:4.6.4+dfsg1-1 [wheezy] - phpmyadmin <not-affected> (Vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-55/ -CVE-2016-6631 - RESERVED +CVE-2016-6631 (An issue was discovered in phpMyAdmin. A user can execute a remote ...) {DLA-626-1} - phpmyadmin 4:4.6.4+dfsg1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-54/ -CVE-2016-6630 - RESERVED +CVE-2016-6630 (An issue was discovered in phpMyAdmin. An authenticated user can ...) {DLA-626-1} - phpmyadmin 4:4.6.4+dfsg1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-53/ -CVE-2016-6629 - RESERVED +CVE-2016-6629 (An issue was discovered in phpMyAdmin involving the ...) - phpmyadmin 4:4.6.4+dfsg1-1 [wheezy] - phpmyadmin <not-affected> (Vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-52/ -CVE-2016-6628 - RESERVED +CVE-2016-6628 (An issue was discovered in phpMyAdmin. An attacker may be able to ...) - phpmyadmin 4:4.6.4+dfsg1-1 [wheezy] - phpmyadmin <not-affected> (Vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-51/ -CVE-2016-6627 - RESERVED +CVE-2016-6627 (An issue was discovered in phpMyAdmin. An attacker can determine the ...) - phpmyadmin 4:4.6.4+dfsg1-1 [wheezy] - phpmyadmin <no-dsa> (Not critical enough) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-50/ -CVE-2016-6626 - RESERVED +CVE-2016-6626 (An issue was discovered in phpMyAdmin. An attacker could redirect a ...) - phpmyadmin 4:4.6.4+dfsg1-1 [wheezy] - phpmyadmin <not-affected> (Vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-49/ -CVE-2016-6625 - RESERVED +CVE-2016-6625 (An issue was discovered in phpMyAdmin. An attacker can determine ...) - phpmyadmin 4:4.6.4+dfsg1-1 [wheezy] - phpmyadmin <no-dsa> (Not critical enough) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-48/ @@ -17396,18 +17326,15 @@ NOTE: printing can show more information than what should be used in NOTE: a production environment. This is the motivation that it is not NOTE: solved for wheezy. -CVE-2016-6624 - RESERVED +CVE-2016-6624 (An issue was discovered in phpMyAdmin involving improper enforcement ...) {DLA-626-1} - phpmyadmin 4:4.6.4+dfsg1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-47/ -CVE-2016-6623 - RESERVED +CVE-2016-6623 (An issue was discovered in phpMyAdmin. An authorized user can cause a ...) {DLA-626-1} - phpmyadmin 4:4.6.4+dfsg1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-46/ -CVE-2016-6622 - RESERVED +CVE-2016-6622 (An issue was discovered in phpMyAdmin. An unauthenticated user is able ...) {DLA-626-1} - phpmyadmin 4:4.6.4+dfsg1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-45/ @@ -17419,78 +17346,63 @@ NOTE: The issue is not public yet, upstream does not want to NOTE: disclose details until fix ready TODO: wait for upstream to release the PMASA-2016-44 -CVE-2016-6620 - RESERVED +CVE-2016-6620 (An issue was discovered in phpMyAdmin. Some data is passed to the PHP ...) {DLA-626-1} - phpmyadmin 4:4.6.4+dfsg1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-43/ -CVE-2016-6619 - RESERVED +CVE-2016-6619 (An issue was discovered in phpMyAdmin. In the user interface ...) - phpmyadmin 4:4.6.4+dfsg1-1 [wheezy] - phpmyadmin <not-affected> (Vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-42/ -CVE-2016-6618 - RESERVED +CVE-2016-6618 (An issue was discovered in phpMyAdmin. The transformation feature ...) - phpmyadmin 4:4.6.4+dfsg1-1 [wheezy] - phpmyadmin <not-affected> (Vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-41/ -CVE-2016-6617 - RESERVED +CVE-2016-6617 (An issue was discovered in phpMyAdmin. A specially crafted database ...) - phpmyadmin 4:4.6.4+dfsg1-1 [jessie] - phpmyadmin <not-affected> (Only affects 4.6.x) [wheezy] - phpmyadmin <not-affected> (Only affects 4.6.x) -CVE-2016-6616 - RESERVED +CVE-2016-6616 (An issue was discovered in phpMyAdmin. In the "User group" and ...) - phpmyadmin 4:4.6.4+dfsg1-1 [wheezy] - phpmyadmin <not-affected> (Only affects 4.4.x onward) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-39/ -CVE-2016-6615 - RESERVED +CVE-2016-6615 (XSS issues were discovered in phpMyAdmin. This affects navigation pane ...) - phpmyadmin 4:4.6.4+dfsg1-1 [wheezy] - phpmyadmin <not-affected> (Vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-38/ -CVE-2016-6614 - RESERVED +CVE-2016-6614 (An issue was discovered in phpMyAdmin involving the %u username ...) {DLA-626-1} - phpmyadmin 4:4.6.4+dfsg1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-37/ -CVE-2016-6613 - RESERVED +CVE-2016-6613 (An issue was discovered in phpMyAdmin. A user can specially craft a ...) {DLA-626-1} - phpmyadmin 4:4.6.4+dfsg1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-36/ -CVE-2016-6612 - RESERVED +CVE-2016-6612 (An issue was discovered in phpMyAdmin. A user can exploit the LOAD ...) {DLA-626-1} - phpmyadmin 4:4.6.4+dfsg1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-35/ -CVE-2016-6611 - RESERVED +CVE-2016-6611 (An issue was discovered in phpMyAdmin. A specially crafted database ...) {DLA-626-1} - phpmyadmin 4:4.6.4+dfsg1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-34/ -CVE-2016-6610 - RESERVED +CVE-2016-6610 (A full path disclosure vulnerability was discovered in phpMyAdmin ...) - phpmyadmin 4:4.6.4+dfsg1-1 [wheezy] - phpmyadmin <not-affected> (Vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-33/ -CVE-2016-6609 - RESERVED +CVE-2016-6609 (An issue was discovered in phpMyAdmin. A specially crafted database ...) {DLA-626-1} - phpmyadmin 4:4.6.4+dfsg1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-32/ -CVE-2016-6608 - RESERVED +CVE-2016-6608 (XSS issues were discovered in phpMyAdmin. This affects the database ...) - phpmyadmin 4:4.6.4+dfsg1-1 [jessie] - phpmyadmin <not-affected> (Only affects 4.6.x) [wheezy] - phpmyadmin <not-affected> (Only affects 4.6.x) -CVE-2016-6607 - RESERVED +CVE-2016-6607 (XSS issues were discovered in phpMyAdmin. This affects Zoom search ...) {DLA-626-1} - phpmyadmin 4:4.6.4+dfsg1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-30/ -CVE-2016-6606 - RESERVED +CVE-2016-6606 (An issue was discovered in cookie encryption in phpMyAdmin. The ...) {DLA-626-1} - phpmyadmin 4:4.6.4+dfsg1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-29/ @@ -17950,8 +17862,8 @@ RESERVED CVE-2016-6502 RESERVED -CVE-2016-6501 - RESERVED +CVE-2016-6501 (JFrog Artifactory before 4.11 allows remote attackers to execute ...) + TODO: check CVE-2016-6500 RESERVED CVE-2016-6499 @@ -17960,15 +17872,14 @@ RESERVED CVE-2016-6497 RESERVED -CVE-2016-6496 - RESERVED +CVE-2016-6496 (The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x ...) + TODO: check CVE-2016-6525 (Heap-based buffer overflow in the pdf_load_mesh_params function in ...) {DSA-3655-1 DLA-589-1} - mupdf 1.9a+ds1-1.2 (bug #833417) NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=696954 NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e -CVE-2016-6523 [reflected XSS vulnerabilities in media manager] - RESERVED +CVE-2016-6523 (Multiple cross-site scripting (XSS) vulnerabilities in the media ...) - dotclear <removed> [jessie] - dotclear <no-dsa> (Minor issue) NOTE: Fixed by: https://hg.dotclear.org/dotclear/rev/40d0207e520d @@ -18126,8 +18037,7 @@ NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12495 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=581a17af40b84ef0c9e7f41ed0795af345b61ce1 NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3 -CVE-2016-6490 [virtio: infinite loop in virtqueue_pop] - RESERVED +CVE-2016-6490 (The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka ...) - qemu 1:2.6+dfsg-3.1 (bug #832767) [jessie] - qemu <not-affected> (Vulnerable code not present) [wheezy] - qemu <not-affected> (Issue introduced later) @@ -18504,8 +18414,7 @@ NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617 CVE-2016-6322 (Red Hat QuickStart Cloud Installer (QCI) uses world-readable ...) NOT-FOR-US: ovirt-engine -CVE-2016-6321 [Bypassing the extract path name] - RESERVED +CVE-2016-6321 (Directory traversal vulnerability in the safer_name_suffix function in ...) {DSA-3702-1 DLA-690-1} - tar 1.29b-1.1 (bug #842339) NOTE: https://sintonen.fi/advisories/tar-extract-pathname-bypass.txt @@ -18612,8 +18521,7 @@ NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=e97763c92c655dcf4af2860b3abd2bc4c8a267f9 NOTE: https://www.openssl.org/news/secadv/20160922.txt NOTE: Fixed in 1.0.2i, 1.0.1u -CVE-2016-6301 [NTP server denial of service flaw] - RESERVED +CVE-2016-6301 (The recv_and_process_client_pkt function in networking/ntpd.c in ...) - busybox <unfixed> (unimportant; bug #833442) NOTE: NTP server not enabled by default in debian/config/pkg/* via CONFIG_NTPD NOTE: Fixed by: https://git.busybox.net/busybox/commit/?id=150dc7a2b483b8338a3e185c478b4b23ee884e71 @@ -21574,8 +21482,7 @@ - tomcat7 <not-affected> (Red Hat and derivatives packaging specific) - tomcat6 <not-affected> (Red Hat and derivatives packaging specific) NOTE: http://legalhackers.com/advisories/Tomcat-RedHat-Pkgs-Root-PrivEsc-Exploit-CVE-2016-5425.html -CVE-2016-5424 [Fix client programs' handling of special characters in database and role names] - RESERVED +CVE-2016-5424 (PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, ...) {DSA-3646-1 DLA-592-1} - postgresql-9.5 9.5.4-1 - postgresql-9.4 <removed> @@ -21583,8 +21490,7 @@ [jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl) NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=fcd15f13581f6d75c63d213220d5a94889206c1b NOTE: https://www.postgresql.org/about/news/1688/ -CVE-2016-5423 [possible mis-evaluation of nested CASE-WHEN expressions] - RESERVED +CVE-2016-5423 (PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, ...) {DSA-3646-1 DLA-592-1} - postgresql-9.5 9.5.4-1 - postgresql-9.4 <removed> @@ -24134,8 +24040,7 @@ NOTE: http://www.openwall.com/lists/oss-security/2016/05/23/2 NOTE: Authenticated TLS "contraints" introduced in 2015-03-24 OpenNTPD 5.7p4 NOTE: Option is not enabled at buildtime. -CVE-2016-4964 [scsi: mptsas infinite loop in mptsas_fetch_requests] - RESERVED +CVE-2016-4964 (The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka ...) - qemu 1:2.6+dfsg-2 (bug #825207) [jessie] - qemu <not-affected> (LSI SAS1068 (mptsas) device support added later) [wheezy] - qemu <not-affected> (LSI SAS1068 (mptsas) device support added later) @@ -33080,8 +32985,8 @@ NOTE: Introduced by: https://git.kernel.org/linus/8b13eddfdf04cbfa561725cfc42d6868fe896f56 (v3.19-rc1) NOTE: Fixed by: https://git.kernel.org/linus/94f9cd81436c85d8c3a318ba92e236ede73752fc (v4.4-rc1) NOTE: http://www.openwall.com/lists/oss-security/2016/01/27/6 -CVE-2015-8786 - RESERVED +CVE-2015-8786 (The Management plugin in RabbitMQ before 3.6.1 allows remote ...) + TODO: check CVE-2016-XXXX [out of bound read and write issues] - giflib 5.1.4-0.1 (bug #820594) [jessie] - giflib <no-dsa> (Minor issue) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits