Author: sectracker
Date: 2017-01-06 21:10:12 +0000 (Fri, 06 Jan 2017)
New Revision: 47796
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-06 21:09:19 UTC (rev 47795)
+++ data/CVE/list 2017-01-06 21:10:12 UTC (rev 47796)
@@ -1,4 +1,35 @@
+CVE-2017-5199
+ RESERVED
+CVE-2017-5198
+ RESERVED
+CVE-2017-5197
+ RESERVED
+CVE-2017-5192
+ RESERVED
+CVE-2017-5191
+ RESERVED
+CVE-2017-5190
+ RESERVED
+CVE-2017-5189
+ RESERVED
+CVE-2017-5188
+ RESERVED
+CVE-2017-5187
+ RESERVED
+CVE-2017-5186
+ RESERVED
+CVE-2017-5185
+ RESERVED
+CVE-2017-5184
+ RESERVED
+CVE-2017-5183
+ RESERVED
+CVE-2017-5182
+ RESERVED
+CVE-2017-5181
+ RESERVED
CVE-2017-5196 [Out of bounds read in certain incomplete character sequences]
+ RESERVED
- irssi <unfixed> (bug #850403)
[jessie] - irssi <no-dsa> (Minor issue)
[wheezy] - irssi <no-dsa> (Minor issue)
@@ -6,6 +37,7 @@
NOTE:
https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
CVE-2017-5195 [Out of bounds read in certain incomplete control codes]
+ RESERVED
- irssi <unfixed> (bug #850403)
[jessie] - irssi <no-dsa> (Minor issue)
[wheezy] - irssi <no-dsa> (Minor issue)
@@ -13,6 +45,7 @@
NOTE:
https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
CVE-2017-5194 [Use after free when receiving invalid nick message]
+ RESERVED
- irssi <unfixed> (bug #850403)
[jessie] - irssi <no-dsa> (Minor issue)
[wheezy] - irssi <no-dsa> (Minor issue)
@@ -20,14 +53,15 @@
NOTE:
https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
CVE-2017-5193 [NULL pointer dereference in the nickcmp function]
+ RESERVED
- irssi <unfixed> (bug #850403)
[jessie] - irssi <no-dsa> (Minor issue)
[wheezy] - irssi <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2
NOTE:
https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
-CVE-2017-5179
- RESERVED
+CVE-2017-5179 (Cross-site scripting (XSS) vulnerability in Tenable Nessus
before ...)
+ TODO: check
CVE-2017-5178
RESERVED
CVE-2017-5177
@@ -115,10 +149,12 @@
CVE-2017-5136
RESERVED
CVE-2016-10123 [firejail: don't allow --chroot as user without seccomp support]
+ RESERVED
- firejail 0.9.38-1
NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
NOTE:
https://github.com/netblue30/firejail/commit/a23ac1bf390fa4c3db4ea31e6ee6100a9c511d59
(0.9.38-rc1)
CVE-2016-10122 [firejail: Environment not cleaned before root exec()]
+ RESERVED
- firejail 0.9.44.2-1
NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
NOTE:
https://github.com/netblue30/firejail/commit/3b81e1f2c331644ced87d26a943b22eed6242b8f
@@ -126,23 +162,28 @@
NOTE: In 0.9.44-bugfixes:
https://github.com/netblue30/firejail/commit/e847207df28e181a8f590ade825b5f06d4fadf17
(0.9.44.2)
NOTE: In 0.9.44-bugfixes:
https://github.com/netblue30/firejail/commit/18f6e9dc9b304f7aca291c3edce5122562b1e36c
(0.9.44.2)
CVE-2016-10121 [firejail: multiple weak permissions]
+ RESERVED
- firejail 0.9.38-1
NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
NOTE:
https://github.com/netblue30/firejail/commit/1cab02f5ae3c90c01fae4d1c16381820b757a3a6
(0.9.38)
CVE-2016-10120 [firejail /dev, /dev/shm, /var/tmp, /var/lock was mounted 0777]
+ RESERVED
- firejail 0.9.38-1
NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
NOTE:
https://github.com/netblue30/firejail/commit/cd0ecfc7a7b30abde20db6dea505cd8c58e7c046
(0.9.38-rc1)
CVE-2016-10119 [firejail /tmp,/var/tmp was mounted tmpfs 0777]
+ RESERVED
- firejail 0.9.38-1
NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
NOTE:
https://github.com/netblue30/firejail/commit/aa28ac9e09557b833f194f594e2940919d940d1f
(0.9.38)
CVE-2016-10118 [firejail allows truncation of /etc/resolv.conf]
+ RESERVED
- firejail 0.9.44.2-1 (low)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
NOTE:
https://github.com/netblue30/firejail/commit/6144229605177764b7f3f3450c1a47f56595dc9e
NOTE: In 0.9.44-bugfixes:
https://github.com/netblue30/firejail/commit/8b5b444c766b8d0592346decc6ed4a6d345e4f67
(0.9.44.2)
CVE-2016-10117 [firejail allows unrestricted mount of tmpfs]
+ RESERVED
- firejail 0.9.38-1
NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
NOTE:
https://github.com/netblue30/firejail/commit/678cd1495457318dad39178bb646ba1b96332ddb
(0.9.38-rc1)
@@ -161,6 +202,7 @@
CVE-2016-10110
RESERVED
CVE-2017-5180 [firejail local root exploit]
+ RESERVED
- firejail 0.9.44.2-3 (bug #850160)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/04/1
NOTE: https://github.com/netblue30/firejail/issues/1020
@@ -456,7 +498,7 @@
NOTE: https://bugs.php.net/bug.php?id=73832
CVE-2016-10109 [pcsc-lite use-after-free]
RESERVED
- {DSA-3752-1}
+ {DSA-3752-1 DLA-778-1}
- pcsc-lite 1.8.20-1
NOTE:
https://anonscm.debian.org/cgit/pcsclite/PCSC.git/commit/?id=697fe05967af7ea215bcd5d5774be587780c9e22
NOTE:
https://anonscm.debian.org/cgit/pcsclite/PCSC.git/commit/?id=3aaab9d998b5deb16a246cc7517e44144d281d3b
@@ -2810,8 +2852,8 @@
RESERVED
CVE-2016-10031 (** DISPUTED ** WampServer 3.0.6 installs two services called
...)
TODO: check
-CVE-2016-10030
- RESERVED
+CVE-2016-10030 (The _prolog_error function in slurmd/req.c in Slurm before
15.08.13, ...)
+ TODO: check
CVE-2017-3894
RESERVED
CVE-2017-3893
@@ -3301,29 +3343,25 @@
RESERVED
- xen 4.8.0-1 (bug #848713)
NOTE: https://xenbits.xen.org/xsa/advisory-204.html
-CVE-2016-10012 [sshd(8): shared memory manager bounds checks that could be
elided by some optimising compilers potentially allow attacks against the
privileged monitor process from the sandboxed privilege-separation process]
- RESERVED
+CVE-2016-10012 (The shared memory manager (associated with pre-authentication
...)
- openssh 1:7.4p1-1 (low; bug #848717)
[jessie] - openssh <no-dsa> (Minor issue)
[wheezy] - openssh <no-dsa> (Minor issue)
NOTE: Fixed in upstream 7.4: https://www.openssh.com/txt/release-7.4
NOTE:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/monitor.c.diff?r1=1.165&r2=1.166
NOTE:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/monitor.h.diff?r1=1.19&r2=1.20
-CVE-2016-10011 [sshd(8): theoretical leak of host private key material to
privilege-separated child processes via realloc()]
- RESERVED
+CVE-2016-10011 (authfile.c in sshd in OpenSSH before 7.4 does not properly
consider ...)
- openssh 1:7.4p1-1 (low; bug #848716)
[jessie] - openssh <no-dsa> (Minor issue)
[wheezy] - openssh <no-dsa> (Minor issue)
NOTE: Fixed in upstream 7.4: https://www.openssh.com/txt/release-7.4
NOTE:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/authfile.c.diff?r1=1.121&r2=1.122
-CVE-2016-10010 [sshd(8): When privilege separation is disabled, forwarded
Unix-domain sockets would be created by sshd(8) with the privileges of 'root']
- RESERVED
+CVE-2016-10010 (sshd in OpenSSH before 7.4, when privilege separation is not
used, ...)
- openssh 1:7.4p1-1 (unimportant; bug #848715)
NOTE: Fixed in upstream 7.4: https://www.openssh.com/txt/release-7.4
NOTE:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/serverloop.c.diff?r1=1.188&r2=1.189
NOTE: Privilege separation is enabled in the Debian package
-CVE-2016-10009 [ssh-agent(1): load PKCS#11 modules from paths outside a
trusted whitelist]
- RESERVED
+CVE-2016-10009 (Untrusted search path vulnerability in ssh-agent.c in
ssh-agent in ...)
- openssh 1:7.4p1-1 (low; bug #848714)
[jessie] - openssh <no-dsa> (Minor issue)
[wheezy] - openssh <no-dsa> (Minor issue)
@@ -3499,15 +3537,13 @@
RESERVED
CVE-2016-9924
RESERVED
-CVE-2016-9936 [Use After Free in PHP7 unserialize()]
- RESERVED
+CVE-2016-9936 (The unserialize implementation in ext/standard/var.c in PHP 7.x
before ...)
- php7.0 7.0.14-1
NOTE: Fixed in PHP 7.0.14 and 7.1.0
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72978
NOTE: Fixed by:
https://github.com/php/php-src/commit/b2af4e8868726a040234de113436c6e4f6372d17
NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2
-CVE-2016-9935 [Invalid read when wddx decodes empty boolean element]
- RESERVED
+CVE-2016-9935 (The php_wddx_push_element function in ext/wddx/wddx.c in PHP
before ...)
{DSA-3737-1}
- php7.0 7.0.14-1
- php5 <unfixed>
@@ -3515,8 +3551,7 @@
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73631
NOTE: Fixed by:
https://github.com/php/php-src/commit/66fd44209d5ffcb9b3d1bc1b9fd8e35b485040c0
NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2
-CVE-2016-9934 [NULL Pointer Dereference in WDDX Packet Deserialization with
PDORow]
- RESERVED
+CVE-2016-9934 (ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13
allows ...)
{DSA-3732-1}
- php7.0 7.0.13-1
- php5 <unfixed>
@@ -3524,8 +3559,7 @@
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73331
NOTE: Fixed by:
https://github.com/php/php-src/commit/6045de69c7dedcba3eadf7c4bba424b19c81d00d
NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2
-CVE-2016-9933 [imagefilltoborder stackoverflow on truecolor images]
- RESERVED
+CVE-2016-9933 (Stack consumption vulnerability in the gdImageFillToBorder
function in ...)
{DSA-3751-1 DSA-3732-1 DLA-758-1}
- libgd2 2.2.2-29-g3c2b605-1 (bug #849038)
NOTE: This problem could be seen as a programmer fault but the fix is
easy and
@@ -9829,8 +9863,7 @@
RESERVED
CVE-2017-0881
RESERVED
-CVE-2016-9754 [Integer overflow in ring_buffer_resize()]
- RESERVED
+CVE-2016-9754 (The ring_buffer_resize function in kernel/trace/ring_buffer.c
in the ...)
- linux 4.6.1-1
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by:
https://git.kernel.org/linus/59643d1535eb220668692a5359de22545af579f6 (v4.7-rc1)
@@ -11684,8 +11717,7 @@
RESERVED
CVE-2016-9482
RESERVED
-CVE-2014-9912 [stack buffer overflow in locale_get_display_name]
- RESERVED
+CVE-2014-9912 (The get_icu_disp_value_src_php function in ...)
- php5 5.6.0+dfsg-1
[wheezy] - php5 5.4.34-0+deb7u1
NOTE: Fixed in 5.6.0, 5.5.14, 5.4.30, 5.3.29
@@ -11776,8 +11808,7 @@
- phpmyadmin 4:4.6.5.1-1 (unimportant)
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-71/
NOTE: unlikely PHP configuration required, unclear impact
-CVE-2014-9911
- RESERVED
+CVE-2014-9911 (Stack-based buffer overflow in the ures_getByKeyWithFallback
function ...)
{DSA-3725-1 DLA-744-1}
- icu 55.1-3
NOTE: http://bugs.icu-project.org/trac/ticket/10891
@@ -14504,23 +14535,20 @@
NOTE: this CVE make sure to fix it completely to not open up
CVE-2016-8866.
NOTE: The "incomplete fix" though is not a real problem, cf.
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30908#p140255
NOTE: http://www.openwall.com/lists/oss-security/2016/10/17/4
-CVE-2016-8860 [tor DoS]
- RESERVED
+CVE-2016-8860 (Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had
internal ...)
{DSA-3694-1 DLA-663-1}
- tor 0.2.8.9-1
NOTE: https://trac.torproject.org/projects/tor/ticket/20384
NOTE: https://blog.torproject.org/blog/tor-0289-released-important-fixes
NOTE:
https://github.com/torproject/tor/commit/3cea86eb2fbb65949673eb4ba8ebb695c87a57ce
NOTE: http://www.openwall.com/lists/oss-security/2016/10/18/11
-CVE-2016-9138 [Issues from Upstream bug #73147 still unfixed in 5.6.27 and
7.0.12]
- RESERVED
+CVE-2016-9138 (PHP through 5.6.27 and 7.x through 7.0.12 mishandles property
...)
{DSA-3732-1}
- php7.0 <unfixed>
- php5 <unfixed>
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73147
NOTE: http://www.openwall.com/lists/oss-security/2016/11/01/7
-CVE-2016-9137 [Use After Free in unserialize()]
- RESERVED
+CVE-2016-9137 (Use-after-free vulnerability in the CURLFile implementation in
...)
{DSA-3698-1}
- php7.0 7.0.12-1
- php5 <unfixed>
@@ -14691,8 +14719,7 @@
NOTE: Fixed by:
http://git.ghostscript.com/?p=mupdf.git;h=1e03c06456d997435019fb3526fa2d4be7dbc6ec
NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697015
NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697019
-CVE-2016-8670 [Stack Buffer Overflow in GD dynamicGetbuf]
- RESERVED
+CVE-2016-8670 (Integer signedness error in the dynamicGetbuf function in
gd_io_dp.c ...)
{DSA-3693-1 DLA-665-1}
- libgd2 2.2.3-87-gd0fec80-1 (bug #840805)
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73280
@@ -17183,8 +17210,8 @@
RESERVED
CVE-2016-8007
RESERVED
-CVE-2016-8006
- RESERVED
+CVE-2016-8006 (Authentication bypass vulnerability in Enterprise Security
Manager ...)
+ TODO: check
CVE-2016-8005
RESERVED
CVE-2016-8004
@@ -17577,13 +17604,11 @@
NOTE:
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/622ccbd8ab894e3ac6cdf607e3d4f39e406786e9
(n3.1.4)
CVE-2016-7904
RESERVED
-CVE-2016-7903 [Password Reset Address Spoof]
- RESERVED
+CVE-2016-7903 (Dotclear before 2.10.3, when the Host header is not part of the
web ...)
- dotclear <removed>
[jessie] - dotclear <no-dsa> (Minor issue)
NOTE: Fixed by: https://hg.dotclear.org/dotclear/rev/bb06343f4247
-CVE-2016-7902 [fileUnzip->unzip() method not properly verifying the extension
of files in zip archive.]
- RESERVED
+CVE-2016-7902 (Unrestricted file upload vulnerability in the
fileUnzip->unzip method ...)
- dotclear <removed>
[jessie] - dotclear <no-dsa> (Minor issue)
NOTE: Fixed by: https://hg.dotclear.org/dotclear/rev/a9db771a5a70
@@ -18799,8 +18824,7 @@
CVE-2016-7400
RESERVED
NOT-FOR-US: Exponent CMS
-CVE-2016-7399
- RESERVED
+CVE-2016-7399 (scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x
through ...)
NOT-FOR-US: Veritas NetBackup Applianc
CVE-2016-7398
RESERVED
@@ -19363,15 +19387,13 @@
NOTE: Xen switched to qemu-system in 4.4.0-1
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01764.html
NOTE:
http://git.qemu.org/?p=qemu.git;a=commit;h=167d97a3def77ee2dbf6e908b0ecbfe2103977db
-CVE-2016-7169 [a path traversal vulnerability in the upgrade package uploader]
- RESERVED
+CVE-2016-7169 (Directory traversal vulnerability in the File_Upload_Upgrader
class in ...)
{DSA-3681-1 DLA-633-1}
- wordpress 4.6.1+dfsg-1
NOTE:
https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
NOTE: Fixed in 4.6.1 release upstream
NOTE: Fixed by: https://core.trac.wordpress.org/changeset/38524
-CVE-2016-7168 [a cross-site scripting vulnerability via image filename]
- RESERVED
+CVE-2016-7168 (Cross-site scripting (XSS) vulnerability in the
media_handle_upload ...)
{DSA-3681-1 DLA-633-1}
- wordpress 4.6.1+dfsg-1
NOTE:
https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
@@ -20282,21 +20304,17 @@
NOT-FOR-US: Huawei FusionServer
CVE-2016-6895
REJECTED
-CVE-2016-6894
- RESERVED
+CVE-2016-6894 (Arista EOS 4.15 before 4.15.8M, 4.16 before 4.16.7M, and 4.17
before ...)
NOT-FOR-US: Arista EOS
-CVE-2016-6892 [Free of Memory not on the Heap]
- RESERVED
+CVE-2016-6892 (The x509FreeExtensions function in MatrixSSL before 3.8.6
allows ...)
- matrixssl <removed>
[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
NOTE: https://www.kb.cert.org/vuls/id/396440
-CVE-2016-6891 [Improper Restriction of Operations within the Bounds of a
Memory Buffer]
- RESERVED
+CVE-2016-6891 (MatrixSSL before 3.8.6 allows remote attackers to cause a
denial of ...)
- matrixssl <removed>
[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
NOTE: https://www.kb.cert.org/vuls/id/396440
-CVE-2016-6890 [Heap-based Buffer Overflow]
- RESERVED
+CVE-2016-6890 (Heap-based buffer overflow in MatrixSSL before 3.8.6 allows
remote ...)
- matrixssl <removed>
[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
NOTE: https://www.kb.cert.org/vuls/id/396440
@@ -21690,8 +21708,7 @@
RESERVED
NOT-FOR-US: Samsung
NOTE: http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016
-CVE-2016-6595 [DoS via repeatedly joining and quitting swarm cluster as a node]
- RESERVED
+CVE-2016-6595 (** DISPUTED ** The SwarmKit toolkit 1.12.0 for Docker allows
remote ...)
- docker.io <not-affected> (Only affects Docker 1.12)
NOTE: http://seclists.org/oss-sec/2016/q3/198
CVE-2016-6581 [HPACK Bomb]
@@ -58178,8 +58195,8 @@
NOT-FOR-US: Thycotic Secret Server
CVE-2015-3442
RESERVED
-CVE-2015-3441
- RESERVED
+CVE-2015-3441 (The Parental Control panel in Genexis devices with DRGOS before
1.14.1 ...)
+ TODO: check
CVE-2015-3437
RESERVED
CVE-2015-3436 (provider/server/ECServer.cpp in Zarafa Collaboration Platform
(ZCP) ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
