Author: sectracker
Date: 2017-02-14 21:10:15 +0000 (Tue, 14 Feb 2017)
New Revision: 48939
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-14 19:59:19 UTC (rev 48938)
+++ data/CVE/list 2017-02-14 21:10:15 UTC (rev 48939)
@@ -1,8 +1,10 @@
CVE-2017-5987 [sd: infinite loop issue in multi block transfers]
+ RESERVED
- qemu <unfixed>
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg02776.html
CVE-2017-5986 [Reachable BUG_ON from userspace in sctp_wait_for_sndbuf()]
+ RESERVED
- linux <unfixed>
NOTE: Fixed by:
https://git.kernel.org/linus/2dcab598484185dea7ec22219c76dcdd59e3cb90
CVE-2017-5985
@@ -15304,27 +15306,27 @@
[jessie] - xen <not-affected> (Only 4.5 onwards vulnerable)
[wheezy] - xen <not-affected> (Only 4.5 onwards vulnerable)
NOTE: https://xenbits.xen.org/xsa/advisory-196.html
-CVE-2016-9371 (An issue was discovered in Moxa NPort 5110 versions prior to
2.6, NPort ...)
+CVE-2016-9371 (An issue was discovered in Moxa NPort 5110 versions prior to
2.6, ...)
TODO: check
CVE-2016-9370
RESERVED
-CVE-2016-9369 (An issue was discovered in Moxa NPort 5110 versions prior to
2.6, NPort ...)
+CVE-2016-9369 (An issue was discovered in Moxa NPort 5110 versions prior to
2.6, ...)
TODO: check
CVE-2016-9368
RESERVED
-CVE-2016-9367 (An issue was discovered in Moxa NPort 5110 versions prior to
2.6, NPort ...)
+CVE-2016-9367 (An issue was discovered in Moxa NPort 5110 versions prior to
2.6, ...)
TODO: check
-CVE-2016-9366 (An issue was discovered in Moxa NPort 5110 versions prior to
2.6, NPort ...)
+CVE-2016-9366 (An issue was discovered in Moxa NPort 5110 versions prior to
2.6, ...)
TODO: check
-CVE-2016-9365 (An issue was discovered in Moxa NPort 5110 versions prior to
2.6, NPort ...)
+CVE-2016-9365 (An issue was discovered in Moxa NPort 5110 versions prior to
2.6, ...)
TODO: check
CVE-2016-9364 (An issue was discovered in Fidelix FX-20 series controllers,
versions ...)
TODO: check
-CVE-2016-9363 (An issue was discovered in Moxa NPort 5110 versions prior to
2.6, NPort ...)
+CVE-2016-9363 (An issue was discovered in Moxa NPort 5110 versions prior to
2.6, ...)
TODO: check
CVE-2016-9362 (An issue was discovered in WAGO 750-8202/PFC200 prior to FW04
(released ...)
TODO: check
-CVE-2016-9361 (An issue was discovered in Moxa NPort 5110 versions prior to
2.6, NPort ...)
+CVE-2016-9361 (An issue was discovered in Moxa NPort 5110 versions prior to
2.6, ...)
TODO: check
CVE-2016-9360 (An issue was discovered in General Electric (GE) Proficy
HMI/SCADA iFIX ...)
TODO: check
@@ -15350,7 +15352,7 @@
RESERVED
CVE-2016-9349 (An issue was discovered in Advantech SUISAccess Server Version
3.0 and ...)
TODO: check
-CVE-2016-9348 (An issue was discovered in Moxa NPort 5110 versions prior to
2.6, NPort ...)
+CVE-2016-9348 (An issue was discovered in Moxa NPort 5110 versions prior to
2.6, ...)
TODO: check
CVE-2016-9347 (An issue was discovered in Emerson SE4801T0X Redundant Wireless
I/O ...)
TODO: check
@@ -27213,81 +27215,81 @@
CVE-2014-9901 (The Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus
7 ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9900 (The ethtool_get_wol function in net/core/ethtool.c in the Linux
kernel ...)
- - linux <unfixed> (low)
+ - linux <unfixed> (low)
CVE-2014-9899 (drivers/usb/host/ehci-msm2.c in the Qualcomm components in
Android ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9898 (arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm
components ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9897 (sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm
components in ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9896 (drivers/char/adsprpc.c in the Qualcomm components in Android
before ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9895 (drivers/media/media-device.c in the Linux kernel before 3.11,
as used ...)
- - linux 3.11.5-1
+ - linux 3.11.5-1
CVE-2014-9894 (drivers/misc/qseecom.c in the Qualcomm components in Android
before ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9893 (drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm components
in ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9892 (The snd_compr_tstamp function in sound/core/compress_offload.c
in the ...)
- linux <unfixed>
CVE-2014-9891 (drivers/misc/qseecom.c in the Qualcomm components in Android
before ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9890 (Off-by-one error in ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9889 (drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the
...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9888 (arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on
ARM ...)
- - linux 3.13.4-1
+ - linux 3.13.4-1
CVE-2014-9887 (drivers/misc/qseecom.c in the Qualcomm components in Android
before ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9886 (arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm
components ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9885 (Format string vulnerability in drivers/thermal/qpnp-adc-tm.c in
the ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9884 (drivers/misc/qseecom.c in the Qualcomm components in Android
before ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9883 (Integer overflow in drivers/char/diag/diag_dci.c in the
Qualcomm ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9882 (Buffer overflow in drivers/media/radio/radio-iris.c in the
Qualcomm ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9881 (drivers/media/radio/radio-iris.c in the Qualcomm components in
Android ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9880 (drivers/video/msm/vidc/common/enc/venc.c in the Qualcomm
components in ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9879 (The mdss mdp3 driver in the Qualcomm components in Android
before ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9878 (drivers/mmc/card/mmc_block_test.c in the Qualcomm components in
...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9877
(drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9876 (drivers/char/diag/diagfwd.c in the Qualcomm components in
Android ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9875 (drivers/char/diag/diag_dci.c in the Qualcomm components in
Android ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9874 (Buffer overflow in the Qualcomm components in Android before
...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9873 (Integer underflow in drivers/char/diag/diag_dci.c in the
Qualcomm ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9872 (The diag driver in the Qualcomm components in Android before
...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9871 (Multiple buffer overflows in ...)
TODO: check
CVE-2014-9870 (The Linux kernel before 3.11 on ARM platforms, as used in
Android ...)
TODO: check
CVE-2014-9869 (drivers/media/platform/msm/camera_v2/isp/msm_isp_stats_util.c
in the ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9868 (drivers/media/platform/msm/camera_v2/sensor/csiphy/msm_csiphy.c
in the ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9867 (drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in
the ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9866 (drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in
the ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9865 (drivers/misc/qseecom.c in the Qualcomm components in Android
before ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9864 (drivers/misc/qseecom.c in the Qualcomm components in Android
before ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2014-9863 (Integer underflow in the diag driver in the Qualcomm components
in ...)
- - linux <not-affected> (Android-specific driver)
+ - linux <not-affected> (Android-specific driver)
CVE-2016-5844 (Integer overflow in the ISO parser in libarchive before 3.2.1
allows ...)
{DSA-3657-1 DLA-554-1}
- libarchive 3.2.1-1
@@ -48273,6 +48275,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/10/27/10
NOTE:
https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617
(v1.1.29-rc1)
CVE-2015-8982 [multiple overflows in strxfrm()]
+ RESERVED
- glibc 2.21-1 (bug #803927)
[jessie] - glibc 2.19-18+deb8u2
[wheezy] - eglibc 2.13-38+deb7u9
@@ -65406,10 +65409,13 @@
CVE-2014-9685 (Multiple cross-site scripting (XSS) vulnerabilities in Vanilla
Forums ...)
NOT-FOR-US: Vanilla Forums
CVE-2015-8985 [potential denial of service in pop_fail_stack()]
+ RESERVED
- glibc <unfixed> (bug #779392)
- eglibc <removed>
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21163
CVE-2015-8984 [potential application crash due to overread in fnmatch]
+ RESERVED
+ {DLA-316-1}
- glibc 2.21-1 (bug #779587)
[jessie] - glibc 2.19-18+deb8u2
- eglibc <removed>
@@ -65507,6 +65513,8 @@
CVE-2015-2039 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the ...)
NOT-FOR-US: Acobot Live Chat & Contact Form plugin for WordPress
CVE-2015-8983 [_IO_wstr_overflow integer overflow]
+ RESERVED
+ {DLA-316-1}
- eglibc <removed>
[wheezy] - eglibc 2.13-38+deb7u9
- glibc 2.21-1 (bug #779587)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
