Author: sectracker Date: 2017-02-23 21:10:12 +0000 (Thu, 23 Feb 2017) New Revision: 49157
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-02-23 20:13:25 UTC (rev 49156) +++ data/CVE/list 2017-02-23 21:10:12 UTC (rev 49157) @@ -1,16 +1,88 @@ -CVE-2017-6214 [infinite loop in tcp_splice_read()] +CVE-2017-6246 + RESERVED +CVE-2017-6245 + RESERVED +CVE-2017-6244 + RESERVED +CVE-2017-6243 + RESERVED +CVE-2017-6242 + RESERVED +CVE-2017-6241 + RESERVED +CVE-2017-6240 + RESERVED +CVE-2017-6239 + RESERVED +CVE-2017-6238 + RESERVED +CVE-2017-6237 + RESERVED +CVE-2017-6236 + RESERVED +CVE-2017-6235 + RESERVED +CVE-2017-6234 + RESERVED +CVE-2017-6233 + RESERVED +CVE-2017-6232 + RESERVED +CVE-2017-6231 + RESERVED +CVE-2017-6230 + RESERVED +CVE-2017-6229 + RESERVED +CVE-2017-6228 + RESERVED +CVE-2017-6227 + RESERVED +CVE-2017-6226 + RESERVED +CVE-2017-6225 + RESERVED +CVE-2017-6224 + RESERVED +CVE-2017-6223 + RESERVED +CVE-2017-6222 + RESERVED +CVE-2017-6221 + RESERVED +CVE-2017-6220 + RESERVED +CVE-2017-6219 + RESERVED +CVE-2017-6218 + RESERVED +CVE-2017-6217 + RESERVED +CVE-2017-6216 + RESERVED +CVE-2017-6215 + RESERVED +CVE-2017-6213 + RESERVED +CVE-2017-6212 + RESERVED +CVE-2017-6211 + RESERVED +CVE-2017-6214 (The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel ...) - linux <unfixed> NOTE: Fixed by: https://git.kernel.org/linus/ccf7abb93af09ad0868ae9033d1ca8108bdaec82 (v4.10-rc8) CVE-2017-6210 [null pointer dereference in vrend_decode_reset] + RESERVED - virglrenderer <unfixed> NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=0a5dff15912207b83018485f83e067474e818bab (0.6.0) CVE-2017-6209 [stack buffer oveflow in parse_identifier] + RESERVED - virglrenderer <unfixed> NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=e534b51ca3c3cd25f3990589932a9ed711c59b27 (0.6.0) CVE-2017-6208 RESERVED CVE-2017-6207 - RESERVED + REJECTED CVE-2017-6206 (D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, ...) NOT-FOR-US: D-Link CVE-2017-6205 (D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, ...) @@ -3791,8 +3863,7 @@ - php7.0 7.0.15-1 (bug #850158) NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73832 NOTE: Fixed in PHP 7.1.1, 7.0.15 -CVE-2016-10109 [pcsc-lite use-after-free] - RESERVED +CVE-2016-10109 (Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a ...) {DSA-3752-1 DLA-778-1} - pcsc-lite 1.8.20-1 NOTE: https://anonscm.debian.org/cgit/pcsclite/PCSC.git/commit/?id=697fe05967af7ea215bcd5d5774be587780c9e22 @@ -17423,8 +17494,8 @@ RESERVED CVE-2016-8975 RESERVED -CVE-2016-8974 - RESERVED +CVE-2016-8974 (IBM Rhapsody DM 4.0, 5.0 and 6.0 is vulnerable to a denial of service, ...) + TODO: check CVE-2016-8973 RESERVED CVE-2016-8972 (IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root ...) @@ -27105,8 +27176,8 @@ RESERVED CVE-2016-6056 RESERVED -CVE-2016-6055 - RESERVED +CVE-2016-6055 (IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to ...) + TODO: check CVE-2016-6054 (IBM Jazz Foundation is vulnerable to cross-site scripting. This ...) NOT-FOR-US: IBM CVE-2016-6053 @@ -27449,8 +27520,8 @@ RESERVED CVE-2016-5884 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability ...) NOT-FOR-US: IBM -CVE-2016-5883 - RESERVED +CVE-2016-5883 (IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This ...) + TODO: check CVE-2016-5882 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability ...) NOT-FOR-US: IBM CVE-2016-5881 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability ...) @@ -39473,8 +39544,7 @@ - xdelta3 3.0.8-dfsg-1.1 (bug #814067) NOTE: https://github.com/jmacd/xdelta-devel/commit/ef93ff74203e030073b898c05e8b4860b5d09ef2 NOTE: http://www.openwall.com/lists/oss-security/2016/02/08/1 -CVE-2017-6100 [LFI posting internal files externally abusing default parameter] - RESERVED +CVE-2017-6100 (tcpdf before 6.2.0 uploads files from the server generating PDF-files ...) - tcpdf 6.2.12+dfsg2-1 (bug #814030) NOTE: https://sourceforge.net/p/tcpdf/bugs/1005/ CVE-2015-8808 (The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits