Author: sectracker
Date: 2017-03-23 21:10:13 +0000 (Thu, 23 Mar 2017)
New Revision: 49978
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-23 20:46:32 UTC (rev 49977)
+++ data/CVE/list 2017-03-23 21:10:13 UTC (rev 49978)
@@ -1,3 +1,39 @@
+CVE-2017-7243
+ RESERVED
+CVE-2017-7242 (Multiple Cross-Site Scripting (XSS) were discovered in
admin/modules ...)
+ TODO: check
+CVE-2017-7241
+ RESERVED
+CVE-2017-7240
+ RESERVED
+CVE-2017-7239
+ RESERVED
+CVE-2017-7238
+ RESERVED
+CVE-2017-7237
+ RESERVED
+CVE-2017-7236
+ RESERVED
+CVE-2016-10265
+ RESERVED
+CVE-2016-10264
+ RESERVED
+CVE-2016-10263
+ RESERVED
+CVE-2016-10262
+ RESERVED
+CVE-2016-10261
+ RESERVED
+CVE-2016-10260
+ RESERVED
+CVE-2016-10259
+ RESERVED
+CVE-2016-10258
+ RESERVED
+CVE-2016-10257
+ RESERVED
+CVE-2016-10256
+ RESERVED
CVE-2017-7235 (An issue was discovered in cloudflare-scrape 1.6.6 through
1.7.1. A ...)
NOT-FOR-US: cloudflare-scrape
CVE-2017-7234
@@ -48,16 +84,14 @@
RESERVED
CVE-2017-7216
RESERVED
-CVE-2016-10255 [memory allocation failure in __libelf_set_rawdata_wrlock
(elf_getdata.c)]
- RESERVED
+CVE-2016-10255 (The __libelf_set_rawdata_wrlock function in elf_getdata.c in
elfutils ...)
- elfutils 0.168-0.2 (low)
[jessie] - elfutils <no-dsa> (Minor issue)
[wheezy] - elfutils <no-dsa> (Minor issue)
NOTE: 0.168-0.2 first version uploaded to unstable
NOTE:
https://blogs.gentoo.org/ago/2016/11/04/elfutils-memory-allocation-failure-in-__libelf_set_rawdata_wrlock-elf_getdata-c/
NOTE:
https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=09ec02ec7f7e6913d10943148e2a898264345b07
-CVE-2016-10254 [memory allocation failure in allocate_elf (common.h)]
- RESERVED
+CVE-2016-10254 (The allocate_elf function in common.h in elfutils before 0.168
allows ...)
- elfutils 0.168-0.2 (low)
[jessie] - elfutils <no-dsa> (Minor issue)
[wheezy] - elfutils <no-dsa> (Minor issue)
@@ -113,8 +147,8 @@
NOT-FOR-US: SLiMS
CVE-2017-7201
RESERVED
-CVE-2017-7199
- RESERVED
+CVE-2017-7199 (Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure
permissions ...)
+ TODO: check
CVE-2017-7200 (An SSRF issue was discovered in OpenStack Glance before Newton.
The ...)
- glance 2:13.0.0-1
[jessie] - glance <no-dsa> (Minor issue, too intrusive to backport)
@@ -653,8 +687,8 @@
REJECTED
CVE-2017-6951 (The keyring_search_aux function in security/keys/keyring.c in
the Linux ...)
- linux 4.0.2-1
-CVE-2017-6950
- RESERVED
+CVE-2017-6950 (SAP GUI 7.2 through 7.5 allows remote attackers to bypass
intended ...)
+ TODO: check
CVE-2017-6949 (An issue was discovered in CHICKEN Scheme through 4.12.0. When
using a ...)
- chicken <unfixed> (bug #858057)
[jessie] - chicken <no-dsa> (Minor issue)
@@ -733,8 +767,8 @@
RESERVED
CVE-2017-6912
RESERVED
-CVE-2017-6911
- RESERVED
+CVE-2017-6911 (USB Pratirodh is prone to sensitive information disclosure. It
stores ...)
+ TODO: check
CVE-2017-6910
RESERVED
CVE-2017-6909 (An issue was discovered in Shimmie <= 2.5.1. The
vulnerability exists ...)
@@ -763,8 +797,8 @@
RESERVED
CVE-2017-6896 (Privilege escalation vulnerability on the DIGISOL DG-HR1400
1.00.02 ...)
NOT-FOR-US: DIGISOL DG-HR1400 1.00.02 wireless router
-CVE-2017-6895
- RESERVED
+CVE-2017-6895 (USB Pratirodh allows remote attackers to conduct XML External
Entity ...)
+ TODO: check
CVE-2017-6894
RESERVED
CVE-2017-6893
@@ -859,71 +893,71 @@
CVE-2017-6853
RESERVED
CVE-2017-6839 (Integer overflow in modules/MSADPCM.cpp in Audio File Library
(aka ...)
- {DSA-3814-1}
+ {DSA-3814-1 DLA-867-1}
- audiofile 0.3.6-4 (bug #857651)
NOTE:
https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/
NOTE: https://github.com/mpruett/audiofile/issues/41
NOTE:
https://github.com/antlarr/audiofile/commit/beacc44eb8cdf6d58717ec1a5103c5141f1b37f9
CVE-2017-6838 (Integer overflow in sfcommands/sfconvert.c in Audio File
Library (aka ...)
- {DSA-3814-1}
+ {DSA-3814-1 DLA-867-1}
- audiofile 0.3.6-4 (bug #857651)
NOTE:
https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/
NOTE: https://github.com/mpruett/audiofile/issues/41
NOTE:
https://github.com/antlarr/audiofile/commit/7d65f89defb092b63bcbc5d98349fb222ca73b3c
NOTE:
https://github.com/antlarr/audiofile/commit/ce536d707b8e2a26baca77320398c45238224ca7
CVE-2017-6837 (WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows
remote ...)
- {DSA-3814-1}
+ {DSA-3814-1 DLA-867-1}
- audiofile 0.3.6-4 (bug #857651)
NOTE:
https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/
NOTE: https://github.com/mpruett/audiofile/issues/41
NOTE:
https://github.com/antlarr/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
CVE-2017-6836 (Heap-based buffer overflow in the Expand3To4Module::run
function in ...)
- {DSA-3814-1}
+ {DSA-3814-1 DLA-867-1}
- audiofile 0.3.6-4 (bug #857651)
NOTE:
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-expand3to4modulerun-simplemodule-h
NOTE: https://github.com/mpruett/audiofile/issues/40
NOTE:
https://github.com/mpruett/audiofile/commit/7d65f89defb092b63bcbc5d98349fb222ca73b3c
NOTE:
https://github.com/antlarr/audiofile/commit/ce536d707b8e2a26baca77320398c45238224ca7
CVE-2017-6835 (The reset1 function in libaudiofile/modules/BlockCodec.cpp in
Audio ...)
- {DSA-3814-1}
+ {DSA-3814-1 DLA-867-1}
- audiofile 0.3.6-4 (bug #857651)
NOTE:
https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecreset1-blockcodec-cpp
NOTE: https://github.com/mpruett/audiofile/issues/39
NOTE:
https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
CVE-2017-6834 (Heap-based buffer overflow in the ulaw2linear_buf function in
G711.cpp ...)
- {DSA-3814-1}
+ {DSA-3814-1 DLA-867-1}
- audiofile 0.3.6-4 (bug #857651)
NOTE:
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-ulaw2linear_buf-g711-cpp
NOTE: https://github.com/mpruett/audiofile/issues/38
NOTE:
https://github.com/mpruett/audiofile/commit/7d65f89defb092b63bcbc5d98349fb222ca73b3c
NOTE:
https://github.com/antlarr/audiofile/commit/ce536d707b8e2a26baca77320398c45238224ca7
CVE-2017-6833 (The runPull function in libaudiofile/modules/BlockCodec.cpp in
Audio ...)
- {DSA-3814-1}
+ {DSA-3814-1 DLA-867-1}
- audiofile 0.3.6-4 (bug #857651)
NOTE:
https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecrunpull-blockcodec-cpp
NOTE: https://github.com/mpruett/audiofile/issues/37
NOTE:
https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
CVE-2017-6832 (Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in
Audio ...)
- {DSA-3814-1}
+ {DSA-3814-1 DLA-867-1}
- audiofile 0.3.6-4 (bug #857651)
NOTE:
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcmdecodeblock-msadpcm-cpp
NOTE: https://github.com/mpruett/audiofile/issues/36
NOTE:
https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
CVE-2017-6831 (Heap-based buffer overflow in the decodeBlockWAVE function in
IMA.cpp ...)
- {DSA-3814-1}
+ {DSA-3814-1 DLA-867-1}
- audiofile 0.3.6-4 (bug #857651)
NOTE:
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp
NOTE: https://github.com/mpruett/audiofile/issues/35
NOTE:
https://github.com/antlarr/audiofile/commit/a2e9eab8ea87c4ffc494d839ebb4ea145eb9f2e6
CVE-2017-6830 (Heap-based buffer overflow in the alaw2linear_buf function in
G711.cpp ...)
- {DSA-3814-1}
+ {DSA-3814-1 DLA-867-1}
- audiofile 0.3.6-4 (bug #857651)
NOTE:
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-alaw2linear_buf-g711-cpp
NOTE: https://github.com/mpruett/audiofile/issues/34
NOTE:
https://github.com/mpruett/audiofile/commit/7d65f89defb092b63bcbc5d98349fb222ca73b3c
NOTE:
https://github.com/antlarr/audiofile/commit/ce536d707b8e2a26baca77320398c45238224ca7
CVE-2017-6829 (The decodeSample function in IMA.cpp in Audio File Library (aka
...)
- {DSA-3814-1}
+ {DSA-3814-1 DLA-867-1}
- audiofile 0.3.6-4 (bug #857651)
NOTE: https://github.com/mpruett/audiofile/issues/33
NOTE:
https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp
@@ -1602,8 +1636,8 @@
RESERVED
CVE-2017-6518 (Cross-site scripting (XSS) vulnerability in
/sanadata/seo/index.asp in ...)
NOT-FOR-US: SanaCMS
-CVE-2017-6517
- RESERVED
+CVE-2017-6517 (Microsoft Skype 7.16.0.102 contains a vulnerability that could
allow ...)
+ TODO: check
CVE-2017-6516 (A Local Privilege Escalation Vulnerability in MagniComp's
Sysinfo ...)
NOT-FOR-US: MagniComp
CVE-2017-6515
@@ -2223,12 +2257,12 @@
RESERVED
CVE-2017-6362
RESERVED
-CVE-2017-6361
- RESERVED
-CVE-2017-6360
- RESERVED
-CVE-2017-6359
- RESERVED
+CVE-2017-6361 (QNAP QTS before 4.2.4 Build 20170313 allows attackers to
execute ...)
+ TODO: check
+CVE-2017-6360 (QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain
...)
+ TODO: check
+CVE-2017-6359 (QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain
...)
+ TODO: check
CVE-2017-6358
RESERVED
CVE-2017-6357
@@ -2701,8 +2735,8 @@
RESERVED
CVE-2017-6192
RESERVED
-CVE-2017-6191
- RESERVED
+CVE-2017-6191 (Buffer overflow in APNGDis 2.8 and below allows a remote
attacker to ...)
+ TODO: check
CVE-2017-6190
RESERVED
CVE-2017-6189 (Untrusted search path vulnerability in Amazon Kindle for PC
before ...)
@@ -3485,8 +3519,7 @@
NOTE:
https://lists.nongnu.org/archive/html/qemu-devel/2017-02/msg01075.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1419699
NOTE:
http://git.qemu-project.org/?p=qemu.git;a=commit;h=c7dfbf322595ded4e70b626bf83158a9f3807c6a
-CVE-2017-5897
- RESERVED
+CVE-2017-5897 (The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux
kernel ...)
{DSA-3791-1}
- linux 4.9.13-1
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -4838,11 +4871,9 @@
[jessie] - linux <not-affected> (freelist randomisation introduced in
4.7)
[wheezy] - linux <not-affected> (freelist randomisation introduced in
4.7)
NOTE: Fixed by:
https://git.kernel.org/linus/c4e490cf148e85ead0d1b1c2caaba833f1d5b29f
(v4.10-rc4)
-CVE-2017-5538
- RESERVED
+CVE-2017-5538 (The kbase_dispatch function in
arm/t7xx/r5p0/mali_kbase_core_linux.c ...)
NOT-FOR-US: Samsung Exynos
-CVE-2017-5524
- RESERVED
+CVE-2017-5524 (Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote
attackers ...)
NOT-FOR-US: Plone
CVE-2017-5537 (The password reset form in Weblate before 2.10.1 provides
different ...)
- weblate <itp> (bug #745661)
@@ -5816,8 +5847,8 @@
NOT-FOR-US: Rapid7
CVE-2017-5228 (All editions of Rapid7 Metasploit prior to version
4.13.0-2017020701 ...)
NOT-FOR-US: Rapid7
-CVE-2017-5227
- RESERVED
+CVE-2017-5227 (QNAP QTS before 4.2.4 Build 20170313 allows attackers to obtain
...)
+ TODO: check
CVE-2017-5225 (LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow
in the ...)
{DLA-795-1}
- tiff 4.0.7-5 (bug #851297)
@@ -5964,14 +5995,12 @@
RESERVED
- bubblewrap 0.1.5-2 (bug #850702)
NOTE: https://github.com/projectatomic/bubblewrap/issues/142
-CVE-2017-5207 [Root shell via --bandwidth and --shell]
- RESERVED
+CVE-2017-5207 (Firejail before 0.9.44.4, when running a bandwidth command,
allows ...)
- firejail 0.9.44.4-1 (bug #850528)
NOTE: https://github.com/netblue30/firejail/issues/1023
NOTE: Fixed by:
https://github.com/netblue30/firejail/commit/5d43fdcd215203868d440ffc42036f5f5ffc89fc
NOTE: http://www.openwall.com/lists/oss-security/2017/01/07/3
-CVE-2017-5206
- RESERVED
+CVE-2017-5206 (Firejail before 0.9.44.4, when running on a Linux kernel before
4.8, ...)
- firejail 0.9.44.4-1 (bug #850558)
NOTE: Fixed by:
https://github.com/netblue30/firejail/commit/6b8dba29d73257311564ee7f27b9b14758cc693e
CVE-2017-5199
@@ -6453,7 +6482,7 @@
NOTE: libv8 not covered by security support
CVE-2017-5029
RESERVED
- {DSA-3810-1}
+ {DSA-3810-1 DLA-866-1}
- chromium-browser 57.0.2987.98-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- libxslt <unfixed> (bug #858546)
@@ -12753,6 +12782,7 @@
NOTE: Qemu upstream patch:
https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04700.html
CVE-2017-2619
RESERVED
+ {DSA-3816-1}
- samba 2:4.5.6+dfsg-2
NOTE: https://www.samba.org/samba/security/CVE-2017-2619.html
CVE-2017-2618 [selinux: fix off-by-one in setprocattr]
@@ -17540,8 +17570,7 @@
- linux 4.8.15-1
[jessie] - linux 3.16.39-1
NOTE: Fixed by:
https://git.kernel.org/linus/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290
-CVE-2016-9775 [tomcat8: privilege escalation during package removal]
- RESERVED
+CVE-2016-9775 (The postrm script in the tomcat6 package before
6.0.45+dfsg-1~deb7u3 ...)
{DSA-3739-1 DSA-3738-1 DLA-729-1 DLA-728-1}
- tomcat8 8.5.8-2 (bug #845385)
- tomcat7 7.0.72-3
@@ -17549,8 +17578,7 @@
- tomcat6 6.0.41-3
NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in
Jessie
NOTE: http://www.openwall.com/lists/oss-security/2016/12/02/5
-CVE-2016-9774 [tomcat8: privilege escalation during package upgrade]
- RESERVED
+CVE-2016-9774 (The postinst script in the tomcat6 package before
6.0.45+dfsg-1~deb7u4 ...)
{DSA-3739-1 DSA-3738-1 DLA-753-1 DLA-746-1}
- tomcat8 8.5.8-2 (bug #845393)
- tomcat7 7.0.72-3
@@ -18531,8 +18559,7 @@
[wheezy] - dwarfutils <no-dsa> (Minor issue)
NOTE:
https://blogs.gentoo.org/ago/2016/11/19/libdwarf-negation-overflow-in-dwarf_leb-c
NOTE: Fixed by:
https://sourceforge.net/p/libdwarf/code/ci/4f19e1050cd8e9ddf2cb6caa061ff2fec4c9b5f9/#diff-5
-CVE-2016-9557 [signed integer overflow in jas_image.c]
- RESERVED
+CVE-2016-9557 (Integer overflow in jas_image.c in JasPer before 1.900.25
allows ...)
- jasper <removed>
[jessie] - jasper <no-dsa> (Minor issue)
[wheezy] - jasper <no-dsa> (the fix is too invasive)
@@ -18668,8 +18695,7 @@
NOTE:
https://blogs.gentoo.org/ago/2016/12/01/imagemagick-heap-based-buffer-overflow-in-ispixelgray-pixel-accessor-h-incomplete-fix-for-cve-2016-9556/
NOTE: https://github.com/ImageMagick/ImageMagick/issues/312
NOTE: Upstream statement:
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31045
-CVE-2016-9556 [Heap buffer overflow in heap-buffer-overflow in IsPixelGray]
- RESERVED
+CVE-2016-9556 (The IsPixelGray function in MagickCore/pixel-accessor.h in
ImageMagick ...)
{DSA-3726-1 DLA-756-1}
- imagemagick 8:6.9.6.5+dfsg-1 (bug #845242)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/301
@@ -18681,8 +18707,7 @@
NOTE:
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30797
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/56d6e20de489113617cbbddaf41e92600a34db22
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10058 [Fixed memory leak in psd file handling]
- RESERVED
+CVE-2016-10058 (Memory leak in the ReadPSDLayers function in coders/psd.c in
...)
- imagemagick 8:6.9.6.5+dfsg-1 (bug #845239)
[jessie] - imagemagick <not-affected> (Vulnerable code using
layer_info[i].info introduced later)
[wheezy] - imagemagick <not-affected> (Vulnerable code using
layer_info[i].info introduced later)
@@ -18741,8 +18766,7 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/933e96f01a8c889c7bf5ffd30020e86a02a046e7
NOTE: https://github.com/ImageMagick/ImageMagick/issues/196
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10059 [Imagemagick (jessie and older) buffer overflow]
- RESERVED
+CVE-2016-10059 (Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1
allows ...)
{DSA-3726-1 DLA-756-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845195)
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/58cf5bf4fade82e3b510e8f3463a967278a3e410
@@ -19107,77 +19131,64 @@
NOTE: Upstream bash considers this issue only to be a bug.
NOTE: Proposed patch:
https://lists.gnu.org/archive/html/bug-bash/2016-11/msg00116.html
NOTE: Fixed by (4.4):
https://ftp.gnu.org/pub/gnu/bash/bash-4.4-patches/bash44-006
-CVE-2016-9399 [jpc_dec.c:1650: void calcstepsizes(uint_fast16_t, int,
uint_fast16_t *): Assertion `!((expn + (numrlvls - 1) - (numrlvls - 1 -
((bandno > 0) ? ((bandno + 2) / 3) : (0)))) & (~0x1f))' failed.]
- RESERVED
+CVE-2016-9399 (The calcstepsizes function in jpc_dec.c in JasPer 1.900.22
allows ...)
- jasper <removed> (unimportant)
NOTE: Testcase:
https://github.com/asarubbo/poc/blob/master/00044-jasper-assert-calcstepsizes
NOTE: Negligable security impact
-CVE-2016-9398 [jpc_math.c:94: int jpc_floorlog2(int): Assertion `x > 0'
failed.]
- RESERVED
+CVE-2016-9398 (The jpc_floorlog2 function in jpc_math.c in JasPer before
1.900.17 ...)
- jasper <removed> (unimportant)
NOTE: Testcase:
https://github.com/asarubbo/poc/blob/master/00023-jasper-assert-jpc_floorlog2
NOTE: Negligable security impact
-CVE-2016-9397 [jpc_dec.c:1817: void jpc_dequantize(jas_matrix_t *, jpc_fix_t):
Assertion `absstepsize >= 0' failed.]
- RESERVED
+CVE-2016-9397 (The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13
allows ...)
- jasper <removed> (unimportant)
NOTE: Testcase:
https://github.com/asarubbo/poc/blob/master/00010-jasper-assert-jpc_dequantize
NOTE: Negligable security impact
-CVE-2016-9396 [jpc_t1cod.c:144: int JPC_NOMINALGAIN(int, int, int, int):
Assertion `qmfbid == 0x01' failed.]
- RESERVED
+CVE-2016-9396 (The JPC_NOMINALGAIN function in jpc_t1cod.c in JasPer before
1.900.12 ...)
- jasper <removed> (unimportant)
NOTE: Testcase:
https://github.com/asarubbo/poc/blob/master/00004-jasper-assert-JPC_NOMINALGAIN
NOTE: Negligable security impact
-CVE-2016-9395 [jas_seq.c:90: jas_matrix_t *jas_seq2d_create(int, int, int,
int): Assertion `xstart <= xend && ystart <= yend' failed.]
- RESERVED
+CVE-2016-9395 (The jas_seq2d_create function in jas_seq.c in JasPer before
1.900.25 ...)
- jasper <removed> (unimportant)
NOTE: Fix:
https://github.com/mdadams/jasper/commit/d42b2388f7f8e0332c846675133acea151fc557a
NOTE: Testcase:
https://github.com/asarubbo/poc/blob/master/00043-jasper-assert-jas_matrix_t
NOTE: Negligable security impact
-CVE-2016-9394
- RESERVED
+CVE-2016-9394 (The jas_seq2d_create function in jas_seq.c in JasPer before
1.900.17 ...)
- jasper <removed> (unimportant)
NOTE: Fix:
https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330
NOTE: Testcase:
https://github.com/asarubbo/poc/blob/master/00016-jasper-assert-jas_matrix_t
NOTE: Negligable security impact
-CVE-2016-9393
- RESERVED
+CVE-2016-9393 (The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before
1.900.17 ...)
- jasper <removed> (unimportant)
NOTE: Fix:
https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330
NOTE: Testcase:
https://github.com/asarubbo/poc/blob/master/00013-jasper-assert-jpc_pi_nextrpcl
NOTE: Negligable security impact
-CVE-2016-9392
- RESERVED
+CVE-2016-9392 (The calcstepsizes function in jpc_dec.c in JasPer before
1.900.17 ...)
- jasper <removed> (unimportant)
NOTE: Fix:
https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330
NOTE: Testcase:
https://github.com/asarubbo/poc/blob/master/00012-jasper-assert-calcstepsizes
NOTE: Negligable security impact
-CVE-2016-9391 [jpc_bs.c:197: long jpc_bitstream_getbits(jpc_bitstream_t *,
int): Assertion `n >= 0 && n < 32' failed.]
- RESERVED
+CVE-2016-9391 (The jpc_bitstream_getbits function in jpc_bs.c in JasPer before
2.0.10 ...)
- jasper <removed> (unimportant)
NOTE: Fix:
https://github.com/mdadams/jasper/commit/1e84674d95353c64e5c4c0e7232ae86fd6ea813b
NOTE: Testcase:
https://github.com/asarubbo/poc/blob/master/00014-jasper-assert-jpc_bitstream_getbits
NOTE: Negligable security impact
-CVE-2016-9390 [jas_seq.c:90: jas_matrix_t *jas_seq2d_create(int, int, int,
int): Assertion `xstart <= xend && ystart <= yend' failed.]
- RESERVED
+CVE-2016-9390 (The jas_seq2d_create function in jas_seq.c in JasPer before
1.900.14 ...)
- jasper <removed> (unimportant)
NOTE: Fix:
https://github.com/mdadams/jasper/commit/ba2b9d000660313af7b692542afbd374c5685865
NOTE: Testcase:
https://github.com/asarubbo/poc/blob/master/00007-jasper-assert-jas_matrix_t
NOTE: Negligable security impact
-CVE-2016-9389
- RESERVED
+CVE-2016-9389 (The jpc_irct and jpc_iict functions in jpc_mct.c in JasPer
before ...)
- jasper <removed> (unimportant)
NOTE: Fix:
https://github.com/mdadams/jasper/commit/dee11ec440d7908d1daf69f40a3324b27cf213ba
NOTE: Testcase:
https://github.com/asarubbo/poc/blob/master/00006-jasper-assert-jpc_irct
NOTE: Testcase:
https://github.com/asarubbo/poc/blob/master/00008-jasper-assert-jpc_iict
NOTE: Negligable security impact
-CVE-2016-9388 [ras_dec.c:330: int ras_getcmap(jas_stream_t *, ras_hdr_t *,
ras_cmap_t *): Assertion `numcolors <= 256' failed.]
- RESERVED
+CVE-2016-9388 (The ras_getcmap function in ras_dec.c in JasPer before 1.900.14
allows ...)
- jasper <removed> (unimportant)
NOTE: Fix:
https://github.com/mdadams/jasper/commit/411a4068f8c464e883358bf403a3e25158863823
NOTE: Testcase:
https://github.com/asarubbo/poc/blob/master/00005-jasper-assert-ras_getcmap
NOTE: Negligable security impact
-CVE-2016-9387 [jas_seq.c:90: jas_matrix<= yend' failed.]
- RESERVED
+CVE-2016-9387 (Integer overflow in the jpc_dec_process_siz function in ...)
- jasper <removed> (unimportant)
NOTE: Fix:
https://github.com/mdadams/jasper/commit/d91198abd00fc435a397fe6bad906a4c1748e9cf
NOTE: Testcase:
https://github.com/asarubbo/poc/blob/master/00003-jasper-assert-jas_matrix_t
@@ -19436,16 +19447,14 @@
NOT-FOR-US: Samsung Exynos fimg2d driver for Android
CVE-2016-9278 (The Samsung Exynos fimg2d driver for Android with Exynos 5433,
54xx, ...)
NOT-FOR-US: Samsung Exynos fimg2d driver for Android
-CVE-2016-9276 [heap-based buffer overflow in dwarf_get_aranges_list
(dwarf_arange.c)]
- RESERVED
+CVE-2016-9276 (The dwarf_get_aranges_list function in dwarf_arrange.c in
Libdwarf ...)
- dwarfutils 20161124-1 (bug #844011)
[jessie] - dwarfutils <no-dsa> (Minor issue)
[wheezy] - dwarfutils <no-dsa> (Minor issue)
NOTE:
https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/
NOTE:
https://blogs.gentoo.org/ago/2016/11/07/libdwarf-heap-based-buffer-overflow-in-dwarf_get_aranges_list-dwarf_arange-c
NOTE: Same commit as for CVE-2016-9275. Needs the dwarf_arange.c part
of the commit.
-CVE-2016-9275 [heap-based buffer overflow in _dwarf_skim_forms
(dwarf_macro5.c)]
- RESERVED
+CVE-2016-9275 (Heap-based buffer overflow in the _dwarf_skim_forms function in
...)
- dwarfutils 20161124-1 (bug #844012)
[jessie] - dwarfutils <not-affected> (Vulnerable code not present)
[wheezy] - dwarfutils <not-affected> (Vulnerable code not present)
@@ -19477,26 +19486,22 @@
RESERVED
CVE-2017-0301
RESERVED
-CVE-2016-9266 [left shift in listmp3.c]
- RESERVED
+CVE-2016-9266 (listmp3.c in libming 0.4.7 allows remote attackers to
unspecified ...)
{DLA-799-1}
- ming <removed> (bug #843928)
NOTE:
https://blogs.gentoo.org/ago/2016/11/09/libming-listmp3-left-shift-in-listmp3-c
NOTE: https://github.com/libming/libming/issues/53
-CVE-2016-9265 [divide-by-zero in printMP3Headers (listmp3.c)]
- RESERVED
+CVE-2016-9265 (The printMP3Headers function in listmp3.c in Libming 0.4.7
allows ...)
{DLA-799-1}
- ming <removed> (bug #843928)
NOTE:
https://blogs.gentoo.org/ago/2016/11/09/libming-listmp3-divide-by-zero-in-printmp3headers-list
NOTE: https://github.com/libming/libming/issues/52
-CVE-2016-9264 [global-buffer-overflow in printMP3Headers (listmp3.c)]
- RESERVED
+CVE-2016-9264 (Buffer overflow in the printMP3Headers function in listmp3.c in
...)
{DLA-799-1}
- ming <removed> (bug #843928)
NOTE:
https://blogs.gentoo.org/ago/2016/11/07/libming-listmp3-global-buffer-overflow-in-printmp3headers-listmp3-c
NOTE: https://github.com/libming/libming/issues/51
-CVE-2016-9262 [use after free in jas_realloc (jas_malloc.c)]
- RESERVED
+CVE-2016-9262 (Multiple integer overflows in the (1) jas_realloc function in
...)
- jasper <removed>
[jessie] - jasper <not-affected> (Vulnerable code introduced later)
[wheezy] - jasper <not-affected> (Vulnerable code introduced later)
@@ -20466,8 +20471,7 @@
- firejail 0.9.44-1
NOTE:
https://github.com/netblue30/firejail/commit/46dc2b34f1fbbc4597b4ff9f6a3cb28b2d500d1b
NOTE: http://www.openwall.com/lists/oss-security/2016/10/25/3
-CVE-2016-9011 [memory allocation failure in wmf_malloc (api.c)]
- RESERVED
+CVE-2016-9011 (The wmf_malloc function in api.c in libwmf 0.2.8.4 allows
remote ...)
{DLA-694-1}
- libwmf 0.2.8.4-10.6 (bug #842090)
[jessie] - libwmf 0.2.8.4-10.3+deb8u2
@@ -20990,8 +20994,7 @@
- jasper <not-affected> (Incomplete fix for CVE-206-8887 not applied)
NOTE: Reproducer:
https://github.com/asarubbo/poc/blob/master/00002-jasper-NULLptr-jp2_colr_destroy
NOTE:
https://blogs.gentoo.org/ago/2016/10/23/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c-incomplete-fix-for-cve-2016-8887
-CVE-2016-8887 [NULL pointer dereference in jp2_colr_destroy (jp2_cod.c)]
- RESERVED
+CVE-2016-8887 (The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in
JasPer ...)
{DLA-739-1}
- jasper <removed> (unimportant)
NOTE:
https://blogs.gentoo.org/ago/2016/10/18/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c
@@ -21000,8 +21003,7 @@
NOTE:
https://blogs.gentoo.org/ago/2016/10/23/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c-incomplete-fix-for-cve-2016-8887
NOTE: and include the fix to not make jasper vulnerable to the
incomplete fix.
NOTE: Not suitable for code injection, hardly denial of service
-CVE-2016-8886 [memory allocation failure in jas_malloc (jas_malloc.c)]
- RESERVED
+CVE-2016-8886 (The jas_malloc function in libjasper/base/jas_malloc.c in
JasPer ...)
- jasper <removed> (low)
[jessie] - jasper <no-dsa> (Minor issue)
[wheezy] - jasper <no-dsa> (Minor issue)
@@ -21011,8 +21013,7 @@
[jessie] - sendmail <no-dsa> (Minor issue)
[wheezy] - sendmail <no-dsa> (Minor issue)
NOTE: no unprivileged user should be in smmsp group and there is no
known vulnerability to gain smmsp group membership
-CVE-2016-8885
- RESERVED
+CVE-2016-8885 (The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer
before ...)
- jasper <not-affected> (Incomplete fix for CVE-2016-8690 not applied)
NOTE:
https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690
CVE-2016-8884
@@ -25061,8 +25062,8 @@
RESERVED
CVE-2016-7469
RESERVED
-CVE-2016-7468
- RESERVED
+CVE-2016-7468 (An unauthenticated remote attacker may be able to disrupt
services on ...)
+ TODO: check
CVE-2016-7467
RESERVED
CVE-2016-7465
@@ -26199,32 +26200,27 @@
[jessie] - linux 3.16.39-1
[wheezy] - linux <not-affected> (Vulnerable code not present; arm64
introduced in 3.7)
NOTE: Fixed by:
https://git.kernel.org/linus/8fff105e13041e49b82f92eef034f363a6b1c071 (4.1-rc1)
-CVE-2016-10057
- RESERVED
+CVE-2016-10057 (Buffer overflow in the WriteGROUP4Image function in
coders/tiff.c in ...)
{DSA-3675-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #836172)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10056
- RESERVED
+CVE-2016-10056 (Buffer overflow in the sixel_decode function in coders/sixel.c
in ...)
{DSA-3675-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #836172)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10055
- RESERVED
+CVE-2016-10055 (Buffer overflow in the WritePDBImage function in coders/pdb.c
in ...)
{DSA-3675-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #836172)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10054
- RESERVED
+CVE-2016-10054 (Buffer overflow in the WriteMAPImage function in coders/map.c
in ...)
{DSA-3675-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #836172)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10053 [TIFF divide by zero]
- RESERVED
+CVE-2016-10053 (The WriteTIFFImage function in coders/tiff.c in ImageMagick
before ...)
{DSA-3675-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #836171)
[wheezy] - imagemagick <not-affected> (Vulnerability likely introduced
in a version after 6.7.7.10)
@@ -27172,8 +27168,7 @@
{DSA-3652-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #834504)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/4cc6ec8a4197d4c008577127736bf7985d632323
-CVE-2016-10052 [Out-of-bound in exif (jpeg) reader]
- RESERVED
+CVE-2016-10052 (Buffer overflow in the WriteProfile function in coders/jpeg.c
in ...)
{DSA-3652-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #834501)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/9e187b73a8a1290bb0e1a1c878f8be1917aa8742
@@ -27437,8 +27432,7 @@
[jessie] - linux 3.16.7-ckt17-1
[wheezy] - linux <not-affected> (Vulnerable code not present; arm64
introduced in 3.7)
NOTE: Fixed by:
https://git.kernel.org/linus/6829e274a623187c24f7cfc0e3d35f25d087fcc5 (4.1-rc2)
-CVE-2016-10051 [Double free]
- RESERVED
+CVE-2016-10051 (Use-after-free vulnerability in the ReadPWPImage function in
...)
{DSA-3652-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #834183)
NOTE:
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30245
@@ -27590,35 +27584,30 @@
NOT-FOR-US: Pivotal
CVE-2016-1000038
RESERVED
-CVE-2016-10050 [RLE check for pixel offset less than 0]
- RESERVED
+CVE-2016-10050 (Heap-based buffer overflow in the ReadRLEImage function in ...)
{DSA-3652-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #833744)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/73fb0aac5b958521e1511e179ecc0ad49f70ebaf
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10049 [Segfault in ReadRLEImage]
- RESERVED
+CVE-2016-10049 (Buffer overflow in the ReadRLEImage function in coders/rle.c
in ...)
{DSA-3652-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #833743)
[wheezy] - imagemagick <not-affected> (Vulnerability likely introduced
in a version after 6.7.7.10)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4
NOTE:
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29710
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10048 [Coder path transversal]
- RESERVED
+CVE-2016-10048 (Directory traversal vulnerability in magick/module.c in
ImageMagick ...)
{DSA-3652-1 DLA-731-1}
- imagemagick 8:6.9.5.7+dfsg-1 (bug #833735)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10047 [memory leak]
- RESERVED
+CVE-2016-10047 (Memory leak in the NewXMLTree function in magick/xml-tree.c in
...)
{DSA-3652-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #833732)
[wheezy] - imagemagick <not-affected> (Vulnerable code not present in
version 6.7.7.10)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10046 [Buffer overflow in draw.c]
- RESERVED
+CVE-2016-10046 (Heap-based buffer overflow in the DrawImage function in
magick/draw.c ...)
{DSA-3652-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #833730)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/989f9f88ea6db09b99d25586e912c921c0da8d3f
@@ -29388,8 +29377,7 @@
RESERVED
CVE-2016-6226
RESERVED
-CVE-2016-6225 [Encryption IV not being set properly]
- RESERVED
+CVE-2016-6225 (xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before
2.4.5 does ...)
- percona-xtrabackup <unfixed> (bug #851244)
NOTE:
https://www.percona.com/blog/2017/01/12/cve-2016-6225-percona-xtrabackup-encryption-iv-not-set-properly
NOTE: https://github.com/percona/percona-xtrabackup/pull/266
@@ -46547,8 +46535,8 @@
- gajim 0.16.5-0.1 (bug #809900)
NOTE: http://gultsch.de/gajim_roster_push_and_message_interception.html
NOTE:
https://trac.gajim.org/changeset/af78b7c068904d78c5dfb802826aae99f26a8947/
-CVE-2015-8687
- RESERVED
+CVE-2015-8687 (Multiple cross-site scripting (XSS) vulnerabilities in the
Management ...)
+ TODO: check
CVE-2015-8686
RESERVED
CVE-2015-8685 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr
...)
@@ -47134,42 +47122,35 @@
NOTE: https://nghttp2.org/blog/2015/12/23/nghttp2-v1-6-0/
NOTE: Fixed by:
https://github.com/tatsuhiro-t/nghttp2/commit/f8c30d022982d089fb90543c0cd5628b161d065d
NOTE: Introduced at least after:
https://github.com/tatsuhiro-t/nghttp2/commit/b2fb888363c08e98aae0638db62cdf7d164ea1d1
-CVE-2015-8628
- RESERVED
+CVE-2015-8628 (The (1) Special:MyPage, (2) Special:MyTalk, (3) ...)
- mediawiki 1:1.25.5-1 (low)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T109724
-CVE-2015-8627
- RESERVED
+CVE-2015-8627 (MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before
1.25.4, ...)
- mediawiki 1:1.25.5-1 (low)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T97897
-CVE-2015-8626
- RESERVED
+CVE-2015-8626 (The User::randomPassword function in MediaWiki before 1.23.12,
1.24.x ...)
- mediawiki 1:1.25.5-1 (low)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T115522
-CVE-2015-8625
- RESERVED
+CVE-2015-8625 (MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before
1.25.4, ...)
- mediawiki <not-affected> (Vulnerable code not present)
NOTE: https://phabricator.wikimedia.org/T118032
-CVE-2015-8624
- RESERVED
+CVE-2015-8624 (The User::matchEditToken function in includes/User.php in
MediaWiki ...)
- mediawiki 1:1.25.5-1 (low)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T119309
-CVE-2015-8623
- RESERVED
+CVE-2015-8623 (The User::matchEditToken function in includes/User.php in
MediaWiki ...)
- mediawiki 1:1.25.5-1 (low)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://gerrit.wikimedia.org/r/#/c/156336/5/includes/User.php
-CVE-2015-8622 [XSS from wikitext]
- RESERVED
+CVE-2015-8622 (Cross-site scripting (XSS) vulnerability in MediaWiki before
1.23.12, ...)
- mediawiki 1:1.25.5-1 (low)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
@@ -57598,8 +57579,8 @@
NOT-FOR-US: Fortinet
CVE-2015-5735 (The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys,
and (4) ...)
NOT-FOR-US: Fortinet
-CVE-2015-5729
- RESERVED
+CVE-2015-5729 (The Soft Access Point (AP) feature in Samsung Smart TVs X10P,
X12, ...)
+ TODO: check
CVE-2015-5728
RESERVED
CVE-2015-5727 (The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x
before ...)
@@ -62299,8 +62280,8 @@
RESERVED
CVE-2015-4168
RESERVED
-CVE-2015-4166
- RESERVED
+CVE-2015-4166 (Cloudera Key Trustee Server before 5.4.3 does not store keys
...)
+ TODO: check
CVE-2015-4165 [unspecified arbitrary files modification vulnerability]
RESERVED
- elasticsearch 1.6.0+dfsg-1 (bug #788471)
@@ -62589,8 +62570,8 @@
NOT-FOR-US: Kankun Smart Socket device and mobile application
CVE-2015-4079
RESERVED
-CVE-2015-4078
- RESERVED
+CVE-2015-4078 (Cloudera Navigator 2.2.x before 2.2.4 and 2.3.x before 2.3.3
include ...)
+ TODO: check
CVE-2015-4077 (The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys,
and (4) ...)
NOT-FOR-US: Fortinet
CVE-2015-4076
@@ -68262,8 +68243,8 @@
NOTE:
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49204
CVE-2015-2264 (Multiple untrusted search path vulnerabilities in (1) ...)
NOT-FOR-US: Telerik Analytics Monitor Library
-CVE-2015-2263
- RESERVED
+CVE-2015-2263 (Cloudera Manager 4.x, 5.0.x before 5.0.6, 5.1.x before 5.1.5,
5.2.x ...)
+ TODO: check
CVE-2015-2262
RESERVED
CVE-2015-2261
@@ -73114,8 +73095,7 @@
CVE-2015-0856 (daemon/Greeter.cpp in sddm before 0.13.0 does not properly
disable the ...)
- sddm 0.12.0-5 (bug #803336; low)
NOTE: https://github.com/sddm/sddm/commit/4cfed6b0a625593
-CVE-2015-0855 [Insecure use of os.system()]
- RESERVED
+CVE-2015-0855 (The _mediaLibraryPlayCb function in mainwindow.py in pitivi
before ...)
- pitivi 0.95-1
[jessie] - pitivi <no-dsa> (Minor issue)
[squeeze] - pitivi <not-affected> (Vulnerable code not present (no
os.system()))
@@ -78138,8 +78118,7 @@
NOTE: Upstream patch:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=dd9b91de2149ee81d47f708e7b0bbf57da10ad42
CVE-2014-8732 (Cross-site scripting (XSS) vulnerability in phpMemcachedAdmin
1.2.2 ...)
NOT-FOR-US: phpMemcachedAdmin
-CVE-2014-8731 [remote code execution flaw]
- RESERVED
+CVE-2014-8731 (PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to
execute ...)
NOT-FOR-US: phpMemcachedAdmin
CVE-2014-8716 [crafted jpeg file could lead to DOS]
RESERVED
@@ -78511,8 +78490,7 @@
[wheezy] - tnftp <no-dsa> (Minor issue)
[squeeze] - tnftp <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2014/10/28/4
-CVE-2014-9915 [Off-by-one count when parsing an 8BIM profile]
- RESERVED
+CVE-2014-9915 (Off-by-one error in ImageMagick before 6.6.0-4 allows remote
attackers ...)
- imagemagick 8:6.8.9.9-1 (bug #767240)
[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
[squeeze] - imagemagick <not-affected> (Vulnerable code not present)
@@ -81672,8 +81650,8 @@
NOT-FOR-US: Tenda A32 Router
CVE-2014-7280 (Cross-site scripting (XSS) vulnerability in the Web UI before
2.3.4 ...)
NOT-FOR-US: Nessus Web UI
-CVE-2014-7279
- RESERVED
+CVE-2014-7279 (The Konke Smart Plug K does not require authentication for
TELNET ...)
+ TODO: check
CVE-2014-7284 (The net_get_random_once implementation in net/core/utils.c in
the ...)
- linux 3.16.2-1
[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.13)
@@ -100700,8 +100678,8 @@
NOTE: tomcat6 in jessie only builds the servlet API classes
NOTE: https://svn.apache.org/viewvc?view=revision&revision=1603781 (7.x)
NOTE: https://svn.apache.org/viewvc?view=revision&revision=1659537 (6.x)
-CVE-2014-0229
- RESERVED
+CVE-2014-0229 (Apache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as
used in ...)
+ TODO: check
CVE-2014-0228 (Apache Hive before 0.13.1, when in SQL standards based
authorization ...)
NOT-FOR-US: Apache Hive
CVE-2014-0227 (java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
in ...)
@@ -102852,8 +102830,8 @@
NOT-FOR-US: JBoss Seam
CVE-2013-6447 (Multiple XML External Entity (XXE) vulnerabilities in the (1)
...)
NOT-FOR-US: JBoss Seam
-CVE-2013-6446
- RESERVED
+CVE-2013-6446 (The JobHistory Server in Cloudera CDH 4.x before 4.6.0 and 5.x
before ...)
+ TODO: check
CVE-2013-6445 (Cumin (aka MRG Management Console), as used in Red Hat
Enterprise MRG ...)
NOT-FOR-US: Cumin
CVE-2013-6444 (PyWBEM 0.7 and earlier does not verify that the server hostname
...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
