[Secure-testing-commits] r33419 - data/CVE

security tracker role Tue, 07 Apr 2015 14:11:02 -0700

Author: sectracker
Date: 2015-04-07 21:10:16 +0000 (Tue, 07 Apr 2015)
New Revision: 33419


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-04-07 20:19:36 UTC (rev 33418)
+++ data/CVE/list       2015-04-07 21:10:16 UTC (rev 33419)
@@ -1,3 +1,9 @@
+CVE-2015-2930
+       RESERVED
+CVE-2015-2926
+       RESERVED
+CVE-2014-9714
+       RESERVED
 CVE-2015-XXXX [fixes related to 8a9164596fa5952d4fbcde5aa1c7d1c7bc85372f]
        - libmodule-signature-perl <unfixed>
        NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2015/04/07/1
@@ -173,11 +179,13 @@
 CVE-2015-2838 (Cross-site request forgery (CSRF) vulnerability in Nitro API in 
Citrix ...)
        TODO: check
 CVE-2015-2929 [Dos against tor client; client to crash with an assertion 
failure]
+       RESERVED
        {DSA-3216-1 DLA-187-1}
        - tor 0.2.5.12-1
        NOTE: https://trac.torproject.org/projects/tor/ticket/15601
        NOTE: http://www.openwall.com/lists/oss-security/2015/04/06/5
 CVE-2015-2928 [DoS against hidden services]
+       RESERVED
        {DSA-3216-1 DLA-187-1}
        - tor 0.2.5.12-1
        NOTE: https://trac.torproject.org/projects/tor/ticket/15600
@@ -195,6 +203,7 @@
 CVE-2015-2832
        RESERVED
 CVE-2015-2927 [DoS]
+       RESERVED
        - node <unfixed> (bug #777013)
        [squeeze] - node <no-dsa> (Minor issue)
        [wheezy] - node <no-dsa> (Minor issue)
@@ -247,8 +256,8 @@
        RESERVED
 CVE-2015-2825
        RESERVED
-CVE-2015-2824
-       RESERVED
+CVE-2015-2824 (Multiple SQL injection vulnerabilities in sam-ajax-admin.php in 
the ...)
+       TODO: check
 CVE-2015-2823
        RESERVED
 CVE-2015-2822
@@ -337,51 +346,63 @@
        - xdeb <unfixed> (bug #781595)
        [wheezy] - xdeb <no-dsa> (Minor issue)
 CVE-2015-2931 [MediaWiki circumvent the SVG MIME blacklist for embedded 
resources]
+       RESERVED
        - mediawiki 1:1.19.20+dfsg-2.3
        NOTE: 
https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
        NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
 CVE-2015-2932 [MediaWiki incomplete filter of animate elements]
+       RESERVED
        - mediawiki 1:1.19.20+dfsg-2.3
        NOTE: 
https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
        NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
 CVE-2015-2933 [MediaWiki XSS related to LanguageConverter substitutions]
+       RESERVED
        - mediawiki 1:1.19.20+dfsg-2.3
        NOTE: 
https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
        NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
 CVE-2015-2934 [MediaWiki bypass of SVG filtering]
+       RESERVED
        - mediawiki 1:1.19.20+dfsg-2.3
        NOTE: 
https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
        NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
 CVE-2015-2935 [MediaWiki information leak]
+       RESERVED
        - mediawiki 1:1.19.20+dfsg-2.3
        NOTE: 
https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
        NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
 CVE-2015-2936 [MediaWiki DoS]
+       RESERVED
        - mediawiki 1:1.19.20+dfsg-2.3
        NOTE: 
https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
        NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
 CVE-2015-2937 [MediaWiki quadratic blowup DoS]
+       RESERVED
        - mediawiki 1:1.19.20+dfsg-2.3
        NOTE: 
https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
        NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
 CVE-2015-2938 [MediaWiki XSS in preview]
+       RESERVED
        - mediawiki 1:1.19.20+dfsg-2.3
        NOTE: 
https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
        NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
 CVE-2015-2939 [MediaWiki XSS in Lua backtraces]
+       RESERVED
        - mediawiki 1:1.19.20+dfsg-2.3
        NOTE: 
https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
        NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
 CVE-2015-2940 [MediaWiki CSRF]
+       RESERVED
        - mediawiki 1:1.19.20+dfsg-2.3
        NOTE: 
https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
        NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
 CVE-2015-2941 [MediaWiki XSS on HHVM]
+       RESERVED
        - mediawiki 1:1.19.20+dfsg-2.3 (unimportant)
        NOTE: HHVM not packaged in Debian
        NOTE: 
https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
        NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
 CVE-2015-2942 [MediaWiki quadractic blowup on HHVM]
+       RESERVED
        - mediawiki 1:1.19.20+dfsg-2.3 (unimportant)
        NOTE: HHVM not packaged in Debian
        NOTE: 
https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
@@ -2041,12 +2062,12 @@
        RESERVED
 CVE-2015-2168
        REJECTED
-CVE-2015-2167
-       RESERVED
-CVE-2015-2166
-       RESERVED
-CVE-2015-2165
-       RESERVED
+CVE-2015-2167 (Open redirect vulnerability in the 3PI Manager in Ericsson 
Drutt ...)
+       TODO: check
+CVE-2015-2166 (Directory traversal vulnerability in the Instance Monitor in 
Ericsson ...)
+       TODO: check
+CVE-2015-2165 (Multiple cross-site scripting (XSS) vulnerabilities in the 
Report ...)
+       TODO: check
 CVE-2015-2164
        RESERVED
 CVE-2015-2163
@@ -2813,8 +2834,7 @@
 CVE-2015-1844
        RESERVED
        - foreman <itp> (bug #663101)
-CVE-2015-1843 [Regression of CVE-2014-5277]
-       RESERVED
+CVE-2015-1843 (The Red Hat docker package before 1.5.0-28, when using the ...)
        - docker.io <not-affected> (RHEL specific problem)
 CVE-2015-1842
        RESERVED
@@ -6066,8 +6086,8 @@
        NOT-FOR-US: CREAR AL-Mail32
 CVE-2015-0877 (Unrestricted file upload vulnerability in app/lib/mlf.pl in 
C-BOARD ...)
        TODO: check
-CVE-2015-0876
-       RESERVED
+CVE-2015-0876 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+       TODO: check
 CVE-2015-0875 (The Ogaki Kyoritsu Bank Smartphone Passbook application 1.0.0 
for ...)
        NOT-FOR-US: Ogaki Kyoritsu Bank Smartphone Passbook application for 
Android
 CVE-2015-0874
@@ -6537,8 +6557,8 @@
        RESERVED
 CVE-2015-0691
        RESERVED
-CVE-2015-0690
-       RESERVED
+CVE-2015-0690 (Cross-site scripting (XSS) vulnerability in the HTML help 
system on ...)
+       TODO: check
 CVE-2015-0689
        RESERVED
 CVE-2015-0688 (Cisco IOS XE 3.10.2S on an ASR 1000 device with an Embedded 
Services ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r33419 - data/CVE

Reply via email to