[Secure-testing-commits] r38347 - data/CVE

security tracker role Wed, 16 Dec 2015 01:11:29 -0800

Author: sectracker
Date: 2015-12-16 09:10:12 +0000 (Wed, 16 Dec 2015)
New Revision: 38347


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-12-16 08:35:44 UTC (rev 38346)
+++ data/CVE/list       2015-12-16 09:10:12 UTC (rev 38347)
@@ -1,3 +1,29 @@
+CVE-2015-8566
+       RESERVED
+CVE-2015-8565
+       RESERVED
+CVE-2015-8564
+       RESERVED
+CVE-2015-8563
+       RESERVED
+CVE-2015-8562
+       RESERVED
+CVE-2015-8561 (The F1BookView ActiveX control in F1 Bookview in Schneider 
Electric ...)
+       TODO: check
+CVE-2015-8555
+       RESERVED
+CVE-2015-8554
+       RESERVED
+CVE-2015-8553
+       RESERVED
+CVE-2015-8552
+       RESERVED
+CVE-2015-8551
+       RESERVED
+CVE-2015-8550
+       RESERVED
+CVE-2015-8549
+       RESERVED
 CVE-2015-8569 [information leak from getsockname]
        - linux <unfixed>
        - linux-2.6 <removed>
@@ -18,11 +44,13 @@
        NOTE: http://www.openwall.com/lists/oss-security/2015/12/15/4
        TODO: check
 CVE-2015-8559 [knife bootstrap leaks validator privkey into system logs]
+       RESERVED
        - chef <unfixed>
        NOTE: https://github.com/chef/chef/issues/3871
        NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/10
        TODO: check
 CVE-2015-8558 [usb: infinite loop in ehci_advance_state results in DoS]
+       RESERVED
        - qemu <unfixed>
        [squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
        - qemu-kvm <removed>
@@ -31,12 +59,14 @@
        NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/9
        TODO: check
 CVE-2015-8557 [Shell Injection in Pygments FontManager._get_nix_font_path]
+       RESERVED
        {DLA-369-1}
        - pygments <unfixed> (bug #802828)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1276321
        NOTE: 
https://bitbucket.org/birkenfeld/pygments-main/commits/0036ab1c99e256298094505e5e92f
        NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/6
 CVE-2015-8548 (Multiple unspecified vulnerabilities in Google V8 before 
4.7.80.23, as ...)
+       {DSA-3418-1}
        - chromium-browser 47.0.2526.80-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
        [squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze 
LTS)
@@ -49,6 +79,7 @@
 CVE-2015-8542
        RESERVED
 CVE-2015-8556 [Local Privilege Escalation in QEMU virtfs-proxy-helper]
+       RESERVED
        - qemu <not-affected> (Issue specific to virtfs-proxy-helper in Gentoo 
installed suid)
        NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/5
 CVE-2015-XXXX [fuse: possible denial of service in fuse_fill_write_pages()]
@@ -61,6 +92,7 @@
        NOTE: 
https://github.com/eventmachine/eventmachine/issues/501#issuecomment-37307556
        TODO: check
 CVE-2015-8560 [code execution via improper escaping of ; in foomatic-rip]
+       RESERVED
        {DSA-3419-1}
        - cups-filters 1.4.0-1 (bug #807930)
        [wheezy] - cups-filters <not-affected> (Vulnerable code not present; 
introduced in 1.0.42)
@@ -3234,8 +3266,8 @@
        RESERVED
 CVE-2015-7919
        RESERVED
-CVE-2015-7918
-       RESERVED
+CVE-2015-7918 (Multiple buffer overflows in the F1BookView ActiveX control in 
F1 ...)
+       TODO: check
 CVE-2015-7917
        RESERVED
 CVE-2015-7916
@@ -7251,8 +7283,8 @@
        TODO: check
 CVE-2015-6421
        RESERVED
-CVE-2015-6420
-       RESERVED
+CVE-2015-6420 (Serialized-object interfaces in certain Cisco Collaboration and 
Social ...)
+       TODO: check
 CVE-2015-6419 (Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 
5.3.0, ...)
        TODO: check
 CVE-2015-6418 (The random-number generator on Cisco Small Business RV routers 
4.x and ...)
@@ -7269,8 +7301,8 @@
        TODO: check
 CVE-2015-6412
        RESERVED
-CVE-2015-6411
-       RESERVED
+CVE-2015-6411 (Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 
provides ...)
+       TODO: check
 CVE-2015-6410 (The Mobile and Remote Access (MRA) services implementation in 
Cisco ...)
        TODO: check
 CVE-2015-6409
@@ -7283,18 +7315,18 @@
        TODO: check
 CVE-2015-6405 (Cross-site request forgery (CSRF) vulnerability in Cisco 
Emergency ...)
        TODO: check
-CVE-2015-6404
-       RESERVED
-CVE-2015-6403
-       RESERVED
+CVE-2015-6404 (Cisco Hosted Collaboration Mediation Fulfillment 10.6(3) does 
not use ...)
+       TODO: check
+CVE-2015-6403 (The TFTP implementation on Cisco Small Business SPA30x, SPA50x, 
SPA51x ...)
+       TODO: check
 CVE-2015-6402 (Cross-site scripting (XSS) vulnerability in the management 
interface ...)
        TODO: check
 CVE-2015-6401 (Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow 
remote ...)
        TODO: check
 CVE-2015-6400 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco 
Emergency ...)
        TODO: check
-CVE-2015-6399
-       RESERVED
+CVE-2015-6399 (The Supervisor 1.0.0.0 and 1.0.0.1 in Cisco Integrated 
Management ...)
+       TODO: check
 CVE-2015-6398
        RESERVED
 CVE-2015-6397
@@ -7380,8 +7412,8 @@
        NOTE: Fixup: 
https://github.com/cisco/libsrtp/commit/be06686c8e98cc7bd934e10abb6f5e971d03f8ee
        NOTE: 
https://github.com/cisco/libsrtp/commit/cdc69f2acde796a4152a250f869271298abc233f
        TODO: check
-CVE-2015-6359
-       RESERVED
+CVE-2015-6359 (The Neighbor Discovery (ND) protocol implementation in the IPv6 
stack ...)
+       TODO: check
 CVE-2015-6358
        RESERVED
 CVE-2015-6357 (The rule-update feature in Cisco FireSIGHT Management Center 
(MC) 5.2 ...)
@@ -10348,7 +10380,7 @@
 CVE-2015-5281 (The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux 
(RHEL) ...)
        TODO: check
 CVE-2015-5280
-       RESERVED
+       REJECTED
 CVE-2015-5279 (Heap-based buffer overflow in the ne2000_receive function in 
...)
        {DSA-3362-1 DSA-3361-1}
        - qemu 1:2.4+dfsg-3 (bug #799074)
@@ -11212,8 +11244,8 @@
        TODO: check
 CVE-2015-5005 (CSPOC in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 allows 
remote ...)
        NOT-FOR-US: IBM
-CVE-2015-5004
-       RESERVED
+CVE-2015-5004 (The Edge Component Caching Proxy in IBM WebSphere Application 
Server ...)
+       TODO: check
 CVE-2015-5003
        RESERVED
 CVE-2015-5002
@@ -13294,8 +13326,8 @@
        NOT-FOR-US: Cisco
 CVE-2015-4207 (Cisco WebEx Meeting Center places a meeting's access number in 
a URL, ...)
        NOT-FOR-US: Cisco
-CVE-2015-4206
-       RESERVED
+CVE-2015-4206 (Cisco Unified Communications Manager (UCM) 8.0 through 8.6 
allows ...)
+       TODO: check
 CVE-2015-4205 (Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers 
to ...)
        NOT-FOR-US: Cisco
 CVE-2015-4204 (Memory leak in Cisco IOS 12.2 in the Performance Routing Engine 
(PRE) ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r38347 - data/CVE

Reply via email to