Author: sectracker Date: 2016-06-02 21:10:08 +0000 (Thu, 02 Jun 2016) New Revision: 42277
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-06-02 20:58:37 UTC (rev 42276) +++ data/CVE/list 2016-06-02 21:10:08 UTC (rev 42277) @@ -1,3 +1,11 @@ +CVE-2016-5237 + RESERVED +CVE-2016-5236 + RESERVED +CVE-2016-5235 + RESERVED +CVE-2014-9803 + RESERVED CVE-2014-9804 [Avoid a DOS in vision.c due to an infinite loop] - imagemagick 8:6.8.9.9-4 (bug #773834) CVE-2014-9805 [Avoid a SEGV due to a corrupted pnm file] @@ -345,6 +353,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231 TODO: check versions CVE-2015-8896 [integer truncation issue] + {DLA-353-1} - imagemagick 8:6.8.9.9-7 (bug #806441) [jessie] - imagemagick 8:6.8.9.9-5+deb8u1 [wheezy] - imagemagick 8:6.7.7.10-5+deb7u4 @@ -353,6 +362,7 @@ NOTE: http://www.openwall.com/lists/oss-security/2015/10/07/2 NOTE: http://www.openwall.com/lists/oss-security/2016/02/22/4 CVE-2015-8895 [pict/icon processing issues: Integer and Buffer overflow in coders/icon.c] + {DLA-353-1} - imagemagick 8:6.8.9.9-7 (bug #806441) [jessie] - imagemagick 8:6.8.9.9-5+deb8u1 [wheezy] - imagemagick 8:6.7.7.10-5+deb7u4 @@ -475,8 +485,7 @@ RESERVED CVE-2015-8881 RESERVED -CVE-2016-5126 [block: iscsi: buffer overflow in iscsi_aio_ioctl] - RESERVED +CVE-2016-5126 (Heap-based buffer overflow in the iscsi_aio_ioctl function in ...) - qemu <unfixed> (bug #826151) [wheezy] - qemu <not-affected> (Vulnerable code not present) - qemu-kvm <removed> @@ -1033,8 +1042,7 @@ RESERVED CVE-2016-4946 RESERVED -CVE-2016-4945 - RESERVED +CVE-2016-4945 (Cross-site scripting (XSS) vulnerability in ...) NOT-FOR-US: Citrix NetScaler Gateway CVE-2015-8880 (Double free vulnerability in the format printer in PHP 7.x before ...) - php7.0 7.0.1-1 @@ -1358,8 +1366,7 @@ RESERVED CVE-2016-4811 RESERVED -CVE-2016-4810 - RESERVED +CVE-2016-4810 (Citrix Studio before 7.6.1000, Citrix XenDesktop 7.x before 7.6 LTSR ...) NOT-FOR-US: Citrix CVE-2016-4913 (The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux ...) - linux 4.5.4-1 @@ -2095,8 +2102,8 @@ NOT-FOR-US: Environmental Systems Corporation CVE-2016-4501 (Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and ...) NOT-FOR-US: Environmental Systems Corporation -CVE-2016-4500 - RESERVED +CVE-2016-4500 (Moxa UC-7408 LX-Plus devices allow remote authenticated users to write ...) + TODO: check CVE-2016-4499 (Heap-based buffer overflow in Panasonic FPWIN Pro 5.x through 7.x ...) NOT-FOR-US: Panasonic FPWIN Pro CVE-2016-4498 (Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an ...) @@ -2351,8 +2358,7 @@ CVE-2016-4455 RESERVED NOT-FOR-US: Red Hat Subscription Manager -CVE-2016-4454 [display: vmsvga: out-of-bounds read in vmsvga_fifo_read_raw() routine] - RESERVED +CVE-2016-4454 (The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU ...) - qemu <unfixed> [jessie] - qemu <no-dsa> (Minor issue) [wheezy] - qemu <no-dsa> (Minor issue) @@ -2360,8 +2366,7 @@ [wheezy] - qemu-kvm <no-dsa> (Minor issue) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg05271.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1336429 -CVE-2016-4453 [display: vmsvga: infinite loop in vmsvga_fifo_run()] - RESERVED +CVE-2016-4453 (The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows ...) - qemu <unfixed> [jessie] - qemu <no-dsa> (Minor issue) [wheezy] - qemu <no-dsa> (Minor issue) @@ -2381,6 +2386,7 @@ [wheezy] - nginx <not-affected> (Introduced in 1.3.9) CVE-2016-4449 RESERVED + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=761430 NOTE: https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5 (v2.9.4) @@ -2395,6 +2401,7 @@ TODO: check versions, applying the two commits quite intrusive CVE-2016-4447 RESERVED + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759573 NOTE: https://git.gnome.org/browse/libxml2/commit/?id=00906759053986b8079985644172085f74331f83 (v2.9.4) @@ -2446,8 +2453,7 @@ [jessie] - tika <no-dsa> (Minor issue, no standard alone package, just a reverse dependency of jmeter) CVE-2016-4433 RESERVED -CVE-2016-4432 - RESERVED +CVE-2016-4432 (The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid ...) NOT-FOR-US: Apache Qpid Java Broker CVE-2016-4431 RESERVED @@ -2471,8 +2477,7 @@ RESERVED CVE-2016-4424 RESERVED -CVE-2016-4423 [Large username storage in session] - RESERVED +CVE-2016-4423 (The attemptAuthentication function in ...) {DSA-3588-1} - symfony 2.8.6+dfsg-1 NOTE: https://github.com/symfony/symfony/pull/18733 @@ -2501,6 +2506,7 @@ NOTE: http://www.openwall.com/lists/oss-security/2016/05/04/2 CVE-2016-4483 RESERVED + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 (bug #823405) NOTE: Minor issue, only when using libxml2 using recovery mode NOTE: https://git.gnome.org/browse/libxml2/commit/?id=c97750d11bb8b6f3303e7131fe526a61ac65bcfd (v2.9.4) @@ -4441,6 +4447,7 @@ - eglibc <removed> NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20010 CVE-2016-3705 (The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions ...) + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 (bug #823414) NOTE: https://git.gnome.org/browse/libxml2/commit/?id=8f30bdff69edac9075f4663ce3b56b0c52d48ce6 (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=765207 @@ -4465,8 +4472,7 @@ - libndp 1.6-1 (bug #824545) NOTE: https://github.com/jpirko/libndp/commit/a4892df306e0532487f1634ba6d4c6d4bb381c7f NOTE: https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839 -CVE-2016-3697 [privilege escalation via confusion of usernames and UIDs] - RESERVED +CVE-2016-3697 (libcontainer/user/user.go in runC before 0.1.0, as used in Docker ...) - docker.io <unfixed> - runc 0.1.0+dfsg-1 NOTE: https://github.com/opencontainers/runc/commit/69af385de62ea68e2e608335cffbb0f4aa3db091 (runc, v0.1.0) @@ -4749,6 +4755,7 @@ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1319661 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1318509 CVE-2016-3627 (The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and ...) + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 (bug #819006) NOTE: https://git.gnome.org/browse/libxml2/commit/?id=bdd66182ef53fe1f7209ab6535fda56366bd7ac9 (v2.9.4) NOTE: http://www.openwall.com/lists/oss-security/2016/03/21/3 @@ -5841,8 +5848,7 @@ CVE-2016-3095 RESERVED NOT-FOR-US: Pulp (Red Hat) -CVE-2016-3094 - RESERVED +CVE-2016-3094 (PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker ...) NOT-FOR-US: Apache Qpid Java Broker CVE-2016-3093 RESERVED @@ -5856,8 +5862,7 @@ RESERVED CVE-2016-3089 RESERVED -CVE-2016-3088 [Fileserver web application vulnerability allowing RCE] - RESERVED +CVE-2016-3088 (The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 ...) - activemq <unfixed> [jessie] - activemq <not-affected> (file server was only enabled in 5.13.2+dfsg-2) [wheezy] - activemq <not-affected> (file server was only enabled in 5.13.2+dfsg-2) @@ -5901,8 +5906,7 @@ NOTE: https://github.com/python-pillow/Pillow/commit/a1f244343df389cf15cdfff80327594821097295 (3.1.2) NOTE: Marked as unimportant since source vulnerable but in Debian we do NOTE: not built against openjpeg by default -CVE-2016-3075 [Stack overflow in nss_dns_getnetbyname_r] - RESERVED +CVE-2016-3075 (Stack-based buffer overflow in the nss_dns implementation of the ...) {DLA-494-1} - glibc 2.22-6 [jessie] - glibc <no-dsa> (Minor issue, can be fixed via point release) @@ -6541,7 +6545,7 @@ CVE-2016-2850 (Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) ...) - botan1.10 <not-affected> (Introduced in 1.11.0) NOTE: Introduced in 1.11.0, fixed in 1.11.29 -CVE-2016-2849 (Botan before 1.10.13 and 1.11.x before 1.11.29 does not use a ...) +CVE-2016-2849 (Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a ...) {DSA-3565-1 DLA-449-1} - botan1.10 <unfixed> (bug #822698) NOTE: http://botan.randombit.net/security.html @@ -8956,8 +8960,7 @@ - openssl <not-affected> (Only applies to EBCDIC systems) NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=ea96ad5a206b7b5f25dad230333e8ff032df3219 NOTE: https://www.openssl.org/news/secadv/20160503.txt -CVE-2016-2175 - RESERVED +CVE-2016-2175 (Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly ...) - libpdfbox-java 1:1.8.12-1 NOTE: Fixed on upstream 1.8 branch in https://svn.apache.org/viewvc?view=revision&revision=1739564 NOTE: Fixed on upstream 2.0 branch in https://svn.apache.org/viewvc?view=revision&revision=1739565 @@ -9213,6 +9216,7 @@ CVE-2016-2093 RESERVED CVE-2015-8806 (dict.c in libxml2 allows remote attackers to cause a denial of service ...) + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 (bug #813613) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=749115 NOTE: Same fix as CVE-2016-1839 seems to resolve the issue @@ -9462,6 +9466,7 @@ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/26/5 NOTE: http://sourceforge.net/p/giflib/code/ci/4cc68b315ff9a378aef6664e1be6b2144ad4a5e6/ CVE-2016-2073 (The htmlParseNameComplex function in HTMLparser.c in libxml2 allows ...) + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 (bug #812807) NOTE: http://www.openwall.com/lists/oss-security/2016/01/25/6 NOTE: http://www.openwall.com/lists/oss-security/2016/01/26/8 has details @@ -10161,8 +10166,7 @@ CVE-2016-1919 [Weak eCryptFS Key generation from user password on KNOX 1.0 / Android 4.3] RESERVED NOT-FOR-US: KNOX 1.0 / Android 4.3 -CVE-2016-1902 [SecureRandom's fallback not secure when OpenSSL fails] - RESERVED +CVE-2016-1902 (The nextBytes function in the SecureRandom class in Symfony before ...) {DSA-3588-1} - symfony 2.7.9+dfsg-1 NOTE: http://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails @@ -10338,24 +10342,29 @@ - libxslt <undetermined> TODO: check, most likely *not* only Apple specific CVE-2016-1840 (libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS ...) + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 NOTE: https://git.gnome.org/browse/libxml2/commit/?id=cbb271655cadeb8dbb258a64701d9a3a0c4835b4 (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=757711 CVE-2016-1839 (libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS ...) + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 NOTE: https://git.gnome.org/browse/libxml2/commit/?id=a820dbeac29d330bae4be05d9ecd939ad6b4aa33 (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758605 NOTE: https://code.google.com/p/google-security-research/issues/detail?id=637 CVE-2016-1838 (libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS ...) + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 NOTE: https://git.gnome.org/browse/libxml2/commit/?id=db07dd613e461df93dde7902c6505629bf0734e9 (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758588 NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=639 CVE-2016-1837 (libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS ...) + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 NOTE: https://git.gnome.org/browse/libxml2/commit/?id=11ed4a7a90d5ce156a18980a4ad4e53e77384852 (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=760263 CVE-2016-1836 (libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS ...) + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 [wheezy] - libxml2 <not-affected> (Vulnerable code not present) NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=45752d2c334b50016666d8f0ec3691e2d680f0a0 (v2.9.4) @@ -10363,14 +10372,17 @@ NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759398 NOTE: Regression applies to Jessie, since fix backported as 0007-Fix-a-parsing-bug-on-non-ascii-element-and-CR-LF-usa.patch CVE-2016-1835 (libxml2, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, ...) + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 NOTE: https://git.gnome.org/browse/libxml2/commit/?id=38eae571111db3b43ffdeb05487c9f60551906fb (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759020 CVE-2016-1834 (libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS ...) + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 NOTE: https://git.gnome.org/browse/libxml2/commit/?id=8fbbf5513d609c1770b391b99e33314cd0742704 (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=763071 CVE-2016-1833 (libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS ...) + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 NOTE: https://git.gnome.org/browse/libxml2/commit/?id=0bcd05c5cd83dec3406c8f68b769b1d610c72f76 (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758606 @@ -10515,6 +10527,7 @@ CVE-2016-1763 (Messages in Apple iOS before 9.3 does not ensure that an auto-fill ...) TODO: check CVE-2016-1762 (libxml2 in Apple iOS before 9.3, OS X before 10.11.4, Safari before ...) + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 NOTE: https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759671 @@ -12508,8 +12521,7 @@ {DSA-3543-1} - oar 2.5.7-1 (bug #819952) NOTE: https://raw.githubusercontent.com/oar-team/oar/ce77ffed620fdce94881c9b35064507777c24a1c/debian/patches/004-fix-oarsh-security-issue -CVE-2016-1234 - RESERVED +CVE-2016-1234 (Stack-based buffer overflow in the glob implementation in GNU C ...) {DLA-494-1} - glibc 2.22-8 [jessie] - glibc <no-dsa> (Minor issue, can be fixed in a point update) @@ -15500,8 +15512,8 @@ RESERVED CVE-2016-0289 (shiprec.xml in the SHIPREC application in IBM Maximo Asset Management ...) TODO: check -CVE-2016-0288 - RESERVED +CVE-2016-0288 (IBM Security AppScan Standard 8.7.x, 8.8.x, and 9.x before 9.0.3.2 and ...) + TODO: check CVE-2016-0287 RESERVED CVE-2016-0286 @@ -18284,7 +18296,7 @@ NOT-FOR-US: Adobe CVE-2015-7828 (SAP HANA Database 1.00 SPS10 and earlier do not require ...) NOT-FOR-US: SAP HANA -CVE-2015-7827 (Botan before 1.10.13 and 1.11.x before 1.11.22 makes it easier for ...) +CVE-2015-7827 (Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for ...) {DSA-3565-1 DLA-449-1} - botan1.10 <unfixed> (bug #817932) NOTE: Fixed in 1.11.22. Affected all previous versions @@ -18963,8 +18975,7 @@ NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=edf6fb8d856574bc3bb3a703037f56533229267c NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=6ddca835100107e6b5841ce9d56074f6d98c387e NOTE: gtk+2.0 2.21.5-1 removed the embedded copy of gdk-pixbuf and build-depends on external gdk-pixbuf -CVE-2015-8875 [Integer overlows in pixops_* functions] - RESERVED +CVE-2015-8875 (Multiple integer overflows in the (1) pixops_composite_nearest, (2) ...) {DSA-3589-1 DLA-450-1} - gdk-pixbuf 2.34.0-1 NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=dbfe8f70471864818bf458a39c8a99640895bd22 (2.33.1) @@ -59795,7 +59806,7 @@ NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=62497 NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-March/000145.html CVE-2014-2656 [arbitrary insertions of malicious data within cube parameter] - RESERVED + REJECTED NOT-FOR-US: Hypercube CVE-2014-2655 (SQL injection vulnerability in the gen_show_status function in ...) {DSA-2889-1} @@ -80198,7 +80209,7 @@ - tpp 1.3.1-3 (low; bug #706644) [squeeze] - tpp <no-dsa> (Minor issue) [wheezy] - tpp <no-dsa> (Minor issue) -CVE-2016-2856 (pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie ...) +CVE-2016-2856 (pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; ...) - eglibc <removed> [squeeze] - eglibc <no-dsa> (Minor issue) [wheezy] - eglibc <no-dsa> (Minor issue) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits