Author: sectracker Date: 2016-12-11 21:10:20 +0000 (Sun, 11 Dec 2016) New Revision: 46978
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-12-11 20:53:33 UTC (rev 46977) +++ data/CVE/list 2016-12-11 21:10:20 UTC (rev 46978) @@ -1073,6 +1073,7 @@ CVE-2016-9889 RESERVED CVE-2016-9888 (An error within the "tar_directory_for_file()" function ...) + {DLA-740-1} - libgsf 1.14.41-1 NOTE: Fixed by: https://github.com/GNOME/libgsf/commit/95a8351a75758cf10b3bf6abae0b6b461f90d9e5 CVE-2016-9887 @@ -7436,16 +7437,19 @@ RESERVED CVE-2016-9652 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-9651 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) - libv8 <unfixed> (unimportant) NOTE: libv8 not covered by security support CVE-2016-9650 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2017-0380 @@ -9688,7 +9692,7 @@ RESERVED CVE-2016-9079 [SVG Animation Remote Code Execution] RESERVED - {DSA-3728-1 DLA-730-1} + {DSA-3730-1 DSA-3728-1 DLA-730-1} - firefox 50.0.2-1 - firefox-esr 45.5.1esr-1 - icedove 1:45.5.1-1 @@ -9712,7 +9716,7 @@ - firefox-esr <not-affected> (Does not affect Firefox 45 ESR release) CVE-2016-9074 [existing mitigation of timing side-channel attacks insufficient] RESERVED - {DSA-3716-1} + {DSA-3730-1 DSA-3716-1} - nss 2:3.26.2-1 [jessie] - nss <no-dsa> (Minor issue, can be fixed in point release or future DSA) NOTE: Fixed by (3_26_BRANCH): https://hg.mozilla.org/projects/nss/rev/d38536fcc726 (3.26.1) @@ -9749,7 +9753,7 @@ - firefox-esr <not-affected> (Does not affect Firefox 45 ESR release) CVE-2016-9066 RESERVED - {DSA-3716-1 DLA-730-1} + {DSA-3730-1 DSA-3716-1 DLA-730-1} - firefox 50.0-1 - firefox-esr 45.5.0esr-1 - icedove 1:45.5.0-1 @@ -22203,13 +22207,13 @@ - firefox <not-affected> (Only affects Firefox on Android) CVE-2016-5297 RESERVED - {DSA-3716-1 DLA-730-1} + {DSA-3730-1 DSA-3716-1 DLA-730-1} - firefox 50.0-1 - firefox-esr 45.5.0esr-1 - icedove 1:45.5.0-1 CVE-2016-5296 RESERVED - {DSA-3716-1 DLA-730-1} + {DSA-3730-1 DSA-3716-1 DLA-730-1} - firefox 50.0-1 - firefox-esr 45.5.0esr-1 - icedove 1:45.5.0-1 @@ -22231,13 +22235,13 @@ - firefox-esr <not-affected> (Does not affect Firefox 45 ESR release) CVE-2016-5291 RESERVED - {DSA-3716-1 DLA-730-1} + {DSA-3730-1 DSA-3716-1 DLA-730-1} - firefox 50.0-1 - firefox-esr 45.5.0esr-1 - icedove 1:45.5.0-1 CVE-2016-5290 RESERVED - {DSA-3716-1 DLA-730-1} + {DSA-3730-1 DSA-3716-1 DLA-730-1} - firefox 50.0-1 - firefox-esr 45.5.0esr-1 - icedove 1:45.5.0-1 @@ -22787,120 +22791,148 @@ RESERVED CVE-2016-5226 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5225 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5224 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5223 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5222 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5221 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5220 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5219 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) - libv8 <unfixed> (unimportant) NOTE: libv8 not covered by security support CVE-2016-5218 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5217 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5216 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5215 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5214 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5213 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) - libv8 <unfixed> (unimportant) NOTE: libv8 not covered by security support CVE-2016-5212 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5211 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5210 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5209 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5208 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5207 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5206 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5205 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5204 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5203 RESERVED + {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5202 [various fixes from internal audits] RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5201 [info leak in extensions] RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5200 [out of bounds memory access in v8] RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) - libv8 <unfixed> (unimportant) NOTE: libv8 not covered by security support CVE-2016-5199 [heap corruption in ffmpeg] RESERVED + {DSA-3731-1} - chromium-browser 44.0.2403.157-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) - ffmpeg 7:3.2-1 @@ -22909,6 +22941,7 @@ NOTE: https://github.com/FFmpeg/FFmpeg/commit/347cb14b7cba7560e53f4434b419b9d8800253e7 CVE-2016-5198 RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) - libv8 <unfixed> (unimportant) @@ -22924,58 +22957,72 @@ NOTE: Fixed by: https://git.kernel.org/linus/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619 CVE-2016-5194 RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5193 RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5192 RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5191 RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5190 RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5189 RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5188 RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5187 RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5186 RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5185 RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5184 RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5183 RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5182 RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5181 RESERVED + {DSA-3731-1} - chromium-browser 54.0.2840.101-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2016-5180 (Heap-based buffer overflow in the ares_create_query function in c-ares ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits