Author: sectracker Date: 2017-01-17 21:10:12 +0000 (Tue, 17 Jan 2017) New Revision: 48141
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-01-17 20:41:41 UTC (rev 48140) +++ data/CVE/list 2017-01-17 21:10:12 UTC (rev 48141) @@ -1,108 +1,426 @@ +CVE-2017-5521 (An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, ...) + TODO: check +CVE-2017-5520 (The media rename feature in GeniXCMS through 0.0.8 does not consider ...) + TODO: check +CVE-2017-5519 (SQL injection vulnerability in Posts.class.php in GeniXCMS through ...) + TODO: check +CVE-2017-5518 (The media-file upload feature in GeniXCMS through 0.0.8 allows remote ...) + TODO: check +CVE-2017-5517 (SQL injection vulnerability in author.control.php in GeniXCMS through ...) + TODO: check +CVE-2017-5516 (Multiple cross-site scripting (XSS) vulnerabilities in the user forms ...) + TODO: check +CVE-2017-5515 (Cross-site scripting (XSS) vulnerability in the user prompt function in ...) + TODO: check +CVE-2017-5514 + RESERVED +CVE-2017-5513 + RESERVED +CVE-2017-5512 + RESERVED +CVE-2017-5497 + RESERVED +CVE-2017-5496 + RESERVED +CVE-2017-5495 + RESERVED +CVE-2017-5494 (Multiple cross-site scripting (XSS) vulnerabilities in the file types ...) + TODO: check +CVE-2017-5486 + RESERVED +CVE-2017-5485 + RESERVED +CVE-2017-5484 + RESERVED +CVE-2017-5483 + RESERVED +CVE-2017-5482 + RESERVED +CVE-2017-5481 + RESERVED +CVE-2017-5480 (Directory traversal vulnerability in inc/files/files.ctrl.php in ...) + TODO: check +CVE-2017-5479 + RESERVED +CVE-2017-5478 + RESERVED +CVE-2017-5477 + RESERVED +CVE-2017-5476 (Serendipity through 2.0.5 allows CSRF for the installation of an event ...) + TODO: check +CVE-2017-5475 (comment.php in Serendipity through 2.0.5 allows CSRF in deleting any ...) + TODO: check +CVE-2017-5474 (Open redirect vulnerability in comment.php in Serendipity through 2.0.5 ...) + TODO: check +CVE-2017-5473 (Cross-site request forgery (CSRF) vulnerability in ntopng through 2.4 ...) + TODO: check +CVE-2017-5472 + RESERVED +CVE-2017-5471 + RESERVED +CVE-2017-5470 + RESERVED +CVE-2017-5469 + RESERVED +CVE-2017-5468 + RESERVED +CVE-2017-5467 + RESERVED +CVE-2017-5466 + RESERVED +CVE-2017-5465 + RESERVED +CVE-2017-5464 + RESERVED +CVE-2017-5463 + RESERVED +CVE-2017-5462 + RESERVED +CVE-2017-5461 + RESERVED +CVE-2017-5460 + RESERVED +CVE-2017-5459 + RESERVED +CVE-2017-5458 + RESERVED +CVE-2017-5457 + RESERVED +CVE-2017-5456 + RESERVED +CVE-2017-5455 + RESERVED +CVE-2017-5454 + RESERVED +CVE-2017-5453 + RESERVED +CVE-2017-5452 + RESERVED +CVE-2017-5451 + RESERVED +CVE-2017-5450 + RESERVED +CVE-2017-5449 + RESERVED +CVE-2017-5448 + RESERVED +CVE-2017-5447 + RESERVED +CVE-2017-5446 + RESERVED +CVE-2017-5445 + RESERVED +CVE-2017-5444 + RESERVED +CVE-2017-5443 + RESERVED +CVE-2017-5442 + RESERVED +CVE-2017-5441 + RESERVED +CVE-2017-5440 + RESERVED +CVE-2017-5439 + RESERVED +CVE-2017-5438 + RESERVED +CVE-2017-5437 + RESERVED +CVE-2017-5436 + RESERVED +CVE-2017-5435 + RESERVED +CVE-2017-5434 + RESERVED +CVE-2017-5433 + RESERVED +CVE-2017-5432 + RESERVED +CVE-2017-5431 + RESERVED +CVE-2017-5430 + RESERVED +CVE-2017-5429 + RESERVED +CVE-2017-5428 + RESERVED +CVE-2017-5427 + RESERVED +CVE-2017-5426 + RESERVED +CVE-2017-5425 + RESERVED +CVE-2017-5424 + RESERVED +CVE-2017-5423 + RESERVED +CVE-2017-5422 + RESERVED +CVE-2017-5421 + RESERVED +CVE-2017-5420 + RESERVED +CVE-2017-5419 + RESERVED +CVE-2017-5418 + RESERVED +CVE-2017-5417 + RESERVED +CVE-2017-5416 + RESERVED +CVE-2017-5415 + RESERVED +CVE-2017-5414 + RESERVED +CVE-2017-5413 + RESERVED +CVE-2017-5412 + RESERVED +CVE-2017-5411 + RESERVED +CVE-2017-5410 + RESERVED +CVE-2017-5409 + RESERVED +CVE-2017-5408 + RESERVED +CVE-2017-5407 + RESERVED +CVE-2017-5406 + RESERVED +CVE-2017-5405 + RESERVED +CVE-2017-5404 + RESERVED +CVE-2017-5403 + RESERVED +CVE-2017-5402 + RESERVED +CVE-2017-5401 + RESERVED +CVE-2017-5400 + RESERVED +CVE-2017-5399 + RESERVED +CVE-2017-5398 + RESERVED +CVE-2017-5397 + RESERVED +CVE-2017-5396 + RESERVED +CVE-2017-5395 + RESERVED +CVE-2017-5394 + RESERVED +CVE-2017-5393 + RESERVED +CVE-2017-5392 + RESERVED +CVE-2017-5391 + RESERVED +CVE-2017-5390 + RESERVED +CVE-2017-5389 + RESERVED +CVE-2017-5388 + RESERVED +CVE-2017-5387 + RESERVED +CVE-2017-5386 + RESERVED +CVE-2017-5385 + RESERVED +CVE-2017-5384 + RESERVED +CVE-2017-5383 + RESERVED +CVE-2017-5382 + RESERVED +CVE-2017-5381 + RESERVED +CVE-2017-5380 + RESERVED +CVE-2017-5379 + RESERVED +CVE-2017-5378 + RESERVED +CVE-2017-5377 + RESERVED +CVE-2017-5376 + RESERVED +CVE-2017-5375 + RESERVED +CVE-2017-5374 + RESERVED +CVE-2017-5373 + RESERVED +CVE-2017-5372 + RESERVED +CVE-2017-5371 + RESERVED +CVE-2017-5370 + RESERVED +CVE-2017-5369 + RESERVED +CVE-2017-5368 + RESERVED +CVE-2017-5367 + RESERVED +CVE-2017-5366 + RESERVED +CVE-2017-5365 + RESERVED +CVE-2017-5364 (Memory Corruption Vulnerability in Foxit PDF Toolkit v1.3 allows an ...) + TODO: check +CVE-2017-5363 + RESERVED +CVE-2017-5362 + RESERVED +CVE-2017-5361 + RESERVED +CVE-2017-5360 + RESERVED +CVE-2017-5359 + RESERVED +CVE-2017-5358 + RESERVED +CVE-2016-10143 + RESERVED +CVE-2016-10142 (An issue was discovered in the IPv6 protocol specification, related to ...) + TODO: check +CVE-2016-10139 (An issue was discovered on BLU R1 HD devices with Shanghai Adups ...) + TODO: check +CVE-2016-10138 (An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with ...) + TODO: check +CVE-2016-10137 (An issue was discovered on BLU R1 HD devices with Shanghai Adups ...) + TODO: check +CVE-2016-10136 (An issue was discovered on BLU R1 HD devices with Shanghai Adups ...) + TODO: check +CVE-2016-10135 (An issue was discovered on LG devices using the MTK chipset with ...) + TODO: check CVE-2017-5505 + RESERVED - jasper <removed> NOTE: https://blogs.gentoo.org/ago/2017/01/16/jasper-invalid-memory-read-in-jas_matrix_asl-jas_seq-c CVE-2017-5504 + RESERVED - jasper <removed> NOTE: https://blogs.gentoo.org/ago/2017/01/16/jasper-invalid-memory-read-in-jpc_undo_roi-jpc_dec-c CVE-2017-5503 + RESERVED - jasper <removed> NOTE: https://blogs.gentoo.org/ago/2017/01/16/jasper-invalid-memory-write-in-dec_clnpass-jpc_t1dec-c CVE-2017-5502 + RESERVED - jasper <removed> NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00030-jasper-leftshift-jp2_dec_c NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/ CVE-2017-5501 + RESERVED - jasper <removed> NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00022-jasper-signedintoverflow-jpc_tsfb_c NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/ CVE-2017-5500 + RESERVED - jasper <removed> NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00019-jasper-leftshift-jpc_dec_c NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/ CVE-2017-5499 + RESERVED - jasper <removed> NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00018-jasper-signedintoverflow-jpc_dec_c NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/ CVE-2017-5498 + RESERVED - jasper <removed> NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00017-jasper-leftshift-jas_math_h NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/ CVE-2017-5506 [double free in profile] + RESERVED - imagemagick <unfixed> (bug #851383) NOTE: https://github.com/ImageMagick/ImageMagick/issues/354 NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 CVE-2017-5507 [memory leak in MPC file handling] + RESERVED - imagemagick <unfixed> (bug #851382) NOTE: https://github.com/ImageMagick/ImageMagick/commit/4493d9ca1124564da17f9b628ef9d0f1a6be9738 NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 CVE-2017-5508 [Crash - PushQuantumPixel - Heap-Buffer-Overflow (TIFF)] + RESERVED - imagemagick <unfixed> (bug #851381) NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31161 NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 CVE-2016-10146 [memory leak in caption and label handling] + RESERVED - imagemagick 8:6.9.7.0+dfsg-2 (bug #851380) NOTE: https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456 NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 -CVE-2016-10140 [Information disclosure and authentication bypass] +CVE-2016-10140 (Information disclosure and authentication bypass vulnerability exists ...) - zoneminder <unfixed> (bug #851710) NOTE: https://github.com/ZoneMinder/ZoneMinder/pull/1697 NOTE: https://github.com/ZoneMinder/ZoneMinder/commit/6361f143878ce00659f64ce42593951d773e4e63 NOTE: https://github.com/ZoneMinder/ZoneMinder/commit/aa0a4d1f5ad2c493f2bed175991e92c466ac3dc4 CVE-2017-5509 [out of bound in psd file handling] + RESERVED - imagemagick <unfixed> (bug #851377) NOTE: https://github.com/ImageMagick/ImageMagick/issues/350 NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 CVE-2017-5510 [memory corruption heap overflow, psb file related, another one] + RESERVED - imagemagick <unfixed> (bug #851376) NOTE: https://github.com/ImageMagick/ImageMagick/issues/348 NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 CVE-2017-5511 [memory corruption heap overflow, psb file related] + RESERVED - imagemagick <unfixed> (bug #851374) NOTE: https://github.com/ImageMagick/ImageMagick/issues/347 NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 CVE-2016-10144 [ipl file missing malloc check] + RESERVED - imagemagick <unfixed> (bug #851485) NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/97566cf2806c0a5a86e884c96831a0c3b1ec6c20 NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 CVE-2016-10145 [wpg file off by one] + RESERVED - imagemagick <unfixed> (bug #851483) NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/d23beebe7b1179fb75db1e85fbca3100e49593d9 NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 -CVE-2017-5487 [WordPress 4.7 - User Information Disclosure via REST API] +CVE-2017-5487 (wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in ...) - wordpress 4.7.1+dfsg-1 (bug #851310) NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1 NOTE: https://wpvulndb.com/vulnerabilities/8715 NOTE: https://github.com/WordPress/WordPress/commit/daf358983cc1ce0c77bf6d2de2ebbb43df2add60 -CVE-2017-5488 [WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in update-core.php] +CVE-2017-5488 (Multiple cross-site scripting (XSS) vulnerabilities in ...) - wordpress 4.7.1+dfsg-1 (bug #851310) NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1 NOTE: https://wpvulndb.com/vulnerabilities/8716 NOTE: https://github.com/WordPress/WordPress/blob/c9ea1de1441bb3bda133bf72d513ca9de66566c2/wp-admin/update-core.php -CVE-2017-5489 [WordPress 4.7 - Cross-Site Request Forgery (CSRF) via Flash Upload] +CVE-2017-5489 (Cross-site request forgery (CSRF) vulnerability in WordPress before ...) - wordpress 4.7.1+dfsg-1 (bug #851310) NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1 NOTE: https://wpvulndb.com/vulnerabilities/8717 -CVE-2017-5490 [WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme Name fallback] +CVE-2017-5490 (Cross-site scripting (XSS) vulnerability in the theme-name fallback ...) - wordpress 4.7.1+dfsg-1 (bug #851310) NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1 NOTE: https://wpvulndb.com/vulnerabilities/8718 NOTE: https://github.com/WordPress/WordPress/commit/ce7fb2934dd111e6353784852de8aea2a938b359 -CVE-2017-5491 [WordPress <= 4.7 - Post via Email Checks mail.example.com by Default] +CVE-2017-5491 (wp-mail.php in WordPress before 4.7.1 might allow remote attackers to ...) - wordpress 4.7.1+dfsg-1 (bug #851310) NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1 NOTE: https://wpvulndb.com/vulnerabilities/8719 NOTE: https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a -CVE-2017-5492 [WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)] +CVE-2017-5492 (Cross-site request forgery (CSRF) vulnerability in the widget-editing ...) - wordpress 4.7.1+dfsg-1 (bug #851310) NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1 NOTE: https://wpvulndb.com/vulnerabilities/8720 NOTE: https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733 -CVE-2017-5493 [WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number Generator (PRNG)] +CVE-2017-5493 (wp-includes/ms-functions.php in the Multisite WordPress API in ...) - wordpress 4.7.1+dfsg-1 (bug #851310) NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1 NOTE: https://wpvulndb.com/vulnerabilities/8721 NOTE: https://github.com/WordPress/WordPress/commit/cea9e2dc62abf777e06b12ec4ad9d1aaa49b29f4 CVE-2017-5356 [Irssi out of bounds read in format string] + RESERVED - irssi 0.8.21-1 (low) [jessie] - irssi <no-dsa> (Minor issue) [wheezy] - irssi <no-dsa> (Minor issue) @@ -138,15 +456,18 @@ RESERVED CVE-2017-5341 RESERVED -CVE-2016-10141 +CVE-2016-10141 (An integer overflow vulnerability was observed in the regemit function ...) NOT-FOR-US: MuJS CVE-2016-10133 + RESERVED NOT-FOR-US: MuJS CVE-2016-10132 + RESERVED NOT-FOR-US: MuJS CVE-2016-10131 (system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote ...) NOT-FOR-US: CodeIgniter CVE-2017-5357 [ed invalid free] + RESERVED - ed <not-affected> (Vulnerable code not present, cf #851159) NOTE: http://www.openwall.com/lists/oss-security/2017/01/12/5 NOTE: The issue is only present from 1.14 onwards, and prior to 1.14.1 since upstream @@ -365,8 +686,8 @@ NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2657 CVE-2017-5224 RESERVED -CVE-2017-5223 - RESERVED +CVE-2017-5223 (An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML ...) + TODO: check CVE-2017-5222 RESERVED CVE-2017-5221 @@ -451,6 +772,7 @@ [jessie] - w3m <no-dsa> (Minor issues) [wheezy] - w3m <no-dsa> (Minor issues) CVE-2016-10134 [SQL injection vulnerabilities in "Latest data"] + RESERVED - zabbix 1:3.0.4+dfsg-1 (bug #850936) NOTE: https://support.zabbix.com/browse/ZBX-11023 NOTE: http://www.openwall.com/lists/oss-security/2017/01/12/4 @@ -995,7 +1317,7 @@ NOTE: https://borgbackup.readthedocs.io/en/stable/changes.html#pre-1-0-9-manifest-spoofing-vulnerability CVE-2017-5333 RESERVED - {DSA-3765-1} + {DSA-3765-1 DLA-789-1} - icoutils 0.31.1-1 NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1a108713ac26215c7568353f6e02e727e6d4b24a NOTE: CVE for "the separate vulnerability fixed by the introduction of the "size >= sizeof(uint16_t)*2" test in @@ -1003,7 +1325,7 @@ NOTE: http://seclists.org/oss-sec/2017/q1/56 CVE-2017-5332 RESERVED - {DSA-3765-1} + {DSA-3765-1 DLA-789-1} - icoutils 0.31.1-1 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1249276 NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1aa9f28f7bcbdfff6a84a15ac8d9a87559b1596a @@ -1013,13 +1335,13 @@ NOTE: 1a108713ac26215c7568353f6e02e727e6d4b24a." CVE-2017-5331 [make check_offset more stringent] RESERVED - {DSA-3765-1} + {DSA-3765-1 DLA-789-1} - icoutils 0.31.1-1 NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=4fbe9222fd79ee31b7ec031b0be070a9a400d1d3 NOTE: http://www.openwall.com/lists/oss-security/2017/01/10/4 CVE-2017-5208 [wrestool: exploitable crash] RESERVED - {DSA-3756-1} + {DSA-3756-1 DLA-789-1} - icoutils 0.31.0-4 (bug #850017) NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=0d569f458f306b88f60156d60c9cf058125cf173 NOTE: http://www.openwall.com/lists/oss-security/2017/01/08/1 @@ -3401,8 +3723,8 @@ RESERVED CVE-2017-3891 RESERVED -CVE-2017-3890 - RESERVED +CVE-2017-3890 (A reflected cross-site scripting vulnerability in the BlackBerry ...) + TODO: check CVE-2017-3889 RESERVED CVE-2017-3888 @@ -3605,8 +3927,7 @@ RESERVED CVE-2016-5103 REJECTED -CVE-2016-10027 - RESERVED +CVE-2016-10027 (Race condition in the XMPP library in Smack before 4.1.9, when the ...) - libsmack-java <itp> (bug #640873) CVE-2016-10023 RESERVED @@ -5292,8 +5613,8 @@ RESERVED CVE-2016-9883 RESERVED -CVE-2016-9882 - RESERVED +CVE-2016-9882 (An issue was discovered in Cloud Foundry Foundation cf-release versions ...) + TODO: check CVE-2016-9881 RESERVED CVE-2016-9880 @@ -6978,8 +7299,7 @@ RESERVED CVE-2017-2585 RESERVED -CVE-2017-2584 [kvm: use after free in complete_emulated_mmio] - RESERVED +CVE-2017-2584 (arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local ...) - linux <unfixed> [wheezy] - linux <not-affected> (Vulnerable code introduced in 3.6-rc1) NOTE: Upstream patch: https://www.spinics.net/lists/kvm/msg143571.html @@ -11488,54 +11808,53 @@ RESERVED CVE-2017-0405 RESERVED -CVE-2017-0404 - RESERVED -CVE-2017-0403 - RESERVED -CVE-2017-0402 - RESERVED -CVE-2017-0401 - RESERVED -CVE-2017-0400 - RESERVED -CVE-2017-0399 - RESERVED -CVE-2017-0398 - RESERVED -CVE-2017-0397 - RESERVED -CVE-2017-0396 - RESERVED -CVE-2017-0395 - RESERVED -CVE-2017-0394 - RESERVED -CVE-2017-0393 - RESERVED -CVE-2017-0392 - RESERVED -CVE-2017-0391 - RESERVED -CVE-2017-0390 - RESERVED -CVE-2017-0389 - RESERVED -CVE-2017-0388 - RESERVED -CVE-2017-0387 - RESERVED -CVE-2017-0386 - RESERVED -CVE-2017-0385 - RESERVED -CVE-2017-0384 - RESERVED -CVE-2017-0383 - RESERVED -CVE-2017-0382 - RESERVED -CVE-2017-0381 [Memory corruption during media file and data processing] - RESERVED +CVE-2017-0404 (An elevation of privilege vulnerability in the kernel sound subsystem ...) + TODO: check +CVE-2017-0403 (An elevation of privilege vulnerability in the kernel performance ...) + TODO: check +CVE-2017-0402 (An information disclosure vulnerability in ...) + TODO: check +CVE-2017-0401 (An information disclosure vulnerability in ...) + TODO: check +CVE-2017-0400 (An information disclosure vulnerability in ...) + TODO: check +CVE-2017-0399 (An information disclosure vulnerability in ...) + TODO: check +CVE-2017-0398 (An information disclosure vulnerability in Audioserver could enable a ...) + TODO: check +CVE-2017-0397 (An information disclosure vulnerability in id3/ID3.cpp in ...) + TODO: check +CVE-2017-0396 (An information disclosure vulnerability in ...) + TODO: check +CVE-2017-0395 (An elevation of privilege vulnerability in Contacts could enable a ...) + TODO: check +CVE-2017-0394 (A denial of service vulnerability in Telephony could enable a remote ...) + TODO: check +CVE-2017-0393 (A denial of service vulnerability in libvpx in Mediaserver could ...) + TODO: check +CVE-2017-0392 (A denial of service vulnerability in VBRISeeker.cpp in libstagefright ...) + TODO: check +CVE-2017-0391 (A denial of service vulnerability in decoder/ihevcd_decode.c in ...) + TODO: check +CVE-2017-0390 (A denial of service vulnerability in Tremolo/dpen.s in Mediaserver ...) + TODO: check +CVE-2017-0389 (A denial of service vulnerability in core networking could enable a ...) + TODO: check +CVE-2017-0388 (An elevation of privilege vulnerability in the External Storage ...) + TODO: check +CVE-2017-0387 (An elevation of privilege vulnerability in Mediaserver could enable a ...) + TODO: check +CVE-2017-0386 (An elevation of privilege vulnerability in the libnl library could ...) + TODO: check +CVE-2017-0385 (An elevation of privilege vulnerability in Audioserver could enable a ...) + TODO: check +CVE-2017-0384 (An elevation of privilege vulnerability in ...) + TODO: check +CVE-2017-0383 (An elevation of privilege vulnerability in the Framework APIs could ...) + TODO: check +CVE-2017-0382 (A remote code execution vulnerability in the Framesequence library ...) + TODO: check +CVE-2017-0381 (A remote code execution vulnerability in silk/NLSF_stabilize.c in ...) - opus <unfixed> (bug #851612) NOTE: Fixed by: https://github.com/xiph/opus/commit/79e8f527b0344b0897a65be35e77f7885bd99409 (v1.2-alpha) CVE-2016-9804 (In BlueZ 5.42, a buffer overflow was observed in "commands_dump" ...) @@ -12374,44 +12693,38 @@ - salt 2016.3.0+ds-1 [jessie] - salt <no-dsa> (Minor issue) NOTE: http://www.openwall.com/lists/oss-security/2016/11/25/2 -CVE-2016-9813 [null pointer deref (segfault) in mpegts decoder / _parse_pat] - RESERVED +CVE-2016-9813 (The _parse_pat function in the mpegts parser in GStreamer before ...) - gst-plugins-bad1.0 1.10.2-1 (low) [jessie] - gst-plugins-bad1.0 <no-dsa> (Minor issue) - gst-plugins-bad0.10 <not-affected> (Vulnerable code introduced in 1.1.1 of 1.0 series) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775120 -CVE-2016-9812 [2 byte heap out of bounds read in gst_mpegts_section_new] - RESERVED +CVE-2016-9812 (The gst_mpegts_section_new function in the mpegts decoder in GStreamer ...) - gst-plugins-bad1.0 1.10.2-1 (low) [jessie] - gst-plugins-bad1.0 <no-dsa> (Minor issue) - gst-plugins-bad0.10 <not-affected> (Vulnerable code introduced in 1.1.1 of 1.0 series) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775048 -CVE-2016-9811 [4 byte heap out of bounds read in windows_icon_typefind] - RESERVED +CVE-2016-9811 (The windows_icon_typefind function in gst-plugins-base in GStreamer ...) {DLA-735-1} - gst-plugins-base1.0 1.10.2-1 [jessie] - gst-plugins-base1.0 <no-dsa> (Minor issue, can be fixed via point release) - gst-plugins-base0.10 <removed> [jessie] - gst-plugins-base0.10 <no-dsa> (Minor issue, can be fixed via point release) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=774902 -CVE-2016-9810 [Invalid memory read in glib caused by one invalid unref call in the flxdec decoder] - RESERVED +CVE-2016-9810 (The gst_decode_chain_free_internal function in the flxdex decoder in ...) - gst-plugins-good1.0 1.10.1-2 [jessie] - gst-plugins-good1.0 1.4.4-2+deb8u2 - gst-plugins-good0.10 <removed> [jessie] - gst-plugins-good0.10 0.10.31-3+nmu4+deb8u2 [wheezy] - gst-plugins-good0.10 0.10.31-3+nmu1+deb7u1 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=774897 -CVE-2016-9809 [h264: one byte heap off by one read in gst_h264_parse_set_caps] - RESERVED +CVE-2016-9809 (Off-by-one error in the gst_h264_parse_set_caps function in GStreamer ...) {DLA-736-1} - gst-plugins-bad1.0 1.10.2-1 [jessie] - gst-plugins-bad1.0 <no-dsa> (Minor issue, can be fixed via point release) - gst-plugins-bad0.10 <removed> [jessie] - gst-plugins-bad0.10 <no-dsa> (Minor issue, can be fixed via point release) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=774896 -CVE-2016-9808 - RESERVED +CVE-2016-9808 (The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to ...) - gst-plugins-good1.0 1.10.1-2 [jessie] - gst-plugins-good1.0 1.4.4-2+deb8u2 - gst-plugins-good0.10 <removed> @@ -12420,8 +12733,7 @@ NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=774859 NOTE: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=153a8ae752c90d07190ef45803422a4f71ea8bff NOTE: https://scarybeastsecurity.blogspot.dk/2016/11/0day-poc-incorrect-fix-for-gstreamer.html -CVE-2016-9807 - RESERVED +CVE-2016-9807 (The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer ...) - gst-plugins-good1.0 1.10.1-2 [jessie] - gst-plugins-good1.0 1.4.4-2+deb8u2 - gst-plugins-good0.10 <removed> @@ -13303,21 +13615,18 @@ [wheezy] - linux <not-affected> (Vulnerable code introduced later) NOTE: Fixed by: https://git.kernel.org/linus/7df3e59c3d1df4f87fe874c7956ef7a3d2f4d5fb (v4.9-rc3) NOTE: Introduced by: https://git.kernel.org/linus/13100a72f40f5748a04017e0ab3df4cf27c809ef (v4.7-rc1) -CVE-2016-9312 - RESERVED +CVE-2016-9312 (ntpd in NTP before 4.2.8p9, when running on Windows, allows remote ...) - ntp <not-affected> (Only ntpd on Windows) NOTE: http://support.ntp.org/bin/view/Main/NtpBug3110 NOTE: Only relevant for ntpd on Windows, but fixed source-wise in 1:4.2.8p9+dfsg-1 -CVE-2016-9311 - RESERVED +CVE-2016-9311 (ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows ...) - ntp 1:4.2.8p9+dfsg-1 [jessie] - ntp <no-dsa> (Minor issue) NOTE: http://support.ntp.org/bin/view/Main/NtpBug3119 NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0204/ NOTE: Can be considered for a non-dsa for LTS as it is about a service NOTE: not normally enabled. Should be judged in more details. -CVE-2016-9310 - RESERVED +CVE-2016-9310 (The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 ...) - ntp 1:4.2.8p9+dfsg-1 [jessie] - ntp <no-dsa> (Minor issue) NOTE: http://support.ntp.org/bin/view/Main/NtpBug3118 @@ -13393,8 +13702,7 @@ {DSA-3713-1 DLA-712-1} - gst-plugins-bad0.10 <removed> NOTE: http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html -CVE-2016-9299 [jenkins: unauthenticated remote code execution] - RESERVED +CVE-2016-9299 (The remoting module in Jenkins before 2.32 and LTS before 2.19.3 ...) - jenkins <removed> NOTE: http://www.openwall.com/lists/oss-security/2016/11/12/4 CVE-2016-9298 [heap overflow in WaveletDenoiseImage()] @@ -13447,7 +13755,6 @@ - tiff 4.0.7-1 NOTE: https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-5173a9b3b48146e4fd86d7b9b346115e CVE-2016-9535 (tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that ...) - {DSA-3762-1} - tiff 4.0.7-1 NOTE: https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1 NOTE: https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33 @@ -14007,8 +14314,7 @@ CVE-2016-9108 RESERVED NOT-FOR-US: MuJS -CVE-2016-9107 [gajim: otr plugin cleartext leak] - RESERVED +CVE-2016-9107 (The OTR plugin for Gajim sends information in cleartext when using ...) - gajim-otr <itp> (bug #722130) NOTE: Upstream bug: https://trac-plugins.gajim.org/ticket/145 NOTE: Upstream fix: https://trac-plugins.gajim.org/changeset/c7c2e519ed63377bc943dd01c4661b0fe49321ae @@ -15048,25 +15354,23 @@ RESERVED - jasper <not-affected> (Incomplete fix for CVE-2016-8690 not applied) NOTE: https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690 -CVE-2016-8883 [assert in jpc_dec_tiledecode()] - RESERVED +CVE-2016-8883 (The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 ...) {DLA-739-1} - jasper <removed> NOTE: https://github.com/mdadams/jasper/issues/32 NOTE: https://github.com/mdadams/jasper/commit/33cc2cfa51a8d0fc3116d16cc1d8fc581b3f9e8d -CVE-2016-8882 [segfault / null pointer access in jpc_pi_destroy] - RESERVED +CVE-2016-8882 (The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer ...) {DLA-739-1} - jasper <removed> NOTE: https://github.com/mdadams/jasper/issues/30 NOTE: https://github.com/mdadams/jasper/commit/69a1439a5381e42b06ec6a06ed2675eb793babee (version-1.900.8) CVE-2016-8881 [Heap overflow in jpc_getuint16()] - RESERVED + REJECTED - jasper 1.900.1-13 NOTE: https://github.com/mdadams/jasper/issues/29 NOTE: Duplicate of CVE-2011-4517, cf https://github.com/mdadams/jasper/issues/29#issuecomment-267322934 CVE-2016-8880 [Heap overflow in jpc_dec_cp_setfromcox()] - RESERVED + REJECTED - jasper 1.900.1-13 NOTE: https://github.com/mdadams/jasper/issues/28 NOTE: Duplicate of CVE-2011-4516, cf https://github.com/mdadams/jasper/issues/28#issuecomment-267053875 @@ -15294,8 +15598,7 @@ NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73280 NOTE: https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9 NOTE: http://www.openwall.com/lists/oss-security/2016/10/15/1 -CVE-2016-8671 [Incomplete fix for CVE-2016-6887] - RESERVED +CVE-2016-8671 (The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not ...) - matrixssl <not-affected> (Incomplete fix for CVE-2016-6887 not applied) NOTE: https://blog.fuzzing-project.org/54-Update-on-MatrixSSL-miscalculation-incomplete-fix-for-CVE-2016-6887.html CVE-2016-8669 (The serial_update_parameters function in hw/char/serial.c in QEMU (aka ...) @@ -15644,15 +15947,13 @@ [jessie] - linux 3.16.39-1 [wheezy] - linux <not-affected> (Vulnerable code introduced later in 3.7) NOTE: Fixed by: https://git.kernel.org/linus/ded89912156b1a47d940a0c954c43afbabd0c42c (v4.8-rc8) -CVE-2016-8606 [REPL server vulnerable to HTTP inter-protocol attacks] - RESERVED +CVE-2016-8606 (The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to ...) {DLA-666-1} - guile-2.0 2.0.13+1-1 (low; bug #840555) [jessie] - guile-2.0 <no-dsa> (Minor issue) - guile-1.8 <not-affected> (repl server introduced in 2.0) NOTE: Patch: http://git.savannah.gnu.org/cgit/guile.git/commit/?h=stable-2.0&id=08c021916dbd3a235a9f9cc33df4c418c0724e03 -CVE-2016-8605 [Thread-unsafe umask modification] - RESERVED +CVE-2016-8605 (The mkdir procedure of GNU Guile temporarily changed the process' ...) {DLA-666-1} - guile-2.0 2.0.13+1-1 (low; bug #840556) [jessie] - guile-2.0 <no-dsa> (Minor issue) @@ -15999,114 +16300,114 @@ RESERVED CVE-2016-8476 RESERVED -CVE-2016-8475 - RESERVED -CVE-2016-8474 - RESERVED -CVE-2016-8473 - RESERVED -CVE-2016-8472 - RESERVED -CVE-2016-8471 - RESERVED -CVE-2016-8470 - RESERVED -CVE-2016-8469 - RESERVED -CVE-2016-8468 - RESERVED -CVE-2016-8467 - RESERVED -CVE-2016-8466 - RESERVED -CVE-2016-8465 - RESERVED -CVE-2016-8464 - RESERVED -CVE-2016-8463 - RESERVED -CVE-2016-8462 - RESERVED -CVE-2016-8461 - RESERVED -CVE-2016-8460 - RESERVED -CVE-2016-8459 - RESERVED -CVE-2016-8458 - RESERVED -CVE-2016-8457 - RESERVED -CVE-2016-8456 - RESERVED -CVE-2016-8455 - RESERVED -CVE-2016-8454 - RESERVED -CVE-2016-8453 - RESERVED -CVE-2016-8452 - RESERVED -CVE-2016-8451 - RESERVED -CVE-2016-8450 - RESERVED -CVE-2016-8449 - RESERVED -CVE-2016-8448 - RESERVED -CVE-2016-8447 - RESERVED -CVE-2016-8446 - RESERVED -CVE-2016-8445 - RESERVED -CVE-2016-8444 - RESERVED -CVE-2016-8443 - RESERVED -CVE-2016-8442 - RESERVED -CVE-2016-8441 - RESERVED -CVE-2016-8440 - RESERVED -CVE-2016-8439 - RESERVED -CVE-2016-8438 - RESERVED -CVE-2016-8437 - RESERVED -CVE-2016-8436 - RESERVED -CVE-2016-8435 - RESERVED -CVE-2016-8434 - RESERVED -CVE-2016-8433 - RESERVED -CVE-2016-8432 - RESERVED -CVE-2016-8431 - RESERVED -CVE-2016-8430 - RESERVED -CVE-2016-8429 - RESERVED -CVE-2016-8428 - RESERVED -CVE-2016-8427 - RESERVED -CVE-2016-8426 - RESERVED -CVE-2016-8425 - RESERVED -CVE-2016-8424 - RESERVED -CVE-2016-8423 - RESERVED -CVE-2016-8422 - RESERVED +CVE-2016-8475 (An information disclosure vulnerability in the HTC input driver could ...) + TODO: check +CVE-2016-8474 (An information disclosure vulnerability in the STMicroelectronics ...) + TODO: check +CVE-2016-8473 (An information disclosure vulnerability in the STMicroelectronics ...) + TODO: check +CVE-2016-8472 (An information disclosure vulnerability in the MediaTek driver could ...) + TODO: check +CVE-2016-8471 (An information disclosure vulnerability in the MediaTek driver could ...) + TODO: check +CVE-2016-8470 (An information disclosure vulnerability in the MediaTek driver could ...) + TODO: check +CVE-2016-8469 (An information disclosure vulnerability in the camera driver could ...) + TODO: check +CVE-2016-8468 (An elevation of privilege vulnerability in Binder could enable a local ...) + TODO: check +CVE-2016-8467 (An elevation of privilege vulnerability in the bootloader could enable ...) + TODO: check +CVE-2016-8466 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...) + TODO: check +CVE-2016-8465 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...) + TODO: check +CVE-2016-8464 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...) + TODO: check +CVE-2016-8463 (A denial of service vulnerability in the Qualcomm FUSE file system ...) + TODO: check +CVE-2016-8462 (An information disclosure vulnerability in the bootloader could enable ...) + TODO: check +CVE-2016-8461 (An information disclosure vulnerability in the bootloader could enable ...) + TODO: check +CVE-2016-8460 (An information disclosure vulnerability in the NVIDIA video driver ...) + TODO: check +CVE-2016-8459 (Possible buffer overflow in storage subsystem. Bad parameters as part ...) + TODO: check +CVE-2016-8458 (An elevation of privilege vulnerability in the Synaptics touchscreen ...) + TODO: check +CVE-2016-8457 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...) + TODO: check +CVE-2016-8456 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...) + TODO: check +CVE-2016-8455 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...) + TODO: check +CVE-2016-8454 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...) + TODO: check +CVE-2016-8453 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...) + TODO: check +CVE-2016-8452 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check +CVE-2016-8451 (An elevation of privilege vulnerability in the Synaptics touchscreen ...) + TODO: check +CVE-2016-8450 (An elevation of privilege vulnerability in the Qualcomm sound driver ...) + TODO: check +CVE-2016-8449 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2016-8448 (An elevation of privilege vulnerability in MediaTek components, ...) + TODO: check +CVE-2016-8447 (An elevation of privilege vulnerability in MediaTek components, ...) + TODO: check +CVE-2016-8446 (An elevation of privilege vulnerability in MediaTek components, ...) + TODO: check +CVE-2016-8445 (An elevation of privilege vulnerability in MediaTek components, ...) + TODO: check +CVE-2016-8444 (An elevation of privilege vulnerability in the Qualcomm camera could ...) + TODO: check +CVE-2016-8443 (Possible unauthorized memory access in the hypervisor. Incorrect ...) + TODO: check +CVE-2016-8442 (Possible unauthorized memory access in the hypervisor. Lack of input ...) + TODO: check +CVE-2016-8441 (Possible buffer overflow in the hypervisor. Inappropriate usage of a ...) + TODO: check +CVE-2016-8440 (Possible buffer overflow in SMMU system call. Improper input ...) + TODO: check +CVE-2016-8439 (Possible buffer overflow in trust zone access control API. Buffer ...) + TODO: check +CVE-2016-8438 (Integer overflow leading to a TOCTOU condition in hypervisor PIL. An ...) + TODO: check +CVE-2016-8437 (Improper input validation in Access Control APIs. Access control API ...) + TODO: check +CVE-2016-8436 (An elevation of privilege vulnerability in the Qualcomm video driver ...) + TODO: check +CVE-2016-8435 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2016-8434 (An elevation of privilege vulnerability in the Qualcomm GPU driver ...) + TODO: check +CVE-2016-8433 (An elevation of privilege vulnerability in the MediaTek driver could ...) + TODO: check +CVE-2016-8432 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2016-8431 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2016-8430 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2016-8429 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2016-8428 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2016-8427 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2016-8426 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2016-8425 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2016-8424 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2016-8423 (An elevation of privilege vulnerability in the Qualcomm bootloader ...) + TODO: check +CVE-2016-8422 (An elevation of privilege vulnerability in the Qualcomm bootloader ...) + TODO: check CVE-2016-8421 RESERVED CVE-2016-8420 @@ -16119,60 +16420,59 @@ RESERVED CVE-2016-8416 RESERVED -CVE-2016-8415 - RESERVED +CVE-2016-8415 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check CVE-2016-8414 RESERVED CVE-2016-8413 RESERVED -CVE-2016-8412 - RESERVED +CVE-2016-8412 (An elevation of privilege vulnerability in the Qualcomm camera could ...) + TODO: check CVE-2016-8411 RESERVED -CVE-2016-8410 - RESERVED -CVE-2016-8409 - RESERVED -CVE-2016-8408 - RESERVED -CVE-2016-8407 - RESERVED -CVE-2016-8406 - RESERVED -CVE-2016-8405 - RESERVED -CVE-2016-8404 - RESERVED -CVE-2016-8403 - RESERVED -CVE-2016-8402 - RESERVED -CVE-2016-8401 - RESERVED -CVE-2016-8400 - RESERVED -CVE-2016-8399 - RESERVED +CVE-2016-8410 (An information disclosure vulnerability in the Qualcomm sound driver ...) + TODO: check +CVE-2016-8409 (An information disclosure vulnerability in the NVIDIA video driver ...) + TODO: check +CVE-2016-8408 (An information disclosure vulnerability in the NVIDIA video driver ...) + TODO: check +CVE-2016-8407 (An information disclosure vulnerability in kernel components including ...) + TODO: check +CVE-2016-8406 (An information disclosure vulnerability in kernel components including ...) + TODO: check +CVE-2016-8405 (An information disclosure vulnerability in kernel components including ...) + TODO: check +CVE-2016-8404 (An information disclosure vulnerability in kernel components including ...) + TODO: check +CVE-2016-8403 (An information disclosure vulnerability in kernel components including ...) + TODO: check +CVE-2016-8402 (An information disclosure vulnerability in kernel components including ...) + TODO: check +CVE-2016-8401 (An information disclosure vulnerability in kernel components including ...) + TODO: check +CVE-2016-8400 (An information disclosure vulnerability in the NVIDIA librm library ...) + TODO: check +CVE-2016-8399 (An elevation of privilege vulnerability in the kernel networking ...) {DLA-772-1} - linux 4.8.15-1 [jessie] - linux 3.16.39-1 NOTE: Fixed by: https://git.kernel.org/linus/0eab121ef8750a5c8637d51534d5e9143fb0633f -CVE-2016-8398 - RESERVED -CVE-2016-8397 - RESERVED -CVE-2016-8396 - RESERVED -CVE-2016-8395 - RESERVED -CVE-2016-8394 - RESERVED -CVE-2016-8393 - RESERVED -CVE-2016-8392 - RESERVED -CVE-2016-8391 - RESERVED +CVE-2016-8398 (Unauthenticated messages processed by the UE. Certain NAS messages are ...) + TODO: check +CVE-2016-8397 (An information disclosure vulnerability in the NVIDIA video driver ...) + TODO: check +CVE-2016-8396 (An information disclosure vulnerability in the MediaTek video driver ...) + TODO: check +CVE-2016-8395 (A denial of service vulnerability in the NVIDIA camera driver could ...) + TODO: check +CVE-2016-8394 (An elevation of privilege vulnerability in the Synaptics touchscreen ...) + TODO: check +CVE-2016-8393 (An elevation of privilege vulnerability in the Synaptics touchscreen ...) + TODO: check +CVE-2016-8392 (An elevation of privilege vulnerability in the Qualcomm sound driver ...) + TODO: check +CVE-2016-8391 (An elevation of privilege vulnerability in the Qualcomm sound driver ...) + TODO: check CVE-2016-1000246 RESERVED CVE-2016-1000245 @@ -16697,8 +16997,8 @@ NOT-FOR-US: Lenovo CVE-2016-8222 (A vulnerability has been identified in a signed kernel driver for the ...) NOT-FOR-US: Lenovo -CVE-2016-8221 - RESERVED +CVE-2016-8221 (Privilege Escalation in Lenovo XClarity Administrator earlier than ...) + TODO: check CVE-2016-7423 (The mptsas_process_scsi_io_request function in QEMU (aka Quick ...) - qemu 1:2.7+dfsg-1 (bug #838145) [jessie] - qemu <not-affected> (Vulnerable code introduced later) @@ -16753,20 +17053,20 @@ RESERVED CVE-2016-8208 RESERVED -CVE-2016-8207 - RESERVED -CVE-2016-8206 - RESERVED -CVE-2016-8205 - RESERVED -CVE-2016-8204 - RESERVED +CVE-2016-8207 (A Directory Traversal vulnerability in CliMonitorReportServlet in the ...) + TODO: check +CVE-2016-8206 (A Directory Traversal vulnerability in servlet SoftwareImageUpload in ...) + TODO: check +CVE-2016-8205 (A Directory Traversal vulnerability in DashboardFileReceiveServlet in ...) + TODO: check +CVE-2016-8204 (A Directory Traversal vulnerability in FileReceiveServlet in the ...) + TODO: check CVE-2016-8203 (A memory corruption in the IPsec code path of Brocade NetIron OS on ...) NOT-FOR-US: Brocade CVE-2016-8202 RESERVED -CVE-2016-8201 - RESERVED +CVE-2016-8201 (A CSRF vulnerability in Brocade Virtual Traffic Manager versions ...) + TODO: check CVE-2016-7444 (The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS ...) - gnutls28 3.5.3-4 [jessie] - gnutls28 3.3.8-6+deb8u4 @@ -18158,8 +18458,7 @@ CVE-2016-7905 (The read_gab2_sub function in libavformat/avidec.c in FFmpeg before ...) - ffmpeg 7:3.1.4-1 (bug #840434) NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/622ccbd8ab894e3ac6cdf607e3d4f39e406786e9 (n3.1.4) -CVE-2016-7904 - RESERVED +CVE-2016-7904 (Cross-site request forgery (CSRF) vulnerability in CMS Made Simple ...) NOT-FOR-US: CMS Made Simple CVE-2016-7903 (Dotclear before 2.10.3, when the Host header is not part of the web ...) - dotclear <removed> @@ -18420,11 +18719,9 @@ - git-hub 0.10.2-2 (bug #839284) CVE-2016-7792 RESERVED -CVE-2016-7791 - RESERVED +CVE-2016-7791 (Exponent CMS 2.3.9 suffers from a remote code execution vulnerability ...) NOT-FOR-US: Exponent CMS -CVE-2016-7790 - RESERVED +CVE-2016-7790 (Exponent CMS 2.3.9 suffers from a remote code execution vulnerability ...) NOT-FOR-US: Exponent CMS CVE-2016-7789 RESERVED @@ -19198,14 +19495,12 @@ RESERVED CVE-2016-7435 (The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and ...) NOT-FOR-US: SAP Netweaver -CVE-2016-7434 - RESERVED +CVE-2016-7434 (The read_mru_list function in NTP before 4.2.8p9 allows remote ...) - ntp 1:4.2.8p9+dfsg-1 [jessie] - ntp <not-affected> (mrulist introduced in ntp-4.2.7p22, vulnerable code not present) NOTE: http://support.ntp.org/bin/view/Main/NtpBug3082 NOTE: Only possible to trigger from hosts in allow mrulist query. -CVE-2016-7433 - RESERVED +CVE-2016-7433 (NTP before 4.2.8p9 does not properly perform the initial sync ...) - ntp 1:4.2.8p9+dfsg-1 [jessie] - ntp <not-affected> (Vulnerable code introduced in ntp-4.2.7p385) [wheezy] - ntp <not-affected> (Vulnerable code introduced in ntp-4.2.7p385) @@ -19215,22 +19510,19 @@ NOTE: itself in general is incorrect in all version of ntp-4 until ntp-4.2.8p9 CVE-2016-7432 RESERVED -CVE-2016-7431 - RESERVED +CVE-2016-7431 (NTP before 4.2.8p9 allows remote attackers to bypass the origin ...) - ntp 1:4.2.8p9+dfsg-1 [jessie] - ntp <not-affected> (Vulnerable code not present) [wheezy] - ntp <not-affected> (Vulnerable code introduced later) NOTE: http://support.ntp.org/bin/view/Main/NtpBug3102 CVE-2016-7430 RESERVED -CVE-2016-7429 - RESERVED +CVE-2016-7429 (NTP before 4.2.8p9 changes the peer structure to the interface it ...) - ntp 1:4.2.8p9+dfsg-1 [jessie] - ntp <no-dsa> (Minor issue) [wheezy] - ntp <no-dsa> (Minor issue, only possible if rp_filter is 0) NOTE: http://support.ntp.org/bin/view/Main/NtpBug3072 -CVE-2016-7428 - RESERVED +CVE-2016-7428 (ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial ...) - ntp 1:4.2.8p9+dfsg-1 [jessie] - ntp <not-affected> (Vulnerable code not present) [wheezy] - ntp <not-affected> (Vulnerable code not present) @@ -19239,8 +19531,7 @@ NOTE: The fixes for CVE-2015-7973 have added several new integrity checks on incoming NOTE: broadcast mode packets and issue got introduced with code changes to fix that NOTE: issue. -CVE-2016-7427 - RESERVED +CVE-2016-7427 (The broadcast mode replay prevention functionality in ntpd in NTP ...) - ntp 1:4.2.8p9+dfsg-1 [jessie] - ntp <not-affected> (Vulnerable code not present) [wheezy] - ntp <not-affected> (Vulnerable code not present) @@ -19249,8 +19540,7 @@ NOTE: The fixes for CVE-2015-7973 have added several new integrity checks on incoming NOTE: broadcast mode packets and issue got introduced with code changes to fix that NOTE: issue. -CVE-2016-7426 - RESERVED +CVE-2016-7426 (NTP before 4.2.8p9 rate limits responses received from the configured ...) - ntp 1:4.2.8p9+dfsg-1 [jessie] - ntp <no-dsa> (Minor issue) NOTE: http://support.ntp.org/bin/view/Main/NtpBug3071 @@ -19921,8 +20211,8 @@ TODO: check CVE-2016-1000213 (Ruckus Wireless H500 web management interface CSRF ...) TODO: check -CVE-2010-5327 - RESERVED +CVE-2010-5327 (Liferay Portal through 6.2.10 allows remote authenticated users to ...) + TODO: check CVE-2016-7551 [AST-2016-007] RESERVED {DSA-3700-1 DLA-781-1} @@ -21249,82 +21539,82 @@ NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-6792 RESERVED -CVE-2016-6791 - RESERVED -CVE-2016-6790 - RESERVED -CVE-2016-6789 - RESERVED -CVE-2016-6788 - RESERVED +CVE-2016-6791 (An elevation of privilege vulnerability in the Qualcomm sound driver ...) + TODO: check +CVE-2016-6790 (An elevation of privilege vulnerability in the NVIDIA libomx library ...) + TODO: check +CVE-2016-6789 (An elevation of privilege vulnerability in the NVIDIA libomx library ...) + TODO: check +CVE-2016-6788 (An elevation of privilege vulnerability in the MediaTek I2C driver ...) + TODO: check CVE-2016-6787 (kernel/events/core.c in the performance subsystem in the Linux kernel ...) - linux 4.0.2-1 NOTE: Fixed by: https://git.kernel.org/linus/f63a8daa5812afef4f06c962351687e1ff9ccb2b (v4.0-rc1) CVE-2016-6786 (kernel/events/core.c in the performance subsystem in the Linux kernel ...) - linux 4.0.2-1 NOTE: Fixed by: https://git.kernel.org/linus/f63a8daa5812afef4f06c962351687e1ff9ccb2b (v4.0-rc1) -CVE-2016-6785 - RESERVED -CVE-2016-6784 - RESERVED -CVE-2016-6783 - RESERVED -CVE-2016-6782 - RESERVED -CVE-2016-6781 - RESERVED -CVE-2016-6780 - RESERVED -CVE-2016-6779 - RESERVED -CVE-2016-6778 - RESERVED -CVE-2016-6777 - RESERVED -CVE-2016-6776 - RESERVED -CVE-2016-6775 - RESERVED -CVE-2016-6774 - RESERVED -CVE-2016-6773 - RESERVED -CVE-2016-6772 - RESERVED -CVE-2016-6771 - RESERVED -CVE-2016-6770 - RESERVED -CVE-2016-6769 - RESERVED -CVE-2016-6768 - RESERVED -CVE-2016-6767 - RESERVED -CVE-2016-6766 - RESERVED -CVE-2016-6765 - RESERVED -CVE-2016-6764 - RESERVED -CVE-2016-6763 - RESERVED -CVE-2016-6762 - RESERVED -CVE-2016-6761 - RESERVED -CVE-2016-6760 - RESERVED -CVE-2016-6759 - RESERVED -CVE-2016-6758 - RESERVED -CVE-2016-6757 - RESERVED -CVE-2016-6756 - RESERVED -CVE-2016-6755 - RESERVED +CVE-2016-6785 (An elevation of privilege vulnerability in the MediaTek driver could ...) + TODO: check +CVE-2016-6784 (An elevation of privilege vulnerability in the MediaTek driver could ...) + TODO: check +CVE-2016-6783 (An elevation of privilege vulnerability in the MediaTek driver could ...) + TODO: check +CVE-2016-6782 (An elevation of privilege vulnerability in the MediaTek driver could ...) + TODO: check +CVE-2016-6781 (An elevation of privilege vulnerability in the MediaTek driver could ...) + TODO: check +CVE-2016-6780 (An elevation of privilege vulnerability in the HTC sound codec driver ...) + TODO: check +CVE-2016-6779 (An elevation of privilege vulnerability in the HTC sound codec driver ...) + TODO: check +CVE-2016-6778 (An elevation of privilege vulnerability in the HTC sound codec driver ...) + TODO: check +CVE-2016-6777 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2016-6776 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2016-6775 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2016-6774 (An information disclosure vulnerability in Package Manager could ...) + TODO: check +CVE-2016-6773 (An information disclosure vulnerability in the ih264d decoder in ...) + TODO: check +CVE-2016-6772 (An elevation of privilege vulnerability in Wi-Fi could enable a local ...) + TODO: check +CVE-2016-6771 (An elevation of privilege vulnerability in Telephony could enable a ...) + TODO: check +CVE-2016-6770 (An elevation of privilege vulnerability in the Framework API could ...) + TODO: check +CVE-2016-6769 (An elevation of privilege vulnerability in Smart Lock could enable a ...) + TODO: check +CVE-2016-6768 (A remote code execution vulnerability in the Framesequence library ...) + TODO: check +CVE-2016-6767 (A denial of service vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2016-6766 (A denial of service vulnerability in libmedia and libstagefright in ...) + TODO: check +CVE-2016-6765 (A denial of service vulnerability in libstagefright in Mediaserver ...) + TODO: check +CVE-2016-6764 (A denial of service vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2016-6763 (A denial of service vulnerability in Telephony could enable a local ...) + TODO: check +CVE-2016-6762 (An elevation of privilege vulnerability in the libziparchive library ...) + TODO: check +CVE-2016-6761 (An elevation of privilege vulnerability in Qualcomm media codecs could ...) + TODO: check +CVE-2016-6760 (An elevation of privilege vulnerability in Qualcomm media codecs could ...) + TODO: check +CVE-2016-6759 (An elevation of privilege vulnerability in Qualcomm media codecs could ...) + TODO: check +CVE-2016-6758 (An elevation of privilege vulnerability in Qualcomm media codecs could ...) + TODO: check +CVE-2016-6757 (An information disclosure vulnerability in Qualcomm components ...) + TODO: check +CVE-2016-6756 (An information disclosure vulnerability in Qualcomm components ...) + TODO: check +CVE-2016-6755 (An elevation of privilege vulnerability in the Qualcomm camera driver ...) + TODO: check CVE-2016-6754 (A remote code execution vulnerability in Webview in Android 5.0.x ...) TODO: check CVE-2016-6753 (An information disclosure vulnerability in kernel components, ...) @@ -21681,16 +21971,13 @@ - imagemagick 8:6.9.6.2+dfsg-2 (bug #833730) NOTE: https://github.com/ImageMagick/ImageMagick/commit/989f9f88ea6db09b99d25586e912c921c0da8d3f NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 -CVE-2016-6887 [... wrong calculation result ...] - RESERVED +CVE-2016-6887 (The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not ...) - matrixssl <removed> [wheezy] - matrixssl <end-of-life> (not supported in Wheezy) -CVE-2016-6886 [... crash issue ...] - RESERVED +CVE-2016-6886 (The pstm_reverse function in MatrixSSL before 3.8.4 allows remote ...) - matrixssl <removed> [wheezy] - matrixssl <end-of-life> (not supported in Wheezy) -CVE-2016-6885 [... Testing MatrixSSL's pstm_exptmod with base zero ...] - RESERVED +CVE-2016-6885 (The pstm_exptmod function in MatrixSSL before 3.8.4 allows remote ...) - matrixssl <removed> [wheezy] - matrixssl <end-of-life> (not supported in Wheezy) CVE-2016-6884 [Access Violation on Malicious TLS Record] @@ -22338,8 +22625,7 @@ NOTE: Fixed in experimental 1:2.6.11-1, first version in unstable 1:2.6.12-1 NOTE: https://jira.mongodb.org/browse/SERVER-9476 NOTE: Fixed by: https://github.com/mongodb/mongo/commit/f85ceb17b37210eef71e8113162c41368bfd5c12 -CVE-2016-6492 - RESERVED +CVE-2016-6492 (The MT6573FDVT_SetRegHW function in camera_fdvt.c in the MediaTek ...) NOT-FOR-US: Out of tree driver from https://github.com/jawad6233/MT6795.kernel CVE-2016-6488 RESERVED @@ -25063,8 +25349,7 @@ NOTE: https://movabletype.org/news/2016/06/movable_type_626_and_613_released.html NOTE: http://www.openwall.com/lists/oss-security/2016/06/22/3 NOTE: https://github.com/movabletype/movabletype/commit/42113544e7d8ebf6064b7b01b921734b667a1682 -CVE-2016-5737 - RESERVED +CVE-2016-5737 (The Gerrit configuration in the Openstack Puppet module for Gerrit ...) NOT-FOR-US: Openstack-infra puppet-gerrit module CVE-2016-5729 (Lenovo BIOS EFI Driver allows local administrators to execute ...) NOT-FOR-US: Lenovo @@ -25105,8 +25390,8 @@ RESERVED CVE-2016-5716 RESERVED -CVE-2016-5715 - RESERVED +CVE-2016-5715 (Open redirect vulnerability in the Console in Puppet Enterprise 2015.x ...) + TODO: check CVE-2016-5714 RESERVED CVE-2016-5713 @@ -33391,14 +33676,14 @@ NOTE: https://bugs.php.net/bug.php?id=70350 NOTE: https://bugs.php.net/bug.php?id=67996 NOTE: https://github.com/facebook/hhvm/commit/65c95a01541dd2fbc9c978ac53bed235b5376686 -CVE-2016-3152 - RESERVED -CVE-2016-3151 - RESERVED -CVE-2016-3150 - RESERVED -CVE-2016-3149 - RESERVED +CVE-2016-3152 (Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow ...) + TODO: check +CVE-2016-3151 (Directory traversal vulnerability in the wallpaper parsing ...) + TODO: check +CVE-2016-3150 (Cross-site scripting (XSS) vulnerability in wallpaper.php in the Base ...) + TODO: check +CVE-2016-3149 (Barco ClickShare CSC-1 devices with firmware before 01.09.03 and CSM-1 ...) + TODO: check CVE-2016-3148 RESERVED CVE-2016-3147 @@ -33424,12 +33709,12 @@ NOTE: http://git.php.net/?p=php-src.git;a=commit;h=28a6ed9f9a36b9c517e4a8a429baf4dd382fc5d5 CVE-2016-3131 RESERVED -CVE-2016-3130 - RESERVED +CVE-2016-3130 (An information disclosure vulnerability in the Core and Management ...) + TODO: check CVE-2016-3129 (A remote shell execution vulnerability in the BlackBerry Good ...) TODO: check -CVE-2016-3128 - RESERVED +CVE-2016-3128 (A spoofing vulnerability in the Core of BlackBerry Enterprise Server ...) + TODO: check CVE-2016-3127 RESERVED CVE-2016-3126 (Cross-site scripting (XSS) vulnerability in the Management Console in ...) @@ -37238,8 +37523,7 @@ [jessie] - dwarfutils 20120410-2+deb8u1 NOTE: http://www.openwall.com/lists/oss-security/2016/01/19/3 NOTE: Fixed by http://sourceforge.net/p/libdwarf/code/ci/9565964f26966d8391fe2cfa8e6e8e59278c5f91 -CVE-2016-2090 [Heap buffer overflow in fgetwln function of libbsd] - RESERVED +CVE-2016-2090 (Off-by-one vulnerability in the fgetwln function in libbsd before ...) - libbsd 0.8.2-1 [jessie] - libbsd <no-dsa> (Minor issue) [wheezy] - libbsd <not-affected> (Vulnerable code not present) @@ -41472,7 +41756,7 @@ RESERVED CVE-2016-0918 (EMC RSA Identity Management and Governance before 6.8.1 P25 and 6.9.x ...) NOT-FOR-US: EMC RSA Identity Governance and Lifecycle -CVE-2016-0917 (The SMB service in EMC VNXe, VNX1 File OE before 7.1.80.3, and VNX2 ...) +CVE-2016-0917 (The SMB service in EMC VNXe (VNXe3200 Operating Environment prior to ...) NOT-FOR-US: EMC VNX CVE-2016-0916 (EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before ...) NOT-FOR-US: EMC NetWorker @@ -50085,8 +50369,8 @@ RESERVED CVE-2015-6502 RESERVED -CVE-2015-6501 - RESERVED +CVE-2015-6501 (Open redirect vulnerability in the Console in Puppet Enterprise before ...) + TODO: check CVE-2015-6500 (Directory traversal vulnerability in ownCloud Server before 8.0.6 and ...) {DSA-3373-1} - owncloud 7.0.10~dfsg-2 (bug #800126) @@ -59517,8 +59801,7 @@ RESERVED CVE-2015-3189 RESERVED -CVE-2015-3188 - RESERVED +CVE-2015-3188 (The UI daemon in Apache Storm 0.10.0 before 0.10.0-beta1 allows remote ...) NOT-FOR-US: Apache Storm CVE-2015-3187 (The svn_repos_trace_node_locations function in Apache Subversion ...) {DSA-3331-1 DLA-293-1} _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits