Author: sectracker
Date: 2017-01-29 21:10:13 +0000 (Sun, 29 Jan 2017)
New Revision: 48541
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-29 20:50:48 UTC (rev 48540)
+++ data/CVE/list 2017-01-29 21:10:13 UTC (rev 48541)
@@ -90,6 +90,7 @@
NOTE:
https://github.com/libgd/libgd/commit/60bfb401ad5a4a8ae995dcd36372fe15c71e1a35
NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1
CVE-2016-10167 [Fix DOS vulnerability in gdImageCreateFromGd2Ctx()]
+ {DLA-804-1}
- php7.1 7.1.1-1 (unimportant)
- php7.0 7.0.15-1 (unimportant)
- php5 <removed> (unimportant)
@@ -99,6 +100,7 @@
NOTE:
https://github.com/libgd/libgd/commit/fe9ed49dafa993e3af96b6a5a589efeea9bfb36f
NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1
CVE-2016-10168 [Fix #354: Signed Integer Overflow gd_io.c]
+ {DLA-804-1}
- php7.1 7.1.1-1 (unimportant)
- php7.0 7.0.15-1 (unimportant)
- php5 <removed> (unimportant)
@@ -158,7 +160,7 @@
NOTE: all minor issues
CVE-2016-10165 [heap OOB read parsing crafted ICC profile]
RESERVED
- {DLA-803-1}
+ {DSA-3774-1 DLA-803-1}
- lcms2 2.8-4 (bug #852627)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1367357
NOTE:
https://github.com/mm2/Little-CMS/commit/5ca71a7bc18b6897ab21d815d15e218e204581e2
@@ -515,18 +517,23 @@
- b2evolution <removed>
CVE-2017-5486 [buffer overflow in print-isoclns.c:clnp_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5485 [buffer overflow in addrtoname.c:lookup_nsap()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5484 [buffer overflow in print-atm.c:sig_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5483 [buffer overflow in print-snmp.c:asn1_parse()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5482 [buffer overflow in print-fr.c:q933_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5481
RESERVED
@@ -954,6 +961,7 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456
NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
CVE-2016-10140 (Information disclosure and authentication bypass vulnerability
exists ...)
+ {DLA-806-1}
- zoneminder <unfixed> (bug #851710)
NOTE: https://github.com/ZoneMinder/ZoneMinder/pull/1697
NOTE:
https://github.com/ZoneMinder/ZoneMinder/commit/6361f143878ce00659f64ce42593951d773e4e63
@@ -1053,9 +1061,11 @@
RESERVED
CVE-2017-5342 [bug in multiple protocol parsers could cause buffer overflow in
print-ether.c:ether_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5341 [buffer overflow in print-otv.c:otv_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-10141 (An integer overflow vulnerability was observed in the regemit
function ...)
NOT-FOR-US: MuJS
@@ -1323,15 +1333,19 @@
NOTE:
https://github.com/libimobiledevice/libplist/commit/3a55ddd3c4c11ce75a86afbefd085d8d397ff957
CVE-2017-5205 [buffer overflow in print-isakmp.c:ikev2_e_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5204 [buffer overflow in print-ip6.c:ip6_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5203 [buffer overflow in print-bootp.c:bootp_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5202 [buffer overflow in print-isoclns.c:clnp_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5201
RESERVED
@@ -13750,7 +13764,7 @@
CVE-2016-9454
RESERVED
CVE-2016-9444 (named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5,
and ...)
- {DSA-3758-1}
+ {DSA-3758-1 DLA-805-1}
[experimental] - bind9 1:9.10.4-P5-1
- bind9 1:9.10.3.dfsg.P4-11 (bug #851062)
NOTE: https://kb.isc.org/article/AA-01441/0
@@ -14405,6 +14419,7 @@
NOTE: The reason is that the correction is to introduce a new option
that can be specified if this new behaviour
NOTE: is wanted. It is not enforced by default.
CVE-2016-9317 (The gdImageCreate function in the GD Graphics Library (aka
libgd) ...)
+ {DLA-804-1}
- libgd2 2.2.4-1
NOTE:
https://github.com/libgd/libgd/commit/6944ea10cb730d5071620439c6c2e823e6caeff1
NOTE: https://github.com/libgd/libgd/issues/340
@@ -14907,7 +14922,7 @@
CVE-2016-9148
RESERVED
CVE-2016-9147 (named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1
allows ...)
- {DSA-3758-1}
+ {DSA-3758-1 DLA-805-1}
[experimental] - bind9 1:9.10.4-P5-1
- bind9 1:9.10.3.dfsg.P4-11 (bug #851063)
NOTE: https://kb.isc.org/article/AA-01440/0
@@ -15000,7 +15015,7 @@
NOTE: Fixed by:
https://github.com/randombit/botan/commit/987ad747db6d0d7e36f840398f3cf02e2fbfd90f
NOTE: Not believed to be exploitable in practice
CVE-2016-9131 (named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5,
and ...)
- {DSA-3758-1}
+ {DSA-3758-1 DLA-805-1}
[experimental] - bind9 1:9.10.4-P5-1
- bind9 1:9.10.3.dfsg.P4-11 (bug #851065)
NOTE: https://kb.isc.org/article/AA-01439/0
@@ -16799,9 +16814,11 @@
NOTE:
https://github.com/lucab/docker2aci/commit/54331ec7020e102935c31096f336d31f6400064f
CVE-2016-8575 [buffer overflow in print-fr.c:q933_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-8574 [buffer overflow in print-fr.c:frf15_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-8573
RESERVED
@@ -18934,9 +18951,11 @@
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg04129.html
CVE-2016-7993 [buffer overflow in multiple protocol parsers]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7992 [buffer overflow in print-cip.c:cip_if_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7991 (On Samsung Galaxy S4 through S7 devices, the "omacp"
app ignores ...)
NOT-FOR-US: Samsung
@@ -18950,15 +18969,19 @@
RESERVED
CVE-2016-7986 [buffer overflow in print-geonet.c, multiple functions]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7985 [buffer overflow in print-calm-fast.c:calm_fast_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7984 [buffer overflow in print-tftp.c:tftp_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7983 [buffer overflow in print-bootp.c:bootp_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7982 (Directory traversal vulnerability in
ecrire/exec/valider_xml.php in ...)
{DLA-695-1}
@@ -18998,12 +19021,15 @@
NOTE: reproducible in Wheezy (2.1.17-1+deb7u5) and Jessie
(3.0.17-2+deb8u2)
CVE-2016-7975 [buffer overflow in print-tcp.c:tcp_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7974 [buffer overflow in print-ip.c, multiple functions]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7973 [buffer overflow in print-atalk.c, multiple functions]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7972
RESERVED
@@ -19160,60 +19186,79 @@
RESERVED
CVE-2016-7940 [buffer overflow in print-stp.c, multiple functions]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7939 [buffer overflow in print-gre.c, multiple functions]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7938 [integer overflow in print-zeromq.c:zmtp1_print_frame()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7937 [buffer overflow in print-udp.c:vat_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7936 [buffer overflow in print-udp.c:udp_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7935 [buffer overflow in print-udp.c:rtp_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7934 [buffer overflow in print-udp.c:rtcp_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7933 [buffer overflow in print-ppp.c:ppp_hdlc_if_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7932 [buffer overflow in print-pim.c:pimv2_check_checksum()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7931 [buffer overflow in print-mpls.c:mpls_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7930 [buffer overflow in print-llc.c:llc_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7929 [buffer overflow in print-juniper.c:juniper_parse_header()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7928 [buffer overflow in print-ipcomp.c:ipcomp_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7927 [buffer overflow in print-802_11.c:ieee802_11_radio_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7926 [buffer overflow in print-ether.c:ethertype_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7925 [buffer overflow in print-sl.c:sl_if_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7924 [buffer overflow in print-atm.c:oam_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7923 [buffer overflow in print-arp.c:arp_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7922 [buffer overflow in print-ah.c:ah_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-7920
RESERVED
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
