Author: sectracker Date: 2017-03-24 21:10:12 +0000 (Fri, 24 Mar 2017) New Revision: 50006
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-03-24 19:32:32 UTC (rev 50005) +++ data/CVE/list 2017-03-24 21:10:12 UTC (rev 50006) @@ -1,3 +1,29 @@ +CVE-2017-7260 + RESERVED +CVE-2017-7259 + RESERVED +CVE-2017-7258 + RESERVED +CVE-2017-7257 (XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add ...) + TODO: check +CVE-2017-7256 (XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add ...) + TODO: check +CVE-2017-7255 (XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add ...) + TODO: check +CVE-2016-10272 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...) + TODO: check +CVE-2016-10271 (tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a ...) + TODO: check +CVE-2016-10270 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...) + TODO: check +CVE-2016-10269 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...) + TODO: check +CVE-2016-10268 (tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a ...) + TODO: check +CVE-2016-10267 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...) + TODO: check +CVE-2016-10266 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...) + TODO: check CVE-2017-7254 RESERVED CVE-2017-7253 @@ -32,14 +58,14 @@ [wheezy] - pcre3 <not-affected> (Vulnerable code not present) NOTE: https://blogs.gentoo.org/ago/2017/03/20/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c/ NOTE: pcre32 support enabled only in pcre3/1:8.35-4 -CVE-2017-7243 - RESERVED +CVE-2017-7243 (Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause ...) + TODO: check CVE-2017-7242 (Multiple Cross-Site Scripting (XSS) were discovered in admin/modules ...) NOT-FOR-US: SLiMS CVE-2017-7241 RESERVED -CVE-2017-7240 - RESERVED +CVE-2017-7240 (An issue was discovered on Miele Professional PG 8528 PST10 devices. ...) + TODO: check CVE-2017-7239 RESERVED CVE-2017-7238 @@ -2991,8 +3017,7 @@ CVE-2017-6088 RESERVED NOT-FOR-US: EyesOfNetwork -CVE-2017-6087 - RESERVED +CVE-2017-6087 (EyesOfNetwork ("EON") 5.0 and earlier allows remote authenticated ...) NOT-FOR-US: EyesOfNetwork CVE-2017-6086 RESERVED @@ -3684,8 +3709,7 @@ RESERVED CVE-2017-5870 RESERVED -CVE-2017-5869 - RESERVED +CVE-2017-5869 (Directory traversal vulnerability in the file import feature in Nuxeo ...) NOT-FOR-US: Nuxeo CVE-2017-5868 RESERVED @@ -4311,8 +4335,7 @@ RESERVED CVE-2017-5645 RESERVED -CVE-2017-5644 [denial-of-service] - RESERVED +CVE-2017-5644 (Apache POI in versions prior to release 3.15 allows remote attackers ...) - libapache-poi-java <unfixed> (bug #858301) [jessie] - libapache-poi-java <no-dsa> (Minor issue) [wheezy] - libapache-poi-java <no-dsa> (Minor issue) @@ -4811,18 +4834,22 @@ NOTE: Fixed by: https://github.com/systemd/systemd/commit/06eeacb6fe029804f296b065b3ce91e796e1cd0e (v229) NOTE: Introduced by: https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f (v228) CVE-2017-5616 (Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho ...) + {DLA-869-1} - cgiemail <removed> (bug #852031) [jessie] - cgiemail <no-dsa> (Will be removed in next point update) NOTE: http://www.openwall.com/lists/oss-security/2017/01/20/6 CVE-2017-5615 (cgiemail and cgiecho allow remote attackers to inject HTTP headers via ...) + {DLA-869-1} - cgiemail <removed> (bug #852031) [jessie] - cgiemail <no-dsa> (Will be removed in next point update) NOTE: http://www.openwall.com/lists/oss-security/2017/01/20/6 CVE-2017-5614 (Open redirect vulnerability in cgiemail and cgiecho allows remote ...) + {DLA-869-1} - cgiemail <removed> (bug #852031) [jessie] - cgiemail <no-dsa> (Will be removed in next point update) NOTE: http://www.openwall.com/lists/oss-security/2017/01/20/6 CVE-2017-5613 (Format string vulnerability in cgiemail and cgiecho allows remote ...) + {DLA-869-1} - cgiemail <removed> (bug #852031) [jessie] - cgiemail <no-dsa> (Will be removed in next point update) NOTE: http://www.openwall.com/lists/oss-security/2017/01/20/6 @@ -5524,28 +5551,24 @@ NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00017-jasper-leftshift-jas_math_h NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/ NOTE: https://github.com/mdadams/jasper/issues/62 -CVE-2017-5506 [double free in profile] - RESERVED +CVE-2017-5506 (Double free vulnerability in magick/profile.c in ImageMagick allows ...) {DSA-3799-1 DLA-807-1} - imagemagick 8:6.9.7.4+dfsg-1 (bug #851383) NOTE: https://github.com/ImageMagick/ImageMagick/issues/354 NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 NOTE: https://github.com/ImageMagick/ImageMagick/commit/6235f1f7a9f7b0f83b197f6cd0073dbb6602d0fb -CVE-2017-5507 [memory leak in MPC file handling] - RESERVED +CVE-2017-5507 (Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x ...) {DSA-3799-1 DLA-807-1} - imagemagick 8:6.9.7.4+dfsg-1 (bug #851382) NOTE: https://github.com/ImageMagick/ImageMagick/commit/4493d9ca1124564da17f9b628ef9d0f1a6be9738 NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 -CVE-2017-5508 [Crash - PushQuantumPixel - Heap-Buffer-Overflow (TIFF)] - RESERVED +CVE-2017-5508 (Heap-based buffer overflow in the PushQuantumPixel function in ...) {DSA-3799-1 DLA-807-1} - imagemagick 8:6.9.7.4+dfsg-1 (bug #851381) NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31161 NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 NOTE: https://github.com/ImageMagick/ImageMagick/commit/379e21cd32483df6e128147af3bc4ce1f82eb9c4 -CVE-2016-10146 [memory leak in caption and label handling] - RESERVED +CVE-2016-10146 (Multiple memory leaks in the caption and label handling code in ...) {DSA-3799-1 DLA-807-1} - imagemagick 8:6.9.7.0+dfsg-2 (bug #851380) NOTE: https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456 @@ -5556,35 +5579,30 @@ NOTE: https://github.com/ZoneMinder/ZoneMinder/pull/1697 NOTE: https://github.com/ZoneMinder/ZoneMinder/commit/6361f143878ce00659f64ce42593951d773e4e63 NOTE: https://github.com/ZoneMinder/ZoneMinder/commit/aa0a4d1f5ad2c493f2bed175991e92c466ac3dc4 -CVE-2017-5509 [out of bound in psd file handling] - RESERVED +CVE-2017-5509 (coders/psd.c in ImageMagick allows remote attackers to have ...) - imagemagick 8:6.9.7.4+dfsg-1 (bug #851377) [jessie] - imagemagick <not-affected> (Vulnerable code not present) [wheezy] - imagemagick <not-affected> (Vulnerable code not present) NOTE: https://github.com/ImageMagick/ImageMagick/issues/350 NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 -CVE-2017-5510 [memory corruption heap overflow, psb file related, another one] - RESERVED +CVE-2017-5510 (coders/psd.c in ImageMagick allows remote attackers to have ...) {DSA-3799-1 DLA-807-1} - imagemagick 8:6.9.7.4+dfsg-1 (bug #851376) NOTE: https://github.com/ImageMagick/ImageMagick/issues/348 NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 NOTE: https://github.com/ImageMagick/ImageMagick/commit/e87af64b1ff1635a32d9b6162f1b0e260fb54ed9 -CVE-2017-5511 [memory corruption heap overflow, psb file related] - RESERVED +CVE-2017-5511 (coders/psd.c in ImageMagick allows remote attackers to have ...) {DSA-3799-1 DLA-807-1} - imagemagick 8:6.9.7.4+dfsg-1 (bug #851374) NOTE: https://github.com/ImageMagick/ImageMagick/issues/347 NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 NOTE: https://github.com/ImageMagick/ImageMagick/commit/7d65a814ac76bd04760072c33e452371692ee790 -CVE-2016-10144 [ipl file missing malloc check] - RESERVED +CVE-2016-10144 (coders/ipl.c in ImageMagick allows remote attackers to have unspecific ...) {DSA-3799-1 DLA-807-1} - imagemagick 8:6.9.7.4+dfsg-1 (bug #851485) NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/97566cf2806c0a5a86e884c96831a0c3b1ec6c20 NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 -CVE-2016-10145 [wpg file off by one] - RESERVED +CVE-2016-10145 (Off-by-one error in coders/wpg.c in ImageMagick allows remote ...) {DSA-3799-1 DLA-807-1} - imagemagick 8:6.9.7.4+dfsg-1 (bug #851483) NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/d23beebe7b1179fb75db1e85fbca3100e49593d9 @@ -5671,11 +5689,9 @@ - tcpdump 4.9.0-1 CVE-2016-10141 (An integer overflow vulnerability was observed in the regemit function ...) NOT-FOR-US: MuJS -CVE-2016-10133 - RESERVED +CVE-2016-10133 (Heap-based buffer overflow in the js_stackoverflow function in jsrun.c ...) NOT-FOR-US: MuJS -CVE-2016-10132 - RESERVED +CVE-2016-10132 (regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a ...) NOT-FOR-US: MuJS CVE-2016-10131 (system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote ...) NOT-FOR-US: CodeIgniter @@ -5963,18 +5979,15 @@ - libgit2 <unfixed> (unimportant; bug #851406) NOTE: https://github.com/libgit2/libgit2/commit/98d66240ecb7765e191da19b535c75c92ccc90fe (v0.25.1) NOTE: https://github.com/libgit2/libgit2/commit/ca531956619f021913ac01669b3818a705b7b676 (v0.24.6) -CVE-2016-10130 [http: check certificate validity before clobbering the error variable] - RESERVED +CVE-2016-10130 (The http_connect function in transports/http.c in libgit2 before ...) - libgit2 <unfixed> (bug #851406) NOTE: https://github.com/libgit2/libgit2/commit/9a64e62f0f20c9cf9b2e1609f037060eb2d8eb22 (v0.25.1) NOTE: https://github.com/libgit2/libgit2/commit/b5c6a1b407b7f8b952bded2789593b68b1876211 (v0.24.6) -CVE-2016-10129 [smart_pkt: treat empty packet lines as error] - RESERVED +CVE-2016-10129 (The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x ...) - libgit2 <unfixed> (bug #851406) NOTE: https://github.com/libgit2/libgit2/commit/2fdef641fd0dd2828bd948234ae86de75221a11a (v0.25.1) NOTE: https://github.com/libgit2/libgit2/commit/84d30d569ada986f3eef527cbdb932643c2dd037 (v0.24.6) -CVE-2016-10128 [smart_pkt: verify packet length exceeds PKT_LEN_SIZE] - RESERVED +CVE-2016-10128 (Buffer overflow in the git_pkt_parse_line function in ...) - libgit2 <unfixed> (bug #851406) NOTE: https://github.com/libgit2/libgit2/commit/66e3774d279672ee51c3b54545a79d20d1ada834 (v0.25.1) NOTE: https://github.com/libgit2/libgit2/commit/4ac39c76c0153d1ee6889a0984c39e97731684b2 (v0.24.6) @@ -5987,8 +6000,7 @@ NOTE: https://github.com/rohe/pysaml2/issues/366 NOTE: A proper fix for this issue would be to fix the underlying issue in src:libxml2 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1411794#c12 -CVE-2016-10149 [CWE-776 (Entity Expansion)] - RESERVED +CVE-2016-10149 (XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier ...) {DSA-3759-1} - python-pysaml2 3.0.0-5 (bug #850716) NOTE: NOTE: https://github.com/rohe/pysaml2/pull/379 @@ -6002,26 +6014,22 @@ - zabbix 1:3.0.4+dfsg-1 (bug #850936) NOTE: https://support.zabbix.com/browse/ZBX-11023 NOTE: http://www.openwall.com/lists/oss-security/2017/01/12/4 -CVE-2017-5337 - RESERVED +CVE-2017-5337 (Multiple heap-based buffer overflows in the read_attribute function in ...) - gnutls28 3.5.8-1 [jessie] - gnutls28 <no-dsa> (Minor issue, will be fixed via point update) NOTE: https://gnutls.org/security.html#GNUTLS-SA-2017-2 NOTE: https://gitlab.com/gnutls/gnutls/commit/94fcf1645ea17223237aaf8d19132e004afddc1a -CVE-2017-5336 - RESERVED +CVE-2017-5336 (Stack-based buffer overflow in the cdk_pk_get_keyid function in ...) - gnutls28 3.5.8-1 [jessie] - gnutls28 <no-dsa> (Minor issue, will be fixed via point update) NOTE: https://gnutls.org/security.html#GNUTLS-SA-2017-2 NOTE: https://gitlab.com/gnutls/gnutls/commit/5140422e0d7319a8e2fe07f02cbcafc4d6538732 -CVE-2017-5335 - RESERVED +CVE-2017-5335 (The stream reading functions in lib/opencdk/read-packet.c in GnuTLS ...) - gnutls28 3.5.8-1 [jessie] - gnutls28 <no-dsa> (Minor issue, will be fixed via point update) NOTE: https://gnutls.org/security.html#GNUTLS-SA-2017-2 NOTE: https://gitlab.com/gnutls/gnutls/commit/49be4f7b82eba2363bb8d4090950dad976a77a3a -CVE-2017-5334 - RESERVED +CVE-2017-5334 (Double free vulnerability in the gnutls_x509_ext_import_proxy function ...) - gnutls28 3.5.8-1 [jessie] - gnutls28 <no-dsa> (Minor issue, will be fixed via point update) NOTE: https://gnutls.org/security.html#GNUTLS-SA-2017-1 @@ -24387,8 +24395,7 @@ NOTE: https://github.com/attr-encrypted/attr_encrypted/issues/203 - ruby-encryptor 3.0.0-1 NOTE: https://github.com/attr-encrypted/encryptor/pull/22 -CVE-2016-7797 - RESERVED +CVE-2016-7797 (Pacemaker before 1.1.15, when using pacemaker remote, might allow ...) - pacemaker 1.1.15~rc3-1 [wheezy] - pacemaker <not-affected> (Vulnerable code introduced after 1.1.10) NOTE: http://bugs.clusterlabs.org/show_bug.cgi?id=5269 @@ -29526,8 +29533,8 @@ [wheezy] - nagios3 <no-dsa> (Minor issue) - icinga <not-affected> (Vulnerable code not present) NOTE: http://seclists.org/fulldisclosure/2016/Jun/20 -CVE-2016-6206 - RESERVED +CVE-2016-6206 (Huawei AR3200 routers with software before V200R007C00SPC600 allow ...) + TODO: check CVE-2016-6205 RESERVED CVE-2016-6204 (Cross-site scripting (XSS) vulnerability in the integrated web server ...) @@ -40110,15 +40117,13 @@ - chromium-browser 49.0.2623.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) [squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS) -CVE-2016-3178 - RESERVED +CVE-2016-3178 (The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 ...) {DLA-454-1} - minissdpd 1.2.20130907-3.2 (bug #816759) [jessie] - minissdpd 1.2.20130907-3+deb8u1 NOTE: https://speirofr.appspot.com/files/advisory/SPADV-2016-02.md NOTE: https://github.com/miniupnp/miniupnp/commit/b238cade9a173c6f751a34acf8ccff838a62aa47 -CVE-2016-3179 - RESERVED +CVE-2016-3179 (The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 ...) {DLA-454-1} - minissdpd 1.2.20130907-3.2 (bug #816759) [jessie] - minissdpd 1.2.20130907-3+deb8u1 @@ -42416,15 +42421,13 @@ NOT-FOR-US: Palo Alto Networks PAN-OS CVE-2016-2218 RESERVED -CVE-2016-2224 [denial of service while parsing compressed items] - RESERVED +CVE-2016-2224 (The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before ...) {DLA-561-1} - uclibc <unfixed> (unimportant) NOTE: Just for cross-compiling, not used for actual packages NOTE: http://repo.or.cz/uclibc-ng.git/commit/d9c3a16dcab57d6b56225b9a67e9119cc9e2e4ac NOTE: http://www.openwall.com/lists/oss-security/2016/02/05/2 -CVE-2016-2225 [crafted packet will make the parser terminate early] - RESERVED +CVE-2016-2225 (The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng ...) {DLA-561-1} - uclibc <unfixed> (unimportant) NOTE: Just for cross-compiling, not used for actual packages @@ -46599,8 +46602,8 @@ NOT-FOR-US: Huawei CVE-2015-8679 (The (1) ION and (2) Maxim_smartpa_dev drivers in Huawei P8 smartphones ...) NOT-FOR-US: Huawei -CVE-2015-8678 - RESERVED +CVE-2015-8678 (The ION driver in Huawei P8 smartphones with software GRA-TL00 before ...) + TODO: check CVE-2015-8677 (Memory leak in Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus ...) NOT-FOR-US: Huawei CVE-2015-8676 (Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and ...) @@ -48241,8 +48244,7 @@ NOT-FOR-US: NetApp CVE-2015-8542 (An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. The ...) NOT-FOR-US: Open-Xchange -CVE-2015-8556 [Local Privilege Escalation in QEMU virtfs-proxy-helper] - RESERVED +CVE-2015-8556 (Local privilege escalation vulnerability in the Gentoo QEMU package ...) - qemu <not-affected> (Issue specific to virtfs-proxy-helper in Gentoo installed suid) NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/5 CVE-2015-8785 (The fuse_fill_write_pages function in fs/fuse/file.c in the Linux ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits