Author: sectracker
Date: 2017-04-16 21:10:13 +0000 (Sun, 16 Apr 2017)
New Revision: 50704
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-16 20:36:32 UTC (rev 50703)
+++ data/CVE/list 2017-04-16 21:10:13 UTC (rev 50704)
@@ -101,6 +101,7 @@
CVE-2017-7854 (The consume_init_expr function in wasm.c in radare2 1.3.0
allows remote ...)
- radare2 <not-affected> (Vulnerable code introduced later)
CVE-2017-7853 (In libosip2 in GNU oSIP 5.0.0, a malformed SIP message can lead
to a ...)
+ {DLA-898-1}
- libosip2 4.1.0-2.1 (bug #860287)
NOTE: https://savannah.gnu.org/support/index.php?109265
NOTE: Fixed by:
https://git.savannah.gnu.org/cgit/osip.git/commit/?id=1ae06daf3b2375c34af23083394a6f010be24a45
@@ -109,14 +110,17 @@
CVE-2017-7851
RESERVED
CVE-2016-10326 (In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can
lead to a ...)
+ {DLA-898-1}
- libosip2 4.1.0-2.1 (bug #860287)
NOTE: https://savannah.gnu.org/support/index.php?109132
NOTE: Fixed by:
https://git.savannah.gnu.org/cgit/osip.git/commit/?id=b9dd097b5b24f5ee54b0a8739e59641cd51b6ead
CVE-2016-10325 (In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can
lead to a ...)
+ {DLA-898-1}
- libosip2 4.1.0-2.1 (bug #860287)
NOTE: https://savannah.gnu.org/support/index.php?109131
NOTE:
https://git.savannah.gnu.org/cgit/osip.git/commit/?id=1d9fb1d3a71cc85ef95352e549b140c706cf8696
CVE-2016-10324 (In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can
lead to a ...)
+ {DLA-898-1}
- libosip2 4.1.0-2.1 (bug #860287)
NOTE: https://savannah.gnu.org/support/index.php?109133
NOTE:
https://git.savannah.gnu.org/cgit/osip.git/commit/?id=7e0793e15e21f68337e130c67b031ca38edf055f
@@ -652,8 +656,8 @@
NOT-FOR-US: Synology Photo Station
CVE-2016-10322 (Synology Photo Station before 6.3-2958 allows remote
authenticated ...)
NOT-FOR-US: Synology Photo Station
-CVE-2017-7615
- RESERVED
+CVE-2017-7615 (MantisBT through 2.3.0 allows arbitrary password reset and ...)
+ TODO: check
CVE-2017-7614 (elflink.c in the Binary File Descriptor (BFD) library (aka
libbfd), as ...)
- binutils <unfixed> (low; bug #859989)
[jessie] - binutils <no-dsa> (Minor issue)
@@ -3652,11 +3656,13 @@
- qemu-kvm <removed>
NOTE: Fixed by:
http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=95ed56939eb2eaa4e2f349fe6dcd13ca4edfd8fb
CVE-2017-6504 (WebUI in qBittorrent before 3.3.11 did not set the
X-Frame-Options ...)
+ {DLA-897-1}
- qbittorrent 3.3.7-3 (low; bug #856978)
[jessie] - qbittorrent <no-dsa> (Minor issue)
NOTE:
https://github.com/qbittorrent/qBittorrent/commit/f5ad04766f4abaa78374ff03704316f8ce04627d
NOTE: Fixed upstream in 3.3.11
CVE-2017-6503 (WebUI in qBittorrent before 3.3.11 did not escape many values,
which ...)
+ {DLA-897-1}
- qbittorrent 3.3.7-3 (low; bug #856977)
[jessie] - qbittorrent <no-dsa> (Minor issue)
NOTE:
https://github.com/qbittorrent/qBittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
