Author: sectracker
Date: 2017-06-20 09:10:14 +0000 (Tue, 20 Jun 2017)
New Revision: 52729
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-20 08:46:52 UTC (rev 52728)
+++ data/CVE/list 2017-06-20 09:10:14 UTC (rev 52729)
@@ -25,7 +25,7 @@
CVE-2017-1000372 (A flaw exists in OpenBSD's implementation of the stack guard
page that ...)
NOT-FOR-US: OpenBSD
CVE-2017-1000364 (An issue was discovered in the size of the stack guard page
on Linux, ...)
- {DSA-3886-1}
+ {DSA-3886-1 DLA-993-1}
- linux <unfixed>
[stretch] - linux 4.9.30-2+deb9u1
NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
@@ -1565,7 +1565,7 @@
[jessie] - picocom <no-dsa> (Minor issue)
NOTE:
https://github.com/npat-efault/picocom/commit/1ebc60b20fbe9a02436d5cbbf8951714e749ddb1
CVE-2017-9242 (The __ip6_append_data function in net/ipv6/ip6_output.c in the
Linux ...)
- {DSA-3886-1}
+ {DSA-3886-1 DLA-993-1}
- linux 4.9.30-1
NOTE:
https://git.kernel.org/linus/232cd35d0804cc241eb887bb8d4d9b3b9881c64a
CVE-2017-9241
@@ -2085,19 +2085,19 @@
[wheezy] - dropbear <not-affected> (Vulnerable code not present)
NOTE: Patch: https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c
CVE-2017-9077 (The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the
Linux ...)
- {DSA-3886-1}
+ {DSA-3886-1 DLA-993-1}
- linux 4.9.30-1
NOTE: Fixed by:
https://git.kernel.org/linus/83eaddab4378db256d00d295bda6ca997cd13a52
CVE-2017-9076 (The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in
the Linux ...)
- {DSA-3886-1}
+ {DSA-3886-1 DLA-993-1}
- linux 4.9.30-1
NOTE: Fixed by:
https://git.kernel.org/linus/83eaddab4378db256d00d295bda6ca997cd13a52
CVE-2017-9075 (The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the
Linux ...)
- {DSA-3886-1}
+ {DSA-3886-1 DLA-993-1}
- linux 4.9.30-1
NOTE: Fixed by:
https://git.kernel.org/linus/fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8
CVE-2017-9074 (The IPv6 fragmentation implementation in the Linux kernel
through ...)
- {DSA-3886-1}
+ {DSA-3886-1 DLA-993-1}
- linux 4.9.30-1
NOTE: Fixed by:
https://git.kernel.org/linus/2423496af35d94a87156b063ea5cedffc10a70a1
CVE-2017-9073 (A buffer overflow in Smart Card authentication code in
gpkcsp.dll in ...)
@@ -2523,11 +2523,11 @@
CVE-2017-8926 (Buffer overflow in Halliburton LogView Pro 10.0.1 allows
attackers to ...)
NOT-FOR-US: Halliburton LogView Pro
CVE-2017-8925 (The omninet_open function in drivers/usb/serial/omninet.c in
the Linux ...)
- {DSA-3886-1}
+ {DSA-3886-1 DLA-993-1}
- linux 4.9.16-1 (low)
NOTE: Fixed by:
https://git.kernel.org/linus/30572418b445d85fcfe6c8fe84c947d2606767d8
CVE-2017-8924 (The edge_bulk_in_callback function in
drivers/usb/serial/io_ti.c in the ...)
- {DSA-3886-1}
+ {DSA-3886-1 DLA-993-1}
- linux 4.9.16-1 (low)
NOTE: Fixed by:
https://git.kernel.org/linus/654b404f2a222f918af9b0cd18ad469d0c941a8e
CVE-2017-8923 (The zend_string_extend function in Zend/zend_string.h in PHP
through ...)
@@ -2637,7 +2637,7 @@
CVE-2017-8877 (ASUS RT-AC* and RT-N* devices with firmware through
3.0.0.4.380.7378 ...)
NOT-FOR-US: ASUS
CVE-2017-8890 (The inet_csk_clone_lock function in
net/ipv4/inet_connection_sock.c in ...)
- {DSA-3886-1}
+ {DSA-3886-1 DLA-993-1}
- linux 4.9.30-1
NOTE: Fixed by:
https://git.kernel.org/linus/657831ffc38e30092a2d5f03d385d710eb88b09a
CVE-2017-8876 (Symphony 2 2.6.11 has XSS in the meta[navigation_group]
parameter to ...)
@@ -5150,7 +5150,7 @@
CVE-2017-7896 (Trend Micro InterScan Messaging Security Virtual Appliance
(IMSVA) 9.1 ...)
NOT-FOR-US: Trend Micro
CVE-2017-7895 (The NFSv2 and NFSv3 server implementations in the Linux kernel
through ...)
- {DSA-3886-1}
+ {DSA-3886-1 DLA-993-1}
- linux 4.9.25-1
NOTE: Fixed by:
https://git.kernel.org/linus/13bf9fbff0e5e099e2b6f003a0ab8ae145436309
CVE-2016-10345 (In Phusion Passenger before 5.1.0, a known /tmp filename was
used ...)
@@ -6018,8 +6018,7 @@
RESERVED
CVE-2017-7680
RESERVED
-CVE-2017-7679 [mod_mime Buffer Overread]
- RESERVED
+CVE-2017-7679 (In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26,
mod_mime ...)
- apache2 <unfixed>
CVE-2017-7678
RESERVED
@@ -6041,8 +6040,7 @@
RESERVED
CVE-2017-7669 (In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the ...)
- hadoop <itp> (bug #793644)
-CVE-2017-7668 [ap_find_token() Buffer Overread]
- RESERVED
+CVE-2017-7668 (The HTTP strict parsing changes added in Apache httpd 2.2.32
and ...)
- apache2 <unfixed>
CVE-2017-7667 (Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish
the ...)
NOT-FOR-US: Apache NiFi
@@ -6098,7 +6096,7 @@
CVE-2017-7646 (SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4
allows an ...)
NOT-FOR-US: SolarWinds
CVE-2017-7645 (The NFSv2/NFSv3 server in the nfsd subsystem in the Linux
kernel ...)
- {DSA-3886-1}
+ {DSA-3886-1 DLA-993-1}
- linux 4.9.25-1
NOTE: Fixed by:
https://git.kernel.org/linus/e6838a29ecb484c97e4efef9429643b9851fba6e
CVE-2017-7644 (The Management Web Interface in Palo Alto Networks PAN-OS
before ...)
@@ -6588,7 +6586,7 @@
CVE-2017-7488 (Authconfig version 6.2.8 is vulnerable to an Information
exposure ...)
NOT-FOR-US: authconfig in Red Hat
CVE-2017-7487 (The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux
kernel ...)
- {DSA-3886-1}
+ {DSA-3886-1 DLA-993-1}
- linux 4.9.30-1
NOTE: Fixed by:
https://git.kernel.org/linus/ee0d8d8482345ff97a75a7d747efc309f13b0d80
CVE-2017-7486 (PostgreSQL versions 8.4 - 9.6 are vulnerable to information
leak in ...)
@@ -17528,12 +17526,12 @@
RESERVED
CVE-2017-3746
RESERVED
-CVE-2017-3745
- RESERVED
-CVE-2017-3744
- RESERVED
-CVE-2017-3743
- RESERVED
+CVE-2017-3745 (In Lenovo XClarity Administrator (LXCA) before 1.3.0, if
service data ...)
+ TODO: check
+CVE-2017-3744 (In the IMM2 firmware of Lenovo System x servers, remote
commands ...)
+ TODO: check
+CVE-2017-3743 (If multiple users are concurrently logged into a single system
where ...)
+ TODO: check
CVE-2017-3742
RESERVED
CVE-2017-3741 (In the Lenovo Power Management driver before 1.67.12.24, a
local user ...)
@@ -19456,12 +19454,12 @@
RESERVED
CVE-2017-3217
RESERVED
-CVE-2017-3216
- RESERVED
-CVE-2017-3215
- RESERVED
-CVE-2017-3214
- RESERVED
+CVE-2017-3216 (WiMAX routers based on the MediaTek SDK (libmtk) that use a
custom ...)
+ TODO: check
+CVE-2017-3215 (The Milwaukee ONE-KEY Android mobile application uses bearer
tokens ...)
+ TODO: check
+CVE-2017-3214 (The Milwaukee ONE-KEY Android mobile application stores the
master ...)
+ TODO: check
CVE-2017-3213 (The Think Mutual Bank Mobile Banking app 3.1.5 for iOS does not
verify ...)
NOT-FOR-US: Think Mutual Bank Mobile Banking app
CVE-2017-3212 (The Space Coast Credit Union Mobile app 2.2 for iOS and
2.1.0.1104 for ...)
@@ -19553,13 +19551,11 @@
RESERVED
CVE-2017-3170
RESERVED
-CVE-2017-3169 [mod_ssl Null Pointer Dereference]
- RESERVED
+CVE-2017-3169 (In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26,
mod_ssl ...)
- apache2 <unfixed>
CVE-2017-3168
RESERVED
-CVE-2017-3167 [ap_get_basic_auth_pw authentication bypass]
- RESERVED
+CVE-2017-3167 (In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26,
use of ...)
- apache2 <unfixed>
CVE-2017-3166
RESERVED
@@ -25448,7 +25444,7 @@
CVE-2017-0606 (An elevation of privilege vulnerability in the Qualcomm sound
driver ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-0605 (An elevation of privilege vulnerability in the kernel trace
subsystem ...)
- {DSA-3886-1}
+ {DSA-3886-1 DLA-993-1}
- linux 4.9.30-1
NOTE: Fixed by:
https://git.kernel.org/linus/e09e28671cda63e6308b31798b997639120e2a21
CVE-2017-0604 (An elevation of privilege vulnerability in the kernel Qualcomm
power ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
