Author: sectracker
Date: 2017-10-04 09:10:14 +0000 (Wed, 04 Oct 2017)
New Revision: 56395
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-04 07:15:06 UTC (rev 56394)
+++ data/CVE/list 2017-10-04 09:10:14 UTC (rev 56395)
@@ -1,3 +1,65 @@
+CVE-2017-15028
+ RESERVED
+CVE-2017-15027
+ RESERVED
+CVE-2017-15026
+ RESERVED
+CVE-2017-15025 (decode_line_info in dwarf2.c in the Binary File Descriptor
(BFD) ...)
+ TODO: check
+CVE-2017-15024 (find_abstract_instance_name in dwarf2.c in the Binary File
Descriptor ...)
+ TODO: check
+CVE-2017-15023 (read_formatted_entries in dwarf2.c in the Binary File
Descriptor (BFD) ...)
+ TODO: check
+CVE-2017-15022 (dwarf2.c in the Binary File Descriptor (BFD) library (aka
libbfd), as ...)
+ TODO: check
+CVE-2017-15021 (bfd_get_debug_link_info_1 in opncls.c in the Binary File
Descriptor ...)
+ TODO: check
+CVE-2017-15020 (dwarf1.c in the Binary File Descriptor (BFD) library (aka
libbfd), as ...)
+ TODO: check
+CVE-2017-15019 (LAME 3.99.5 has a NULL Pointer Dereference in the
hip_decode_init ...)
+ TODO: check
+CVE-2017-15018 (LAME 3.99.5 has a heap-based buffer over-read when handling a
malformed ...)
+ TODO: check
+CVE-2017-15017 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference
vulnerability in ...)
+ TODO: check
+CVE-2017-15016 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference
vulnerability in ...)
+ TODO: check
+CVE-2017-15015 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference
vulnerability in ...)
+ TODO: check
+CVE-2017-15014
+ RESERVED
+CVE-2017-15013
+ RESERVED
+CVE-2017-15012
+ RESERVED
+CVE-2017-1000120 ([ERPNext][Frappe Version <= 7.1.27] SQL injection
vulnerability in ...)
+ TODO: check
+CVE-2017-1000119 (October CMS build 412 is vulnerable to PHP code execution in
the file ...)
+ TODO: check
+CVE-2017-1000118 (Akka HTTP versions <= 10.0.5 Illegal Media Range in
Accept Header ...)
+ TODO: check
+CVE-2017-1000114 (The Datadog Plugin stores an API key to access the Datadog
service in ...)
+ TODO: check
+CVE-2017-1000113 (The Deploy to container Plugin stored passwords unencrypted
as part of ...)
+ TODO: check
+CVE-2017-1000110 (Blue Ocean allows the creation of GitHub organization
folders that are ...)
+ TODO: check
+CVE-2017-1000109 (The custom Details view of the Static Analysis Utilities
based OWASP ...)
+ TODO: check
+CVE-2017-1000106 (Blue Ocean allows the creation of GitHub organization
folders that are ...)
+ TODO: check
+CVE-2017-1000105 (The optional Run/Artifacts permission can be enabled by
setting a Java ...)
+ TODO: check
+CVE-2017-1000104 (The Config File Provider Plugin is used to centrally manage
...)
+ TODO: check
+CVE-2017-1000103 (The custom Details view of the Static Analysis Utilities
based DRY ...)
+ TODO: check
+CVE-2017-1000102 (The Details view of some Static Analysis Utilities based
plugins, was ...)
+ TODO: check
+CVE-2017-1000098 (The net/http package's Request.ParseMultipartForm method
starts ...)
+ TODO: check
+CVE-2017-1000097 (On Darwin, user's trust preferences for root certificates
were not ...)
+ TODO: check
CVE-2017-15011 (The named pipes in qtsingleapp in Qt 5.x, as used in
qBittorrent and ...)
TODO: check, can't make much sense of it, probably limited to Win32
CVE-2017-15010 (A ReDoS (regular expression denial of service) flaw was found
in the ...)
@@ -1075,6 +1137,7 @@
NOTE:
https://github.com/GNOME/nautilus/commit/1630f53481f445ada0a455e9979236d31a8d3bb0
CVE-2017-14603 [followup-to AST-2017-005: RTP/RTCP information leak]
RESERVED
+ {DSA-3990-1}
- asterisk 1:13.17.2~dfsg-1 (bug #876328)
NOTE: http://downloads.asterisk.org/pub/security/AST-2017-008.html
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27274
@@ -2261,6 +2324,7 @@
CVE-2017-14168
RESERVED
CVE-2017-14167 (Integer overflow in the load_multiboot function in
hw/i386/multiboot.c ...)
+ {DSA-3991-1}
- qemu 1:2.10.0-1 (bug #874606)
- qemu-kvm <removed>
NOTE:
https://lists.nongnu.org/archive/html/qemu-devel/2017-09/msg01483.html
@@ -2337,7 +2401,7 @@
NOTE: https://curl.haxx.se/docs/adv_20171004.html
NOTE: Patch: https://curl.haxx.se/CVE-2017-1000254.patch
NOTE: Introduced by: https://github.com/curl/curl/commit/415d2e7cb7
-CVE-2017-1000253 [PIE/stack corruption]
+CVE-2017-1000253 (Linux distributions that have not patched their long-term
kernels with ...)
- linux 4.0.2-1
[jessie] - linux 3.16.7-ckt11-1
[wheezy] - linux 3.2.71-1
@@ -2790,8 +2854,8 @@
CVE-2017-14001 (An Improper Neutralization of Special Elements used in an OS
Command ...)
NOT-FOR-US: Asterisk GUI
NOTE: Different from standard asterisk:
https://wiki.asterisk.org/wiki/display/AST/Asterisk+GUI
-CVE-2017-14000
- RESERVED
+CVE-2017-14000 (An Improper Authentication issue was discovered in Ctek
SkyRouter ...)
+ TODO: check
CVE-2017-13999
RESERVED
CVE-2017-13998
@@ -2800,12 +2864,12 @@
NOT-FOR-US: Schneider
CVE-2017-13996
RESERVED
-CVE-2017-13995
- RESERVED
+CVE-2017-13995 (An Improper Authentication issue was discovered in iniNet
Solutions ...)
+ TODO: check
CVE-2017-13994
RESERVED
-CVE-2017-13993
- RESERVED
+CVE-2017-13993 (An Uncontrolled Search Path or Element issue was discovered in
i-SENS ...)
+ TODO: check
CVE-2017-13992
RESERVED
CVE-2017-13991 (An information leakage vulnerability in ArcSight ESM and
ArcSight ESM ...)
@@ -3553,6 +3617,7 @@
[jessie] - lame <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/lame/bugs/472/
CVE-2017-13711 (Use-after-free vulnerability in the sofree function in
slirp/socket.c ...)
+ {DSA-3991-1}
- qemu 1:2.10.0-1 (bug #873875)
[jessie] - qemu <not-affected> (Vulnerable code introduced later)
[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -3701,6 +3766,7 @@
NOTE: Fixed by:
https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=bfc56535f793c557aa754c50213fc5f882e6482d
NOTE: Introduced by:
https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=fec5e8c92becad223df9d972770522f64aafdb72
CVE-2017-13672 (QEMU (aka Quick Emulator), when built with the VGA display
emulator ...)
+ {DSA-3991-1}
- qemu 1:2.10.0-1 (low; bug #873851)
[jessie] - qemu <postponed> (Can be fixed along in a future DSA)
- qemu-kvm <removed>
@@ -5536,9 +5602,9 @@
[wheezy] - cacti <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/Cacti/cacti/issues/907
NOTE:
https://github.com/Cacti/cacti/commit/a032ce0be6a4ea47862c594e40a619ac8de1ef99
-CVE-2017-1000108
+CVE-2017-1000108 (The Pipeline: Input Step Plugin by default allowed users
with ...)
NOT-FOR-US: Jenkins Input Step Plugin
-CVE-2017-1000107
+CVE-2017-1000107 (Script Security Plugin did not apply sandboxing restrictions
to ...)
NOT-FOR-US: Jenkins Script Security Plugin
CVE-2017-12892 (Foxit PDF Compressor installers from versions from 7.0.0.183
to ...)
NOT-FOR-US: Foxit PDF Compressor
@@ -6267,6 +6333,7 @@
CVE-2017-12810
RESERVED
CVE-2017-12809 (QEMU (aka Quick Emulator), when built with the IDE disk and
CD/DVD-ROM ...)
+ {DSA-3991-1}
- qemu 1:2.10.0-1 (bug #873849)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <no-dsa> (Minor issue)
@@ -6360,22 +6427,22 @@
RESERVED
CVE-2017-12778
RESERVED
-CVE-2017-1000112 [Exploitable memory corruption due to UFO to non-UFO path
switch]
+CVE-2017-1000112 (Linux kernel: Exploitable memory corruption due to UFO to
non-UFO path ...)
{DSA-3981-1}
- linux 4.12.6-1 (low)
NOTE: Introduced by:
https://git.kernel.org/linus/e89e9cf539a28df7d0eb1d0a545368e9920b34ac
(2.6.15-rc1)
NOTE: Fixed by:
https://git.kernel.org/linus/85f1bd9a7b5a79d5baa8bf44af19658f7bf77bfa
-CVE-2017-1000111 [heap out-of-bounds in AF_PACKET sockets]
+CVE-2017-1000111 (Linux kernel: heap out-of-bounds in AF_PACKET sockets. This
new issue ...)
{DSA-3981-1 DLA-1099-1}
- linux 4.12.6-1
NOTE: Introduced by:
https://git.kernel.org/linus/8913336a7e8d56e984109a3137d6c0e3362596a4
(2.6.27-rc1)
NOTE: Fixed by:
https://git.kernel.org/linus/c27927e372f0785f3303e8fad94b85945e2c97b7
NOTE: Non-privileged user namespaces disabled by default, only
exploitable by arbitrary user if sysctl kernel.unprivileged_userns_clone=1
-CVE-2017-1000117
+CVE-2017-1000117 (A malicious third-party can give a crafted
"ssh://..." URL to an ...)
{DSA-3934-1 DLA-1068-1}
- git 1:2.14.1-1
NOTE:
https://public-inbox.org/git/xmqqh8xf482j....@gitster.mtv.corp.google.com/T/#u
-CVE-2017-1000116 [command injection on clients through malicious ssh URLs]
+CVE-2017-1000116 (Mercurial prior to 4.3 did not adequately sanitize hostnames
passed to ...)
{DSA-3963-1 DLA-1072-1}
- mercurial 4.3.1-1 (bug #871710)
NOTE:
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
@@ -6393,7 +6460,7 @@
NOTE: https://www.mercurial-scm.org/repo/hg/rev/943c91326b23
NOTE: 3.7 and 4.1 backports also available at
https://bitbucket.org/atlassian/mercurial/commits/branch/sec-3.7
NOTE: and
https://bitbucket.org/octobus/mercurial-backport/branch/backport-4.1
-CVE-2017-1000115 [path traversal via symlink]
+CVE-2017-1000115 (Mercurial prior to version 4.3 is vulnerable to a missing
symlink ...)
{DSA-3963-1 DLA-1072-1}
- mercurial 4.3.1-1 (bug #871709)
NOTE:
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
@@ -6503,8 +6570,8 @@
RESERVED
CVE-2017-12729
RESERVED
-CVE-2017-12728
- RESERVED
+CVE-2017-12728 (An Improper Privilege Management issue was discovered in
SpiderControl ...)
+ TODO: check
CVE-2017-12727
RESERVED
CVE-2017-12726
@@ -6573,17 +6640,17 @@
RESERVED
CVE-2017-12694 (A Directory Traversal issue was discovered in SpiderControl
SCADA Web ...)
NOT-FOR-US: SpiderControl SCADA Web Server
-CVE-2017-1000101 [URL globbing out of bounds read]
+CVE-2017-1000101 (curl supports "globbing" of URLs, in which a user
can pass a numerical ...)
- curl 7.55.0-1 (bug #871554)
[wheezy] - curl <not-affected> (Vulnerable code not present, introduced
later in 7.34.0)
NOTE: https://curl.haxx.se/docs/adv_20170809A.html
NOTE: https://curl.haxx.se/CVE-2017-1000101.patch
-CVE-2017-1000100 [TFTP sends more than buffer size]
+CVE-2017-1000100 (When doing a TFTP transfer and curl/libcurl is given a URL
that ...)
{DLA-1062-1}
- curl 7.55.0-1 (bug #871555)
NOTE: https://curl.haxx.se/docs/adv_20170809B.html
NOTE: https://curl.haxx.se/CVE-2017-1000100.patch
-CVE-2017-1000099 [FILE buffer read out of bounds]
+CVE-2017-1000099 (When asking to get a file from a file:// URL, libcurl
provides a ...)
- curl <not-affected> (Only affects 7.54.1, no affected version ever in
the archive)
NOTE: https://curl.haxx.se/docs/adv_20170809C.html
NOTE: https://curl.haxx.se/CVE-2017-1000099.patch
@@ -10638,44 +10705,31 @@
[jessie] - ruby-rack-cors <not-affected> (Vulnerable code not present)
CVE-2017-11172
RESERVED
-CVE-2017-1000096
- RESERVED
+CVE-2017-1000096 (Arbitrary code execution due to incomplete sandbox
protection: ...)
NOT-FOR-US: Jenkins plugin
-CVE-2017-1000095
- RESERVED
+CVE-2017-1000095 (The default whitelist included the following unsafe entries:
...)
NOT-FOR-US: Jenkins plugin
-CVE-2017-1000094
- RESERVED
+CVE-2017-1000094 (Docker Commons Plugin provides a list of applicable
credential IDs to ...)
NOT-FOR-US: Jenkins plugin
-CVE-2017-1000093
- RESERVED
+CVE-2017-1000093 (Poll SCM Plugin was not requiring requests to its API be
sent via ...)
NOT-FOR-US: Jenkins plugin
-CVE-2017-1000092
- RESERVED
+CVE-2017-1000092 (Git Plugin connects to a user-specified Git repository as
part of form ...)
NOT-FOR-US: Jenkins plugin
-CVE-2017-1000091
- RESERVED
+CVE-2017-1000091 (GitHub Branch Source Plugin connects to a user-specified
GitHub API ...)
NOT-FOR-US: Jenkins plugin
-CVE-2017-1000090
- RESERVED
+CVE-2017-1000090 (Role-based Authorization Strategy Plugin was not requiring
requests to ...)
NOT-FOR-US: Jenkins plugin
-CVE-2017-1000089
- RESERVED
+CVE-2017-1000089 (Builds in Jenkins are associated with an authentication that
controls ...)
NOT-FOR-US: Jenkins plugin
-CVE-2017-1000088
- RESERVED
+CVE-2017-1000088 (The Sidebar Link plugin allows users able to configure jobs,
views, ...)
NOT-FOR-US: Jenkins plugin
-CVE-2017-1000087
- RESERVED
+CVE-2017-1000087 (GitHub Branch Source provides a list of applicable
credential IDs to ...)
NOT-FOR-US: Jenkins plugin
-CVE-2017-1000086
- RESERVED
+CVE-2017-1000086 (The Periodic Backup Plugin did not perform any permission
checks, ...)
NOT-FOR-US: Jenkins plugin
-CVE-2017-1000085
- RESERVED
+CVE-2017-1000085 (Subversion Plugin connects to a user-specified Subversion
repository ...)
NOT-FOR-US: Jenkins plugin
-CVE-2017-1000084
- RESERVED
+CVE-2017-1000084 (Parameterized Trigger Plugin fails to check Item/Build
permission: The ...)
NOT-FOR-US: Jenkins plugin
CVE-2017-11171 (Bad reference counting in the context of
accept_ice_connection() in ...)
- gnome-session 2.30.0-1
@@ -10760,9 +10814,9 @@
CVE-2017-1000078 (Linux foundation ONOS 1.9 is vulnerable to XSS in the device
...)
NOT-FOR-US: ONOS
CVE-2017-1000077
- RESERVED
+ REJECTED
CVE-2017-1000076
- RESERVED
+ REJECTED
CVE-2017-1000075 (Creolabs Gravity version 1.0 is vulnerable to a stack
overflow in the ...)
NOT-FOR-US: Creolabs Gravity
CVE-2017-1000074 (Creolabs Gravity version 1.0 is vulnerable to a stack
overflow in the ...)
@@ -10998,8 +11052,8 @@
- xar <removed>
CVE-2017-11123
RESERVED
-CVE-2017-11122
- RESERVED
+CVE-2017-11122 (On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an
attacker can ...)
+ TODO: check
CVE-2017-11121 (On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other
chips, ...)
TODO: check
CVE-2017-11120 (On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other
chips, ...)
@@ -14953,8 +15007,8 @@
NOT-FOR-US: PDQ Manufacturing LaserWash
CVE-2017-9629 (A Stack-Based Buffer Overflow issue was discovered in Schneider
...)
NOT-FOR-US: Schneider Electric
-CVE-2017-9628
- RESERVED
+CVE-2017-9628 (An Information Exposure issue was discovered in Saia Burgess
Controls ...)
+ TODO: check
CVE-2017-9627 (An Uncontrolled Resource Consumption issue was discovered in
Schneider ...)
NOT-FOR-US: Schneider Electric
CVE-2017-9626
@@ -15694,6 +15748,7 @@
CVE-2017-9376
RESERVED
CVE-2017-9375 (QEMU (aka Quick Emulator), when built with USB xHCI controller
...)
+ {DSA-3991-1}
- qemu 1:2.10.0-1 (bug #864219)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <not-affected> (vulnerable code not present)
@@ -40610,54 +40665,54 @@
RESERVED
CVE-2017-0830
RESERVED
-CVE-2017-0829
- RESERVED
-CVE-2017-0828
- RESERVED
-CVE-2017-0827
- RESERVED
-CVE-2017-0826
- RESERVED
-CVE-2017-0825
- RESERVED
-CVE-2017-0824
- RESERVED
-CVE-2017-0823
- RESERVED
-CVE-2017-0822
- RESERVED
+CVE-2017-0829 (An elevation of privilege vulnerability in the Motorola
bootloader. ...)
+ TODO: check
+CVE-2017-0828 (An elevation of privilege vulnerability in the Huawei
bootloader. ...)
+ TODO: check
+CVE-2017-0827 (An elevation of privilege vulnerability in the MediaTek soc
driver. ...)
+ TODO: check
+CVE-2017-0826 (An elevation of privilege vulnerability in the HTC bootloader.
...)
+ TODO: check
+CVE-2017-0825 (An information disclosure vulnerability in the Broadcom wifi
driver. ...)
+ TODO: check
+CVE-2017-0824 (An elevation of privilege vulnerability in the Broadcom wifi
driver. ...)
+ TODO: check
+CVE-2017-0823 (An information disclosure vulnerability in the Android system
(rild). ...)
+ TODO: check
+CVE-2017-0822 (An elevation of privilege vulnerability in the Android system
...)
+ TODO: check
CVE-2017-0821
RESERVED
-CVE-2017-0820
- RESERVED
-CVE-2017-0819
- RESERVED
-CVE-2017-0818
- RESERVED
-CVE-2017-0817
- RESERVED
-CVE-2017-0816
- RESERVED
-CVE-2017-0815
- RESERVED
-CVE-2017-0814
- RESERVED
-CVE-2017-0813
- RESERVED
-CVE-2017-0812
- RESERVED
-CVE-2017-0811
- RESERVED
-CVE-2017-0810
- RESERVED
-CVE-2017-0809
- RESERVED
-CVE-2017-0808
- RESERVED
-CVE-2017-0807
- RESERVED
-CVE-2017-0806
- RESERVED
+CVE-2017-0820 (A vulnerability in the Android media framework (n/a). Product:
...)
+ TODO: check
+CVE-2017-0819 (A vulnerability in the Android media framework (n/a). Product:
...)
+ TODO: check
+CVE-2017-0818 (A vulnerability in the Android media framework (n/a). Product:
...)
+ TODO: check
+CVE-2017-0817 (An information disclosure vulnerability in the Android media
framework ...)
+ TODO: check
+CVE-2017-0816 (An information disclosure vulnerability in the Android media
framework ...)
+ TODO: check
+CVE-2017-0815 (An information disclosure vulnerability in the Android media
framework ...)
+ TODO: check
+CVE-2017-0814 (An information disclosure vulnerability in the Android media
framework ...)
+ TODO: check
+CVE-2017-0813 (A denial of service vulnerability in the Android media
framework ...)
+ TODO: check
+CVE-2017-0812 (An elevation of privilege vulnerability in the Android media
framework ...)
+ TODO: check
+CVE-2017-0811 (A remote code execution vulnerability in the Android media
framework ...)
+ TODO: check
+CVE-2017-0810 (A remote code execution vulnerability in the Android media
framework ...)
+ TODO: check
+CVE-2017-0809 (A remote code execution vulnerability in the Android media
framework ...)
+ TODO: check
+CVE-2017-0808 (An information disclosure vulnerability in the Android
framework (file ...)
+ TODO: check
+CVE-2017-0807 (An elevation of privilege vulnerability in the Android
framework (ui ...)
+ TODO: check
+CVE-2017-0806 (An elevation of privilege vulnerability in the Android
framework ...)
+ TODO: check
CVE-2017-0805 (A elevation of privilege vulnerability in the Android media
framework ...)
NOT-FOR-US: Android media framework
CVE-2017-0804 (A elevation of privilege vulnerability in the MediaTek mmc
driver. ...)
@@ -41077,7 +41132,8 @@
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-0606 (An elevation of privilege vulnerability in the Qualcomm sound
driver ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0605 (An elevation of privilege vulnerability in the kernel trace
subsystem ...)
+CVE-2017-0605
+ REJECTED
{DSA-3886-1 DLA-993-1}
- linux 4.9.30-1
NOTE: Fixed by:
https://git.kernel.org/linus/e09e28671cda63e6308b31798b997639120e2a21
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
