[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Sat, 03 Mar 2018 01:11:37 -0800

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ee853802 by security tracker role at 2018-03-03T09:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -26430,6 +26430,7 @@ CVE-2017-15133 (A denial of service flaw was found in 
miekg-dns before 1.0.4. A 
        NOTE: https://github.com/miekg/dns/issues/627
        NOTE: https://github.com/miekg/dns/pull/631
 CVE-2017-15132 (A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An 
abort of ...)
+       {DSA-4130-1}
        - dovecot 1:2.2.34-1 (bug #888432)
        NOTE: Fixed by: 
https://github.com/dovecot/core/commit/1a29ed2f96da1be22fa5a4d96c7583aa81b8b060.patch
        NOTE: Regression fix needed on top: 
https://github.com/dovecot/core/commit/a9b135760aea6d1790d447d351c56b78889dac22
@@ -26447,6 +26448,7 @@ CVE-2017-15131 (It was found that system umask policy 
is not being honored when 
        NOTE: Enforcements can be achieved e.g. by using pam_umask.
        NOTE: http://bugs.freedesktop.org/show_bug.cgi?id=102303
 CVE-2017-15130 (A denial of service flaw was found in dovecot before 2.2.34. 
An ...)
+       {DSA-4130-1}
        - dovecot 1:2.2.34-1 (bug #891820)
        NOTE: 
https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
        NOTE: 
https://github.com/dovecot/core/commit/22311315b9f780211329c1522eb5aaa4faaa9391
@@ -28711,6 +28713,7 @@ CVE-2017-14463
 CVE-2017-14462
        RESERVED
 CVE-2017-14461 (A specially crafted email delivered over SMTP and passed on to 
Dovecot ...)
+       {DSA-4130-1}
        - dovecot 1:2.2.34-1 (bug #891819)
        NOTE: 
https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
        NOTE: 
https://github.com/dovecot/core/commit/30dc856f7b97b75b0e0d69f5003d5d99a13249b4
@@ -67215,7 +67218,7 @@ CVE-2017-1656
        RESERVED
 CVE-2017-1655
        RESERVED
-CVE-2017-1654 (IBM Spectrum Scale 4.1.1 and 4.2,0 - 4.2.3 could allow a local 
...)
+CVE-2017-1654 (IBM Spectrum Scale 4.1.1 and 4.2.0 - 4.2.3 could allow a local 
...)
        TODO: check
 CVE-2017-1653 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle 
Management ...)
        NOT-FOR-US: IBM Jazz Foundation
@@ -104222,20 +104225,20 @@ CVE-2015-7969 (Multiple memory leaks in Xen 4.0 
through 4.6.x allow local guest 
        NOTE: http://xenbits.xen.org/xsa/advisory-151.html
 CVE-2015-7968
        RESERVED
-CVE-2015-7967
-       RESERVED
-CVE-2015-7966
-       RESERVED
-CVE-2015-7965
-       RESERVED
-CVE-2015-7964
-       RESERVED
-CVE-2015-7963
-       RESERVED
-CVE-2015-7962
-       RESERVED
-CVE-2015-7961
-       RESERVED
+CVE-2015-7967 (SafeNet Authentication Service for Citrix Web Interface Agent 
uses a ...)
+       TODO: check
+CVE-2015-7966 (SafeNet Authentication Service Windows Logon Agent uses a weak 
ACL for ...)
+       TODO: check
+CVE-2015-7965 (SafeNet Authentication Service Windows Logon Agent uses a weak 
ACL for ...)
+       TODO: check
+CVE-2015-7964 (SafeNet Authentication Service for NPS Agent uses a weak ACL 
for ...)
+       TODO: check
+CVE-2015-7963 (SafeNet Authentication Service for AD FS Agent uses a weak ACL 
for ...)
+       TODO: check
+CVE-2015-7962 (SafeNet Authentication Service for Outlook Web App Agent uses a 
weak ...)
+       TODO: check
+CVE-2015-7961 (SafeNet Authentication Service Remote Web Workplace Agent uses 
a weak ...)
+       TODO: check
 CVE-2015-7960
        REJECTED
 CVE-2015-7959
@@ -105360,12 +105363,12 @@ CVE-2015-7600 (Cisco VPN Client 5.x through 
5.0.07.0440 uses weak permissions fo
        NOT-FOR-US: Cisco VPN Client
 CVE-2015-7599 (Integer overflow in the _authenticate function in svc_auth.c in 
Wind ...)
        NOT-FOR-US: Wind River VxWorks
-CVE-2015-7598
-       RESERVED
-CVE-2015-7597
-       RESERVED
-CVE-2015-7596
-       RESERVED
+CVE-2015-7598 (SafeNet Authentication Service TokenValidator Proxy Agent uses 
a weak ...)
+       TODO: check
+CVE-2015-7597 (SafeNet Authentication Service IIS Agent uses a weak ACL for 
...)
+       TODO: check
+CVE-2015-7596 (SafeNet Authentication Service End User Software Tools for 
Windows ...)
+       TODO: check
 CVE-2015-7595
        REJECTED
 CVE-2015-7594



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ee8538023be193789f1e59f56223f15f716d202d

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ee8538023be193789f1e59f56223f15f716d202d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to