automatic update

author: security tracker role <sectracker@soriano.debian.org> 2018-07-26 20:10:23 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2018-07-26 20:10:23 +0000
commit: 137808f0de8bf75c65bab662a04b0d7ab296f2c9 (patch)
tree: 4ceeda90f7fea0b1c140daec258a410aa4292610 /data
parent: 29254756fbde575b659bf7fa19821f7a844511f3 (diff)
1 files changed, 54 insertions, 81 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 34a3f0aefd..2e376946fa 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,5 @@
+CVE-2017-18344 (The timer_create syscall implementation in kernel/time/posix-timers.c ...)
+	TODO: check
 CVE-2018-14597
 	RESERVED
 CVE-2018-1002208 (sharplibzip before 1.0 RC1 is vulnerable to directory traversal, ...)
@@ -9286,12 +9288,10 @@ CVE-2018-10903 [GCM tag forgery via truncated tag in finalize_with_tag API]
 	NOTE: https://github.com/pyca/cryptography/pull/4342/commits/688e0f673bfbf43fa898994326c6877f00ab19ef
 CVE-2018-10902
 	RESERVED
-CVE-2018-10901 [kvm: vmx: host GDT.LIMIT corruption]
-	RESERVED
+CVE-2018-10901 (A flaw was found in Linux kernel's KVM virtualization subsystem. The ...)
 	- linux <not-affected> (Fixed before src:linux-2.6 -> src:linux rename)
 	NOTE: https://git.kernel.org/linus/3444d7da1839b851eefedd372978d8a982316c36 (2.6.36-rc1)
-CVE-2018-10900 [local privilege escalation]
-	RESERVED
+CVE-2018-10900 (Network Manager VPNC plugin (aka networkmanager-vpnc) before version ...)
 	{DSA-4253-1}
 	- network-manager-vpnc 1.2.6-1 (bug #904255)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/20/3
@@ -9376,8 +9376,7 @@ CVE-2018-10882
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200069
-CVE-2018-10881
-	RESERVED
+CVE-2018-10881 (A flaw was found in the Linux kernel's ext4 filesystem. A local user ...)
 	{DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
@@ -9387,14 +9386,12 @@ CVE-2018-10880 (Linux kernel is vulnerable to a stack-out-of-bounds write in the
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200005
-CVE-2018-10879
-	RESERVED
+CVE-2018-10879 (A flaw was found in the Linux kernel's ext4 filesystem. A local user ...)
 	{DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596806
-CVE-2018-10878
-	RESERVED
+CVE-2018-10878 (A flaw was found in the Linux kernel's ext4 filesystem. A local user ...)
 	{DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
@@ -9404,8 +9401,7 @@ CVE-2018-10877 (Linux kernel ext4 filesystem is vulnerable to an out-of-bound ac
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199417
-CVE-2018-10876
-	RESERVED
+CVE-2018-10876 (A flaw was found in Linux kernel in the ext4 filesystem code. A ...)
 	{DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
@@ -9767,6 +9763,7 @@ CVE-2018-10760 (Unrestricted file upload vulnerability in the Files plugin in ..
 CVE-2018-10759 (PHP remote file inclusion vulnerability in public/patch/patch.php in ...)
 	NOT-FOR-US: Project Pier
 CVE-2018-11319 (Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle ...)
+	{DLA-1444-1}
 	- vim-syntastic 3.9.0-1 (bug #894736)
 	NOTE: https://github.com/vim-syntastic/syntastic/issues/2170
 	NOTE: https://github.com/vim-syntastic/syntastic/commit/6d7c0b394e001233dd09ec473fbea2002c72632f
@@ -13935,8 +13932,8 @@ CVE-2018-9070 (For the Lenovo Smart Assistant Android app versions earlier than
 	NOT-FOR-US: Lenovo
 CVE-2018-9069
 	RESERVED
-CVE-2018-9068
-	RESERVED
+CVE-2018-9068 (The IMM2 First Failure Data Capture function collects management ...)
+	TODO: check
 CVE-2018-9067 (The Lenovo Help Android app versions earlier than 6.1.2.0327 had ...)
 	NOT-FOR-US: Lenovo
 CVE-2018-9066
@@ -36129,8 +36126,7 @@ CVE-2018-1290 (In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incuba
 	NOT-FOR-US: Apache Fineract
 CVE-2018-1289 (In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, ...)
 	NOT-FOR-US: Apache Fineract
-CVE-2018-1288 [Authenticated Kafka clients may interfere with data replication]
-	RESERVED
+CVE-2018-1288 (In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to ...)
 	- kafka <itp> (bug #786460)
 CVE-2018-1287 (In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI ...)
 	- jakarta-jmeter <unfixed> (low)
@@ -38885,16 +38881,15 @@ CVE-2018-0624
 	RESERVED
 CVE-2018-0623
 	RESERVED
-CVE-2018-0622
-	RESERVED
-CVE-2018-0621
-	RESERVED
-CVE-2018-0620
-	RESERVED
-CVE-2018-0619
-	RESERVED
-CVE-2018-0618
-	RESERVED
+CVE-2018-0622 (The DHC Online Shop App for Android version 3.2.0 and earlier does not ...)
+	TODO: check
+CVE-2018-0621 (Untrusted search path vulnerability in LOGICOOL CONNECTION UTILITY ...)
+	TODO: check
+CVE-2018-0620 (Untrusted search path vulnerability in LOGICOOL Game Software versions ...)
+	TODO: check
+CVE-2018-0619 (Untrusted search path vulnerability in the installer of Glarysoft ...)
+	TODO: check
+CVE-2018-0618 (Cross-site scripting vulnerability in Mailman 2.1.26 and earlier ...)
 	{DSA-4246-1 DLA-1442-1}
 	- mailman 1:2.1.27-1
 	NOTE: https://mail.python.org/pipermail/mailman-announce/2018-June/000236.html
@@ -38903,16 +38898,16 @@ CVE-2018-0618
 	NOTE: https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1754
 	NOTE: https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1783
 	NOTE: https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1785
-CVE-2018-0617
-	RESERVED
+CVE-2018-0617 (Directory traversal vulnerability in ChamaNet MemoCGI v2.1800 to ...)
+	TODO: check
 CVE-2018-0616
 	RESERVED
 CVE-2018-0615
 	RESERVED
-CVE-2018-0614
-	RESERVED
-CVE-2018-0613
-	RESERVED
+CVE-2018-0614 (Cross-site scripting vulnerability in NEC Platforms Calsos CSDX and ...)
+	TODO: check
+CVE-2018-0613 (NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 ...)
+	TODO: check
 CVE-2018-0612 (Cross-site scripting vulnerability in 5000 trillion yen converter ...)
 	NOT-FOR-US: 5000 trillion yen converter
 CVE-2018-0611 (The ANA App for iOS version 4.0.22 and earlier does not verify X.509 ...)
@@ -38924,8 +38919,8 @@ CVE-2018-0609 (Untrusted search path vulnerability in LINE for Windows versions
 CVE-2018-0608 (Buffer overflow in H2O version 2.2.4 and earlier allows remote ...)
 	- h2o 2.2.5+dfsg1-1
 	NOTE: https://github.com/h2o/h2o/issues/1775
-CVE-2018-0607
-	RESERVED
+CVE-2018-0607 (SQL injection vulnerability in the Notifications application in the ...)
+	TODO: check
 CVE-2018-0606 (SQL injection vulnerability in the Pixelpost v1.7.3 and earlier allows ...)
 	NOT-FOR-US: Pixelpost
 CVE-2018-0605 (Cross-site scripting vulnerability in Pixelpost v1.7.3 and earlier ...)
@@ -53983,8 +53978,7 @@ CVE-2017-12611 (In Apache Struts 2.0.1 through 2.3.33 and 2.5 through 2.5.10, us
 	[wheezy] - libstruts1.2-java <ignored> (Minor issue)
 	NOTE: Only a problem if the application programmer has made a security mistake.
 	NOTE: https://struts.apache.org/docs/s2-053.html
-CVE-2017-12610 [Authenticated Kafka clients may impersonate other users]
-	RESERVED
+CVE-2017-12610 (In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, ...)
 	- kafka <itp> (bug #786460)
 CVE-2017-12609
 	REJECTED
@@ -55158,8 +55152,7 @@ CVE-2017-12176 (xorg-x11-server before 1.19.5 was missing extra length validatio
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81
-CVE-2017-12175
-	RESERVED
+CVE-2017-12175 (Red Hat Satellite before 6.5 is vulnerable to a XSS in discovery rule ...)
 	NOT-FOR-US: Red Hat Satellite
 CVE-2017-12174 (It was found that when Artemis and HornetQ before 2.4.0 are configured ...)
 	NOT-FOR-US: Artemis and HornetQ
@@ -55181,8 +55174,7 @@ CVE-2017-12172 (PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
 	[wheezy] - postgresql-9.1 <not-affected> (Vulnerable code not installed)
 	NOTE: Issue in sample init-scirpt as provided by postgresql project, but not installed
-CVE-2017-12171 [httpd: # character matches all IPs]
-	RESERVED
+CVE-2017-12171 (A regression was found in the Red Hat Enterprise Linux 6.9 version of ...)
 	- apache2 <not-affected> (Introduced by Red Hat RHEL 6.9 specific non-security patch)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1493056
 CVE-2017-12170 (Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was ...)
@@ -55196,8 +55188,7 @@ CVE-2017-12168 (The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in t
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/9e3f7a29694049edd728e2400ab57ad7553e5aa9 (4.9-rc6)
-CVE-2017-12167
-	RESERVED
+CVE-2017-12167 (It was found in EAP 7 before 7.0.9 that properties based files of the ...)
 	NOT-FOR-US: Red Hat JBoss EAP
 CVE-2017-12166 (OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to ...)
 	- openvpn 2.4.4-1 (bug #877089)
@@ -55216,16 +55207,14 @@ CVE-2017-12165 [improper whitespace parsing leading to potential HTTP request sm
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1490301
 	NOTE: Fix likely included in the same commit as the fix for CVE-2017-7559
 	NOTE: https://github.com/undertow-io/undertow/commit/3436b03eda8b0b62c1855698c4d7c358add836c2
-CVE-2017-12164 [lock screen can be circumvented when autologin is set]
-	RESERVED
+CVE-2017-12164 (A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer ...)
 	- gdm3 3.26.0-1
 	[stretch] - gdm3 <not-affected> (Vulnerable code not present)
 	[jessie] - gdm3 <not-affected> (Vulnerable code not present)
 	[wheezy] - gdm3 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1490417
 	NOTE: Introduced in https://git.gnome.org/browse/gdm/commit/?id=ff98b28
-CVE-2017-12163 [Server memory information leak over SMB1]
-	RESERVED
+CVE-2017-12163 (An information leak flaw was found in the way SMB1 protocol was ...)
 	{DSA-3983-1 DLA-1110-1}
 	- samba 2:4.6.7+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2017-12163.html
@@ -55266,8 +55255,7 @@ CVE-2017-12151 [SMB3 connections don't keep encryption across DFS redirects]
 	- samba 2:4.6.7+dfsg-2
 	[wheezy] - samba <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.samba.org/samba/security/CVE-2017-12151.html
-CVE-2017-12150 [SMB1/2/3 connections may not require signing where they should]
-	RESERVED
+CVE-2017-12150 (It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x ...)
 	{DSA-3983-1 DLA-1110-1}
 	- samba 2:4.6.7+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2017-12150.html
@@ -69246,8 +69234,7 @@ CVE-2017-7578 (Multiple heap-based buffer overflows in parser.c in libming 0.4.7
 	- ming <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/07/1
 	NOTE: https://github.com/libming/libming/issues/68
-CVE-2017-7562 [Make certauth eku module restrictive-only]
-	RESERVED
+CVE-2017-7562 (An authentication bypass flaw was found in the way krb5's certauth ...)
 	- krb5 <not-affected> (Vulnerable code introduced later, cf. #873281)
 	NOTE: https://github.com/krb5/krb5/pull/694
 	NOTE: https://github.com/krb5/krb5/pull/694/commits/50fe4074f188c2d4da0c421e96553acea8378db2
@@ -69272,8 +69259,7 @@ CVE-2017-7559 (In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, a
 	NOTE: https://issues.jboss.org/browse/UNDERTOW-1295
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1481665#c7
 	NOTE: Fixed by https://github.com/undertow-io/undertow/commit/3436b03eda8b0b62c1855698c4d7c358add836c2
-CVE-2017-7558 [sctp: out-of-bounds read in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info()]
-	RESERVED
+CVE-2017-7558 (A kernel data leak due to an out-of-bound read was found in the Linux ...)
 	- linux 4.12.13-1
 	[stretch] - linux 4.9.30-2+deb9u5
 	[jessie] - linux <not-affected> (Vulnerable code introduced later 4.7 and not backported)
@@ -69335,8 +69321,7 @@ CVE-2017-7546 (PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	NOTE: https://www.postgresql.org/about/news/1772/
-CVE-2017-7545
-	RESERVED
+CVE-2017-7545 (It was discovered that the XmlUtils class in jbpmmigration 6.5 ...)
 	NOT-FOR-US: jbpm-designer / jBPM
 CVE-2017-7544 (libexif through 0.6.21 is vulnerable to out-of-bounds heap read ...)
 	- libexif 0.6.21-2.1 (bug #876466)
@@ -69344,8 +69329,7 @@ CVE-2017-7544 (libexif through 0.6.21 is vulnerable to out-of-bounds heap read .
 	[jessie] - libexif <no-dsa> (Minor issue)
 	[wheezy] - libexif <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libexif/bugs/130/
-CVE-2017-7543 [iptables not active after update]
-	RESERVED
+CVE-2017-7543 (A race-condition flaw was discovered in openstack-neutron before ...)
 	- neutron <not-affected> (Specific to Red Hat packaging)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473792
 CVE-2017-7542 (The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux ...)
@@ -69359,17 +69343,14 @@ CVE-2017-7541 (The brcmf_cfg80211_mgmt_tx function in ...)
 	NOTE: Fixed by: https://git.kernel.org/linus/8f44c9a41386729fea410e688959ddaa9d51be7c
 CVE-2017-7540 (rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are ...)
 	NOT-FOR-US: Safemode ruby gem
-CVE-2017-7539 [qemu-nbd crashes due to undefined I/O coroutine]
-	RESERVED
+CVE-2017-7539 (An assertion-failure flaw was found in Qemu before 2.10.1, in the ...)
 	- qemu <not-affected> (Vulnerable code introduced in v2.9.0-rc0)
 	- qemu-kvm <not-affected> (Vulnerable code introduced in v2.9.0-rc0)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=2b0bbc4f8809c972bad134bc1a2570dbb01dea0b
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=ff82911cd3f69f028f2537825c9720ff78bc3f19
-CVE-2017-7538
-	RESERVED
+CVE-2017-7538 (A cross-site scripting (XSS) flaw was found in how an organization ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2017-7537
-	RESERVED
+CVE-2017-7537 (It was found that a mock CMC authentication plugin with a hardcoded ...)
 	- dogtag-pki 10.3.5+12-5 (bug #869261)
 	NOTE: https://github.com/dogtagpki/pki/commit/876d13c6d20e7e1235b9
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470817
@@ -69380,8 +69361,7 @@ CVE-2017-7536 (In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x
 	[wheezy] - libhibernate-validator-java <not-affected> (Vulnerable code introduced in 4.3)
 	NOTE: https://github.com/hibernate/hibernate-validator/commit/0ed45f37c4680998167179e631113a2c9cb5d113
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1465573
-CVE-2017-7535
-	RESERVED
+CVE-2017-7535 (foreman before version 1.16.0 is vulnerable to a stored XSS in ...)
 	- foreman <itp> (bug #663101)
 CVE-2017-7534 (OpenShift Enterprise version 3.x is vulnerable to a stored XSS via the ...)
 	NOT-FOR-US: OpenShift
@@ -69397,8 +69377,7 @@ CVE-2017-7532 (In Moodle 3.x, course creators are able to change system default
 CVE-2017-7531 (In Moodle 3.3, the course overview block reveals activities in hidden ...)
 	- moodle <not-affected> (Only affects 3.3)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=355555
-CVE-2017-7530
-	RESERVED
+CVE-2017-7530 (In CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before ...)
 	NOT-FOR-US: Red Hat CloudForms Management Engine
 CVE-2017-7529 (Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable ...)
 	{DSA-3908-1 DLA-1024-1}
@@ -69410,8 +69389,7 @@ CVE-2017-7528
 	NOT-FOR-US: Ansible Tower
 CVE-2017-7527
 	RESERVED
-CVE-2017-7526 [Use of left-to-right sliding window method allows full RSA key recovery]
-	RESERVED
+CVE-2017-7526 (libgcrypt before version 1.7.8 is vulnerable to a cache side-channel ...)
 	{DSA-3960-1 DSA-3901-1 DLA-1080-1 DLA-1015-1}
 	- libgcrypt20 1.7.8-1
 	- libgcrypt11 <removed>
@@ -69511,8 +69489,7 @@ CVE-2017-7511 (poppler since version 0.17.3 has been vulnerable to NULL pointer
 	NOTE: Crash in CLI tool, no security implications
 CVE-2017-7510
 	RESERVED
-CVE-2017-7509
-	RESERVED
+CVE-2017-7509 (An input validation error was found in Red Hat Certificate System's ...)
 	NOT-FOR-US: Red Hat Certificate System
 CVE-2017-7508 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to ...)
 	{DSA-3900-1}
@@ -84587,8 +84564,7 @@ CVE-2017-2666
 	NOTE: Fixed by https://github.com/undertow-io/undertow/commit/1e72647818c9fb31b693a953b1ae595a6c82eb7f
 CVE-2017-2665 (The skyring-setup command creates random password for mongodb skyring ...)
 	NOT-FOR-US: Red Hat Storage / skyring
-CVE-2017-2664
-	RESERVED
+CVE-2017-2664 (CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before ...)
 	NOT-FOR-US: Red Hat CloudForms
 CVE-2017-2663
 	RESERVED
@@ -84669,8 +84645,7 @@ CVE-2017-2639
 	NOT-FOR-US: Red Hat CloudForms Management Engine
 CVE-2017-2638 (It was found that the REST API in Infinispan before version 9.0.0 did ...)
 	NOT-FOR-US: infinispan
-CVE-2017-2637
-	RESERVED
+CVE-2017-2637 (A design flaw issue was found in the Red Hat OpenStack Platform ...)
 	NOT-FOR-US: Red Hat OpenStack Platform director
 CVE-2017-2636 (Race condition in drivers/tty/n_hdlc.c in the Linux kernel through ...)
 	{DSA-3804-1 DLA-849-1}
@@ -84872,8 +84847,7 @@ CVE-2017-2590 [Insufficient permission check for ca-del, ca-disable and ca-enabl
 	NOTE: https://pagure.io/freeipa/issue/6713
 	NOTE: Fixed by (master): https://pagure.io/freeipa/c/b81ac59640f0b76fa9f53cf8be441f085a7089c4?branch=master
 	NOTE: Fixed by (ipa-4.4): https://pagure.io/freeipa/c/1aa314c79648c442473f19344387bfe11ec2141b?branch=ipa-4-4
-CVE-2017-2589
-	RESERVED
+CVE-2017-2589 (It was discovered that the hawtio servlet 1.4 uses a single HttpClient ...)
 	NOT-FOR-US: hawtio
 CVE-2017-2588
 	RESERVED
@@ -84900,8 +84874,7 @@ CVE-2017-2583 (The load_segment_descriptor implementation in arch/x86/kvm/emulat
 	- linux 4.9.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.6-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/33ab91103b3415e12457e3104f0e4517ce12d0f3
-CVE-2017-2582
-	RESERVED
+CVE-2017-2582 (It was found that while parsing the SAML messages the StaxParserUtil ...)
 	NOT-FOR-US: Keycloak
 CVE-2017-2581
 	RESERVED
@@ -93592,8 +93565,7 @@ CVE-2016-8649 (lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an att
 CVE-2016-8648
 	RESERVED
 	NOT-FOR-US: Karaf container uses by Red Hat products
-CVE-2016-8647 [in some circumstances the mysql_user module may fail to correctly change a password]
-	RESERVED
+CVE-2016-8647 (An input validation vulnerability was found in Ansible's mysql_user ...)
 	- ansible 2.2.0.0-4 (bug #844691)
 	[jessie] - ansible <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ansible/ansible-modules-core/pull/5388
@@ -123864,7 +123836,8 @@ CVE-2015-7944 (The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti
 	[squeeze] - ganeti <end-of-life> (Depends on KVM/Xen, unsupported in Squeeze LTS)
 	NOTE: http://www.ocert.org/advisories/ocert-2015-012.html
 	NOTE: http://git.ganeti.org/?p=ganeti.git;a=commit;h=201fcb916b8164c78f4ed8e0c9cfc0227a78684c
-CVE-2015-9261 [busybox: pointer misuse unziping files]
+CVE-2015-9261 (huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before ...)
+	{DLA-337-1}
 	- busybox 1:1.27.2-1 (bug #803097)
 	[stretch] - busybox <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/25/3
author	security tracker role <sectracker@soriano.debian.org>	2018-07-26 20:10:23 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2018-07-26 20:10:23 +0000
commit	137808f0de8bf75c65bab662a04b0d7ab296f2c9 (patch)
tree	4ceeda90f7fea0b1c140daec258a410aa4292610 /data
parent	29254756fbde575b659bf7fa19821f7a844511f3 (diff)