automatic update

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@54378 e39458fd-73e7-0310-bf30-c45bca0a0e42

3 files changed, 99 insertions, 67 deletions

diff --git a/data/CVE/2006.list b/data/CVE/2006.list
index 37a3b44c03..35b9e749c5 100644
--- a/data/CVE/2006.list
+++ b/data/CVE/2006.list
@@ -8130,8 +8130,7 @@ CVE-2006-3637 (Microsoft Internet Explorer 5.01 SP4 and 6 does not properly hand
 CVE-2006-3636 (Multiple cross-site scripting (XSS) vulnerabilities in Mailman before ...)
 	{DSA-1188-1}
 	- mailman 1:2.1.8-3
-CVE-2006-3635 [local denial-of-service on Itanium]
-	RESERVED
+CVE-2006-3635 (The ia64 subsystem in the Linux kernel before 2.6.26 allows local users ...)
 	- linux <not-affected> (Fixed before initial rename to src:linux)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=199440
 	NOTE: Fixed by: https://git.kernel.org/linus/4dcc29e1574d88f4465ba865ed82800032f76418 (2.6.26-rc5)
diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index 22e1fddda5..06b37ee793 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -1559,8 +1559,8 @@ CVE-2011-4652
 	RESERVED
 CVE-2011-4651
 	RESERVED
-CVE-2011-4650
-	RESERVED
+CVE-2011-4650 (Cisco Data Center Network Manager is affected by Excessive Logging ...)
+	TODO: check
 CVE-2011-4649
 	RESERVED
 CVE-2011-4648
diff --git a/data/CVE/2017.list b/data/CVE/2017.list
index 2d3f1de20d..3ece2c2fa2 100644
--- a/data/CVE/2017.list
+++ b/data/CVE/2017.list
@@ -1,3 +1,27 @@
+CVE-2017-12606 (OpenCV (Open Source Computer Vision Library) through 3.3 has an ...)
+	TODO: check
+CVE-2017-12605 (OpenCV (Open Source Computer Vision Library) through 3.3 has an ...)
+	TODO: check
+CVE-2017-12604 (OpenCV (Open Source Computer Vision Library) through 3.3 has an ...)
+	TODO: check
+CVE-2017-12603 (OpenCV (Open Source Computer Vision Library) through 3.3 has an invalid ...)
+	TODO: check
+CVE-2017-12602 (OpenCV (Open Source Computer Vision Library) through 3.3 has a denial ...)
+	TODO: check
+CVE-2017-12601 (OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer ...)
+	TODO: check
+CVE-2017-12600 (OpenCV (Open Source Computer Vision Library) through 3.3 has a denial ...)
+	TODO: check
+CVE-2017-12599 (OpenCV (Open Source Computer Vision Library) through 3.3 has an ...)
+	TODO: check
+CVE-2017-12598 (OpenCV (Open Source Computer Vision Library) through 3.3 has an ...)
+	TODO: check
+CVE-2017-12597 (OpenCV (Open Source Computer Vision Library) through 3.3 has an ...)
+	TODO: check
+CVE-2017-12596 (In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read ...)
+	TODO: check
+CVE-2017-12595
+	RESERVED
 CVE-2017-12594
 	RESERVED
 CVE-2017-12593
@@ -3446,6 +3470,7 @@ CVE-2017-11178 (In FineCMS through 2017-07-11, application/core/controller/style
 CVE-2017-11177
 	RESERVED
 CVE-2017-11176 (The mq_notify function in the Linux kernel through 4.11.9 does not set ...)
+	{DSA-3927-1}
 	- linux 4.11.11-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f991af3daabaecff34684fd51fac80319d1baad1
 CVE-2017-11175
@@ -4602,6 +4627,7 @@ CVE-2017-10812
 CVE-2017-10811
 	RESERVED
 CVE-2017-10810 (Memory leak in the virtio_gpu_object_create function in ...)
+	{DSA-3927-1}
 	- linux 4.11.11-1 (low)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -7140,7 +7166,7 @@ CVE-2017-10912 (Xen through 4.8.x mishandles page transfer, which allows guest O
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-217.html
 CVE-2017-10911 (The make_response function in drivers/block/xen-blkback/blkback.c in ...)
-	{DSA-3920-1}
+	{DSA-3927-1 DSA-3920-1}
 	- linux 4.11.11-1
 	- qemu 1:2.8+dfsg-7 (bug #869706)
 	NOTE: https://xenbits.xen.org/xsa/advisory-216.html
@@ -7196,6 +7222,7 @@ CVE-2017-1000364 (An issue was discovered in the size of the stack guard page on
 	[stretch] - linux 4.9.30-2+deb9u1
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 CVE-2017-1000365 (The Linux Kernel imposes a size restriction on the arguments and ...)
+	{DSA-3927-1}
 	- linux 4.11.11-1
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 	NOTE: Fixed by: https://git.kernel.org/linus/98da7d08850fb8bdeb395d6368ed15753304aa0c
@@ -7555,8 +7582,8 @@ CVE-2017-9649
 	RESERVED
 CVE-2017-9648
 	RESERVED
-CVE-2017-9647
-	RESERVED
+CVE-2017-9647 (A Stack-Based Buffer Overflow issue was discovered in the Continental ...)
+	TODO: check
 CVE-2017-9646
 	RESERVED
 CVE-2017-9645
@@ -7583,14 +7610,14 @@ CVE-2017-9635
 	RESERVED
 CVE-2017-9634
 	RESERVED
-CVE-2017-9633
-	RESERVED
-CVE-2017-9632
-	RESERVED
+CVE-2017-9633 (An Improper Restriction of Operations within the Bounds of a Memory ...)
+	TODO: check
+CVE-2017-9632 (A Missing Encryption of Sensitive Data issue was discovered in PDQ ...)
+	TODO: check
 CVE-2017-9631 (A Null Pointer Dereference issue was discovered in Schneider Electric ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9630
-	RESERVED
+CVE-2017-9630 (An Improper Authentication issue was discovered in PDQ Manufacturing ...)
+	TODO: check
 CVE-2017-9629 (A Stack-Based Buffer Overflow issue was discovered in Schneider ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2017-9628
@@ -7683,6 +7710,7 @@ CVE-2017-1000379 (The Linux Kernel running on AMD64 systems will sometimes map t
 CVE-2017-1000378 (The NetBSD qsort() function is recursive, and not randomized, an ...)
 	NOT-FOR-US: NetBSD
 CVE-2017-9605 (The vmw_gb_surface_define_ioctl function (accessible via ...)
+	{DSA-3927-1}
 	- linux 4.11.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/13/2
@@ -12148,24 +12176,24 @@ CVE-2017-7938 (Stack-based buffer overflow in DMitry (Deepmagic Information Gath
 	NOT-FOR-US: DMitry
 CVE-2017-7937 (An Improper Authentication issue was discovered in Phoenix Contact GmbH ...)
 	NOT-FOR-US: Phoenix Contact
-CVE-2017-7936
-	RESERVED
+CVE-2017-7936 (A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX ...)
+	TODO: check
 CVE-2017-7935 (A Resource Exhaustion issue was discovered in Phoenix Contact GmbH ...)
 	NOT-FOR-US: Phoenix Contact
 CVE-2017-7934
 	RESERVED
 CVE-2017-7933
 	RESERVED
-CVE-2017-7932
-	RESERVED
+CVE-2017-7932 (An improper certificate validation issue was discovered in NXP i.MX 28 ...)
+	TODO: check
 CVE-2017-7931
 	RESERVED
 CVE-2017-7930
 	RESERVED
 CVE-2017-7929 (An Absolute Path Traversal issue was discovered in Advantech WebAccess ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-7928
-	RESERVED
+CVE-2017-7928 (An Improper Access Control issue was discovered in Schweitzer ...)
+	TODO: check
 CVE-2017-7927 (A Use of Password Hash Instead of Password for Authentication issue was ...)
 	NOT-FOR-US: Dahua
 CVE-2017-7926
@@ -12180,16 +12208,16 @@ CVE-2017-7922 (An Improper Privilege Management issue was discovered in Cambium
 	NOT-FOR-US: Cambium Networks ePMP
 CVE-2017-7921 (An Improper Authentication issue was discovered in Hikvision ...)
 	NOT-FOR-US: Hikvision
-CVE-2017-7920
-	RESERVED
+CVE-2017-7920 (An Improper Authentication issue was discovered in ABB VSN300 WiFi ...)
+	TODO: check
 CVE-2017-7919 (An Improper Authentication issue was discovered in Newport XPS-Cx and ...)
 	NOT-FOR-US: Newport
 CVE-2017-7918 (An Improper Access Control issue was discovered in Cambium Networks ...)
 	NOT-FOR-US: Cambium Networks ePMP
 CVE-2017-7917 (A Cross-Site Request Forgery issue was discovered in Moxa OnCell ...)
 	NOT-FOR-US: Moxa
-CVE-2017-7916
-	RESERVED
+CVE-2017-7916 (A Permissions, Privileges, and Access Controls issue was discovered in ...)
+	TODO: check
 CVE-2017-7915 (An Improper Restriction of Excessive Authentication Attempts issue was ...)
 	NOT-FOR-US: Moxa
 CVE-2017-7914 (A Missing Authorization issue was discovered in Rockwell Automation ...)
@@ -13373,9 +13401,11 @@ CVE-2017-7544
 CVE-2017-7543
 	RESERVED
 CVE-2017-7542 (The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux ...)
+	{DSA-3927-1}
 	- linux <unfixed>
 	NOTE: Fixed by: https://git.kernel.org/linus/6399f1fae4ec29fab5ec76070435555e256ca3a6
 CVE-2017-7541 (The brcmf_cfg80211_mgmt_tx function in ...)
+	{DSA-3927-1}
 	- linux <unfixed>
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/8f44c9a41386729fea410e688959ddaa9d51be7c
@@ -13403,6 +13433,7 @@ CVE-2017-7535
 CVE-2017-7534
 	RESERVED
 CVE-2017-7533 (Race condition in the fsnotify implementation in the Linux kernel ...)
+	{DSA-3927-1}
 	- linux <unfixed>
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/03/2
@@ -13644,6 +13675,7 @@ CVE-2017-7483 (Rxvt 2.7.10 is vulnerable to a denial of service attack by passin
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/01/15
 CVE-2017-7482
 	RESERVED
+	{DSA-3927-1}
 	- linux 4.11.11-1
 	NOTE: Fixed by: https://git.kernel.org/linus/5f2f97656ada8d811d3c1bef503ced266fcd53a0
 CVE-2017-7481 [Security issue with lookup return not tainting the jinja2 environment]
@@ -14066,6 +14098,7 @@ CVE-2017-7348
 CVE-2017-7347
 	RESERVED
 CVE-2017-7346 (The vmw_gb_surface_define_ioctl function in ...)
+	{DSA-3927-1}
 	- linux 4.11.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.14)
 	NOTE: Fixed by: https://git.kernel.org/linus/ee9c4e681ec4f58e42a83cb0c22a0289ade1aacf
@@ -15538,44 +15571,44 @@ CVE-2017-6772
 	RESERVED
 CVE-2017-6771
 	RESERVED
-CVE-2017-6770
-	RESERVED
-CVE-2017-6769
-	RESERVED
+CVE-2017-6770 (Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software ...)
+	TODO: check
+CVE-2017-6769 (A vulnerability in the web-based management interface of the Cisco ...)
+	TODO: check
 CVE-2017-6768
 	RESERVED
 CVE-2017-6767
 	RESERVED
-CVE-2017-6766
-	RESERVED
-CVE-2017-6765
-	RESERVED
-CVE-2017-6764
-	RESERVED
-CVE-2017-6763
-	RESERVED
-CVE-2017-6762
-	RESERVED
-CVE-2017-6761
-	RESERVED
+CVE-2017-6766 (A vulnerability in the Secure Sockets Layer (SSL) Decryption and ...)
+	TODO: check
+CVE-2017-6765 (A vulnerability in the web-based management interface of Cisco Adaptive ...)
+	TODO: check
+CVE-2017-6764 (A vulnerability in the web-based management interface of Cisco Adaptive ...)
+	TODO: check
+CVE-2017-6763 (A vulnerability in the implementation of the H.264 protocol in Cisco ...)
+	TODO: check
+CVE-2017-6762 (A vulnerability in the web-based management interface of Cisco Jabber ...)
+	TODO: check
+CVE-2017-6761 (A vulnerability in the web-based management interface of Cisco Finesse ...)
+	TODO: check
 CVE-2017-6760
 	RESERVED
-CVE-2017-6759
-	RESERVED
-CVE-2017-6758
-	RESERVED
-CVE-2017-6757
-	RESERVED
-CVE-2017-6756
-	RESERVED
+CVE-2017-6759 (A vulnerability in the UpgradeManager of the Cisco Prime Collaboration ...)
+	TODO: check
+CVE-2017-6758 (A vulnerability in the web framework of Cisco Unified Communications ...)
+	TODO: check
+CVE-2017-6757 (A vulnerability in Cisco Unified Communications Manager ...)
+	TODO: check
+CVE-2017-6756 (A vulnerability in the Web UI Application of the Cisco Prime ...)
+	TODO: check
 CVE-2017-6755 (A vulnerability in the web portal of the Cisco Prime Collaboration ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6754
-	RESERVED
+CVE-2017-6754 (A vulnerability in the web-based management interface of the Cisco ...)
+	TODO: check
 CVE-2017-6753 (A vulnerability in Cisco WebEx browser extensions for Google Chrome and ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6752
-	RESERVED
+CVE-2017-6752 (A vulnerability in the web interface of the Cisco Adaptive Security ...)
+	TODO: check
 CVE-2017-6751 (A vulnerability in the web proxy functionality of the Cisco Web ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6750 (A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) ...)
@@ -15584,12 +15617,12 @@ CVE-2017-6749 (A vulnerability in the web-based management interface of Cisco We
 	NOT-FOR-US: Cisco
 CVE-2017-6748 (A vulnerability in the CLI parser of the Cisco Web Security Appliance ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6747
-	RESERVED
+CVE-2017-6747 (A vulnerability in the authentication module of Cisco Identity Services ...)
+	TODO: check
 CVE-2017-6746 (A vulnerability in the web interface of the Cisco Web Security ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6745
-	RESERVED
+CVE-2017-6745 (A vulnerability in the cache server within Cisco Videoscape ...)
+	TODO: check
 CVE-2017-6744 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6743 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
@@ -15748,12 +15781,12 @@ CVE-2017-6667 (A vulnerability in the update process for the dynamic JAR file of
 	NOT-FOR-US: Cisco
 CVE-2017-6666 (A vulnerability in the forwarding component of Cisco IOS XR Software ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6665
-	RESERVED
-CVE-2017-6664
-	RESERVED
-CVE-2017-6663
-	RESERVED
+CVE-2017-6665 (A vulnerability in the Autonomic Networking feature of Cisco IOS ...)
+	TODO: check
+CVE-2017-6664 (A vulnerability in the Autonomic Networking feature of Cisco IOS XE ...)
+	TODO: check
+CVE-2017-6663 (A vulnerability in the Autonomic Networking feature of Cisco IOS ...)
+	TODO: check
 CVE-2017-6662 (A vulnerability in the web-based user interface of Cisco Prime ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6661 (A vulnerability in the web-based management interface of Cisco Email ...)
@@ -16534,12 +16567,12 @@ CVE-2017-6422
 	RESERVED
 CVE-2017-6421
 	RESERVED
-CVE-2017-6420
-	RESERVED
-CVE-2017-6419
-	RESERVED
-CVE-2017-6418
-	RESERVED
+CVE-2017-6420 (The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows ...)
+	TODO: check
+CVE-2017-6419 (mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows ...)
+	TODO: check
+CVE-2017-6418 (libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a ...)
+	TODO: check
 CVE-2017-6417 (Code injection vulnerability in Avira Total Security Suite 15.0 (and ...)
 	NOT-FOR-US: Avira Total Security Suite
 CVE-2017-6416 (An issue was discovered in SysGauge 1.5.18. A buffer overflow ...)