automatic update

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@52964 e39458fd-73e7-0310-bf30-c45bca0a0e42

6 files changed, 98 insertions, 109 deletions

diff --git a/data/CVE/2004.list b/data/CVE/2004.list
index c559b61a3c..299ca50667 100644
--- a/data/CVE/2004.list
+++ b/data/CVE/2004.list
@@ -1,5 +1,4 @@
-CVE-2004-2778
-	RESERVED
+CVE-2004-2778 (Ebuild in Gentoo may change directory and file permissions depending ...)
 	NOT-FOR-US: Gentoo ebuilds dir permissions at install time
 CVE-2004-2777 (GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet ...)
 	NOT-FOR-US: GE Healthcare Centricity Image Vault
diff --git a/data/CVE/2012.list b/data/CVE/2012.list
index 7ab2429768..01be06d33c 100644
--- a/data/CVE/2012.list
+++ b/data/CVE/2012.list
@@ -4240,8 +4240,8 @@ CVE-2012-5012
 	RESERVED
 CVE-2012-5011
 	RESERVED
-CVE-2012-5010
-	RESERVED
+CVE-2012-5010 (ASA 5515-X Adaptive Security Appliance Adaptive Security Appliance ...)
+	TODO: check
 CVE-2012-5009
 	RESERVED
 CVE-2012-5008
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index 51b44381bd..d26d8868a0 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -5420,8 +5420,8 @@ CVE-2014-8150 (CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.
 	{DSA-3122-1 DLA-134-1}
 	- curl 7.38.0-4
 	NOTE: http://curl.haxx.se/docs/adv_20150108B.html
-CVE-2014-8149
-	RESERVED
+CVE-2014-8149 (OpenDaylight defense4all 1.1.0 and earlier allows remote authenticated ...)
+	TODO: check
 CVE-2014-8148 (The default D-Bus access control rule in Midgard2 10.05.7.1 allows ...)
 	- midgard2-core <removed> (bug #774630)
 CVE-2014-8147 (The resolveImplicitLevels function in common/ubidi.c in the Unicode ...)
@@ -9826,8 +9826,8 @@ CVE-2014-6356 (Array index error in Microsoft Word 2007 SP3, Word 2010 SP2, and
 	NOT-FOR-US: Microsoft Word
 CVE-2014-6355 (The Graphics Component in Microsoft Windows Server 2003 SP2, Windows ...)
 	NOT-FOR-US: Microsft Windows
-CVE-2014-6354
-	RESERVED
+CVE-2014-6354 (Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, ...)
+	TODO: check
 CVE-2014-6353 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
 	NOT-FOR-US: Microsoft
 CVE-2014-6352 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index b5f5689e3c..a16ed8f0ff 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -1923,8 +1923,7 @@ CVE-2015-8616 (Use-after-free vulnerability in the Collator::sortWithSortKeys ..
 	- php7.0 7.0.1-1
 	NOTE: https://bugs.php.net/bug.php?id=71020
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/22/4
-CVE-2015-8697 [Insecure use of temporary files]
-	RESERVED
+CVE-2015-8697 (stalin 0.11-5 allows local users to write to arbitrary files. ...)
 	- stalin <unfixed> (unimportant; bug #808730)
 	[squeeze] - stalin <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/27/1
@@ -4177,14 +4176,14 @@ CVE-2015-7901 (Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.
 	NOT-FOR-US: Mango Automation
 CVE-2015-7900 (Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 ...)
 	NOT-FOR-US: Mango Automation
-CVE-2015-7898
-	RESERVED
+CVE-2015-7898 (Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a ...)
+	TODO: check
 CVE-2015-7897 (The media scanning functionality in the face recognition library in ...)
 	NOT-FOR-US: Samsung
 CVE-2015-7896
 	RESERVED
-CVE-2015-7895
-	RESERVED
+CVE-2015-7895 (Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a ...)
+	TODO: check
 CVE-2015-7894
 	RESERVED
 CVE-2015-7893 (SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, ...)
@@ -4582,10 +4581,10 @@ CVE-2015-7783 (Cross-site scripting (XSS) vulnerability in Let's PHP! p++BBS bef
 	NOT-FOR-US: p++BBS
 CVE-2015-7782 (Cross-site scripting (XSS) vulnerability in Let's PHP! Frame ...)
 	NOT-FOR-US: Let's PHP!
-CVE-2015-7781
-	RESERVED
-CVE-2015-7780
-	RESERVED
+CVE-2015-7781 (ManageEngine Firewall Analyzer before 8.0 does not restrict access ...)
+	TODO: check
+CVE-2015-7780 (Directory traversal vulnerability in ManageEngine Firewall Analyzer ...)
+	TODO: check
 CVE-2015-7779
 	REJECTED
 CVE-2015-7778
@@ -5119,8 +5118,8 @@ CVE-2015-7584
 	REJECTED
 CVE-2015-7583
 	REJECTED
-CVE-2015-7582
-	RESERVED
+CVE-2015-7582 (Satellite 6.1.0 allows remote authenticated users to read ...)
+	TODO: check
 CVE-2015-7581 (actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in ...)
 	{DSA-3464-1}
 	- rails 2:4.2.5.1-1
@@ -10909,8 +10908,7 @@ CVE-2015-5384
 CVE-2015-5379
 	RESERVED
 	NOT-FOR-US: Axigen
-CVE-2015-5378
-	RESERVED
+CVE-2015-5378 (Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote ...)
 	- logstash <itp> (bug #664841)
 CVE-2015-5377 [Remote code execution vulnerability]
 	RESERVED
@@ -11739,8 +11737,7 @@ CVE-2015-5182
 CVE-2015-5181
 	RESERVED
 	NOT-FOR-US: A-MQ's Hawtio console
-CVE-2015-5180 [DNS resolver NULL pointer dereference with crafted record type]
-	RESERVED
+CVE-2015-5180 (res_query in libresolv in glibc before 2.25 allows remote attackers to ...)
 	- glibc 2.24-9 (low; bug #796106)
 	[jessie] - glibc <no-dsa> (Minor issue, too intrusive to backport)
 	- eglibc <removed> (low)
@@ -15335,8 +15332,8 @@ CVE-2015-3842 (Multiple heap-based buffer overflows in libeffects in the Audio P
 	NOT-FOR-US: Android
 CVE-2015-3841
 	RESERVED
-CVE-2015-3840
-	RESERVED
+CVE-2015-3840 (The MessageStatusReceiver service in the AndroidManifest.XML in ...)
+	TODO: check
 CVE-2015-3839
 	RESERVED
 CVE-2015-3838
@@ -20142,8 +20139,8 @@ CVE-2015-2247 (Unspecified vulnerability in Boosted Boards skateboards allows ..
 	NOT-FOR-US: Boosted Boards skateboards
 CVE-2015-2246 (The MeWidget module on Huawei P7 smartphones with software P7-L10 ...)
 	NOT-FOR-US: Huawei
-CVE-2015-2245
-	RESERVED
+CVE-2015-2245 (Huawei Ascend P7 allows remote attackers to cause a denial of service ...)
+	TODO: check
 CVE-2015-2244 (Multiple cross-site scripting (XSS) vulnerabilities in Webshop hun ...)
 	NOT-FOR-US: Webshop hun
 CVE-2015-2243 (Directory traversal vulnerability in Webshop hun 1.062S allows remote ...)
@@ -21380,8 +21377,7 @@ CVE-2015-1796 (The PKIX trust engines in Shibboleth Identity Provider before 2.4
 	[jessie] - libopensaml2-java <no-dsa> (Minor issue)
 	NOTE: Only change between 2.6.4 and 2.6.5 seems http://svn.shibboleth.net/view/java-opensaml2/branches/REL_2/src/main/java/org/opensaml/saml2/metadata/provider/AbstractReloadingMetadataProvider.java?r1=1656&r2=1680
 	NOTE: http://shibboleth.net/community/advisories/secadv_20150225.txt
-CVE-2015-1795
-	RESERVED
+CVE-2015-1795 (Red Hat Gluster Storage RPM Package 3.2 allows local users to gain ...)
 	- glusterfs <not-affected> (Vulnerable code specific to glusterfs.spec and not present in source in Debian)
 CVE-2015-1794 (The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 ...)
 	- openssl 1.0.2e-1
@@ -21460,8 +21456,7 @@ CVE-2015-1779 (The VNC websocket frame decoder in QEMU allows remote attackers t
 	NOTE: Original patches have problem: https://lists.gnu.org/archive/html/qemu-devel/2015-03/msg04995.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=a2bebfd6e09d
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=2cdb5e142fb93
-CVE-2015-1778
-	RESERVED
+CVE-2015-1778 (The custom authentication realm used by karaf-tomcat's &quot;opendaylight&quot; ...)
 	NOT-FOR-US: OpenDaylight
 CVE-2015-1777 [rhnreg_ks fails to properly validate SSL/TLS certificates]
 	RESERVED
@@ -23358,8 +23353,7 @@ CVE-2015-4470 (Off-by-one error in the inflate function in mszipd.c in libmspack
 CVE-2015-4472 (Off-by-one error in the READ_ENCINT macro in chmd.c in libmspack ...)
 	- libmspack 0.5-1 (bug #775687)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/03/11
-CVE-2015-1591
-	RESERVED
+CVE-2015-1591 (The kamailio build in kamailio before 4.2.0-2 process allows local ...)
 	- kamailio 4.2.0-2 (bug #775681)
 	NOTE: https://github.com/kamailio/kamailio/issues/48
 CVE-2015-1590
@@ -23864,8 +23858,7 @@ CVE-2015-0957
 	RESERVED
 CVE-2015-0956
 	RESERVED
-CVE-2015-0955
-	RESERVED
+CVE-2015-0955 (Cross-site scripting (XSS) vulnerability in Adobe Experience Manager ...)
 	NOT-FOR-US: Adobe Experience Manager
 CVE-2015-0954
 	RESERVED
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index 66d78ce580..1288ee9248 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -1325,8 +1325,8 @@ CVE-2016-9974
 	RESERVED
 CVE-2016-9973 (IBM Jazz Foundation is vulnerable to cross-site scripting. This ...)
 	NOT-FOR-US: IBM
-CVE-2016-9972
-	RESERVED
+CVE-2016-9972 (IBM QRadar 7.2 and 7.3 could allow a remote attacker to obtain ...)
+	TODO: check
 CVE-2016-9971
 	RESERVED
 CVE-2016-9970
@@ -2184,8 +2184,8 @@ CVE-2016-9740 (IBM QRadar 7.2 could allow a remote attacker to consume all resou
 	NOT-FOR-US: IBM
 CVE-2016-9739 (IBM Security Identity Manager Virtual Appliance stores user ...)
 	NOT-FOR-US: IBM
-CVE-2016-9738
-	RESERVED
+CVE-2016-9738 (IBM QRadar 7.2 and 7.3 does not require that users should have strong ...)
+	TODO: check
 CVE-2016-9737 (IBM TRIRIGA 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. ...)
 	NOT-FOR-US: IBM
 CVE-2016-9736 (IBM WebSphere Application Server using malformed SOAP requests could ...)
@@ -10334,8 +10334,7 @@ CVE-2016-7064
 	RESERVED
 CVE-2016-7063
 	RESERVED
-CVE-2016-7062
-	RESERVED
+CVE-2016-7062 (rhscon-ceph in Red Hat Storage Console 2 x86_64 and Red Hat Storage ...)
 	NOT-FOR-US: Red Hat rhscon-core
 CVE-2016-7061
 	RESERVED
@@ -12508,8 +12507,7 @@ CVE-2016-6344 (Red Hat JBoss BPM Suite 6.3.x does not include the HTTPOnly flag
 CVE-2016-6343
 	RESERVED
 	NOT-FOR-US: JBoss BPMS
-CVE-2016-6342 [posting entry as arbitrary username by improper authentication]
-	RESERVED
+CVE-2016-6342 (elog 3.1.1 allows remote attackers to post data as any username in the ...)
 	- elog 3.1.2-1-1 (bug #836505)
 	[jessie] - elog 2.9.2+2014.05.11git44800a7-2+deb8u1
 	NOTE: https://bitbucket.org/ritt/elog/commits/2f6a300572bd6048351af8c45394ae62230c83d9
@@ -13735,8 +13733,8 @@ CVE-2016-6085 (IBM BigFix Platform could allow an attacker on the local network
 	NOT-FOR-US: IBM
 CVE-2016-6084 (IBM BigFix Platform could allow an attacker on the local network to ...)
 	NOT-FOR-US: IBM
-CVE-2016-6083
-	RESERVED
+CVE-2016-6083 (IBM Tivoli Monitoring V6 could allow an unauthenticated user to access ...)
+	TODO: check
 CVE-2016-6082 (IBM BigFix Platform could allow a remote attacker to execute arbitrary ...)
 	NOT-FOR-US: IBM
 CVE-2016-6081
@@ -15541,8 +15539,7 @@ CVE-2016-5416 (389 Directory Server in Red Hat Enterprise Linux Desktop 6 throug
 	NOTE: Potentially related: https://fedorahosted.org/389/ticket/48354
 CVE-2016-5415
 	RESERVED
-CVE-2016-5414 [incorrect check for SubjectAltNames during CA ACL check]
-	RESERVED
+CVE-2016-5414 (FreeIPA 4.4.0 allows remote attackers to request an arbitrary SAN name ...)
 	- freeipa <not-affected> (Vulnerable code introduced in the 4.4.0 release)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1360757
 	NOTE: https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=25ed36fda14b30d6a50746a536939e3b428993cb
@@ -18919,8 +18916,8 @@ CVE-2016-4385 (The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.
 	NOT-FOR-US: HPE Network Automation
 CVE-2016-4384 (HPE Performance Center before 12.50 and LoadRunner before 12.50 allow ...)
 	NOT-FOR-US: HPE Performance Center
-CVE-2016-4383
-	RESERVED
+CVE-2016-4383 (The glance-manage db in all versions of HPE Helion Openstack Glance ...)
+	TODO: check
 CVE-2016-4382 (HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows ...)
 	NOT-FOR-US: HPE Performance Center
 CVE-2016-4381 (HPE XP7 Command View Advanced Edition (CVAE) Suite 6.x through 8.x ...)
@@ -28841,8 +28838,7 @@ CVE-2016-0961 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before
 	NOT-FOR-US: Adobe Flash
 CVE-2016-0960 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2016-0959
-	RESERVED
+CVE-2016-0959 (Use after free vulnerability in Adobe Flash Player Desktop Runtime ...)
 	NOT-FOR-US: Adobe Flash
 CVE-2016-0958 (Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 might allow remote ...)
 	NOT-FOR-US: Adobe
diff --git a/data/CVE/2017.list b/data/CVE/2017.list
index da455aaeba..975f727822 100644
--- a/data/CVE/2017.list
+++ b/data/CVE/2017.list
@@ -1,3 +1,7 @@
+CVE-2017-9983
+	RESERVED
+CVE-2017-9982 (TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of ...)
+	TODO: check
 CVE-2017-9981
 	RESERVED
 CVE-2017-9980
@@ -312,8 +316,8 @@ CVE-2017-9843
 	RESERVED
 CVE-2017-9842
 	RESERVED
-CVE-2017-9841
-	RESERVED
+CVE-2017-9841 (Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 ...)
+	TODO: check
 CVE-2017-9840 (Dolibarr ERP/CRM 5.0.3 and prior allows low-privilege users to upload ...)
 	- dolibarr <unfixed>
 CVE-2017-9839
@@ -340,8 +344,8 @@ CVE-2017-9831 (An integer overflow vulnerability in the ptp_unpack_EOS_CustomFun
 	[jessie] - libmtp <no-dsa> (Minor issue; can be fixed in a point release)
 	NOTE: https://sourceforge.net/p/libmtp/mailman/message/35735992/
 	NOTE: https://sourceforge.net/p/libmtp/code/ci/aa7d91a789873a9d86969028e57f888a1241c085/
-CVE-2017-9830
-	RESERVED
+CVE-2017-9830 (Remote Code Execution is possible in Code42 CrashPlan 5.4.x via the ...)
+	TODO: check
 CVE-2017-9829 ('/cgi-bin/admin/downloadMedias.cgi' of the web service in most of the ...)
 	NOT-FOR-US: VIVOTEK Network Cameras
 CVE-2017-9828 ('/cgi-bin/admin/testserver.cgi' of the web service in most of the ...)
@@ -3183,16 +3187,16 @@ CVE-2017-9259
 	RESERVED
 CVE-2017-9258
 	RESERVED
-CVE-2017-9257
-	RESERVED
-CVE-2017-9256
-	RESERVED
-CVE-2017-9255
-	RESERVED
-CVE-2017-9254
-	RESERVED
-CVE-2017-9253
-	RESERVED
+CVE-2017-9257 (The mp4ff_read_ctts function in common/mp4ff/mp4atom.c in Freeware ...)
+	TODO: check
+CVE-2017-9256 (The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware ...)
+	TODO: check
+CVE-2017-9255 (The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware ...)
+	TODO: check
+CVE-2017-9254 (The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware ...)
+	TODO: check
+CVE-2017-9253 (The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware ...)
+	TODO: check
 CVE-2017-9287 (servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to ...)
 	{DSA-3868-1 DLA-972-1}
 	- openldap 2.4.44+dfsg-5 (bug #863563)
@@ -3291,18 +3295,18 @@ CVE-2017-9224 (An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-
 	[jessie] - libonig <no-dsa> (Minor issue)
 	NOTE: https://github.com/kkos/oniguruma/commit/690313a061f7a4fa614ec5cc8368b4f2284e059b
 	NOTE: https://github.com/kkos/oniguruma/issues/57
-CVE-2017-9223
-	RESERVED
-CVE-2017-9222
-	RESERVED
-CVE-2017-9221
-	RESERVED
-CVE-2017-9220
-	RESERVED
-CVE-2017-9219
-	RESERVED
-CVE-2017-9218
-	RESERVED
+CVE-2017-9223 (The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware ...)
+	TODO: check
+CVE-2017-9222 (The mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware ...)
+	TODO: check
+CVE-2017-9221 (The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware ...)
+	TODO: check
+CVE-2017-9220 (The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware ...)
+	TODO: check
+CVE-2017-9219 (The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware ...)
+	TODO: check
+CVE-2017-9218 (The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware ...)
+	TODO: check
 CVE-2017-9217 (systemd-resolved through 233 allows remote attackers to cause a denial ...)
 	[experimental] - systemd 233-8
 	- systemd 232-24 (bug #863277)
@@ -7843,12 +7847,11 @@ CVE-2017-7526
 	RESERVED
 CVE-2017-7525
 	RESERVED
-CVE-2017-7524
-	RESERVED
+CVE-2017-7524 (tpm2-tools versions before 1.1.1 are vulnerable to a password leak due ...)
+	TODO: check
 CVE-2017-7523
 	RESERVED
-CVE-2017-7522 [Crash mbed TLS/PolarSSL-based server]
-	RESERVED
+CVE-2017-7522 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to ...)
 	- openvpn 2.4.3-1 (unimportant)
 	[jessie] - openvpn <not-affected> (x509-track implemented in 2.4.0)
 	[wheezy] - openvpn <not-affected> (x509-track implemented in 2.4.0)
@@ -7857,8 +7860,8 @@ CVE-2017-7522 [Crash mbed TLS/PolarSSL-based server]
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/21/6
 	NOTE: In Debian openvpn is compiled against OpenSSL, thus even affected
 	NOTE: code present.
-CVE-2017-7521 [Potential double-free in --x509-alt-username and memory leaks]
-	RESERVED
+CVE-2017-7521 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to ...)
+	{DSA-3900-1}
 	- openvpn 2.4.3-1 (bug #865480)
 	NOTE: Fixed by (master): https://github.com/OpenVPN/openvpn/commit/2d032c7fcdfd692c851ea2fa858b4c2d9ea7d52d
 	NOTE: Fixed by (master): https://github.com/OpenVPN/openvpn/commit/cb4e35ece4a5b70b10ef9013be3bff263d82f32b
@@ -7868,9 +7871,8 @@ CVE-2017-7521 [Potential double-free in --x509-alt-username and memory leaks]
 	NOTE: Fixed by (2.3.x): https://github.com/OpenVPN/openvpn/commit/1dde0cd6e5e6a0f2f45ec9969b7ff1b6537514ad
 	NOTE: https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/21/6
-CVE-2017-7520 [Pre-authentication remote crash/information disclosure for clients]
-	RESERVED
-	{DLA-999-1}
+CVE-2017-7520 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to ...)
+	{DSA-3900-1 DLA-999-1}
 	- openvpn 2.4.3-1 (bug #865480)
 	NOTE: Fixed by (master): https://github.com/OpenVPN/openvpn/commit/7718c8984f04b507c1885f363970e2124e3c6c77
 	NOTE: Fixed by (2.4.x): https://github.com/OpenVPN/openvpn/commit/043fe327878eba75efa13794c9845f85c3c629f2
@@ -7916,8 +7918,8 @@ CVE-2017-7510
 CVE-2017-7509
 	RESERVED
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2017-7508 [Remotely-triggerable ASSERT() on malformed IPv6 packet]
-	RESERVED
+CVE-2017-7508 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to ...)
+	{DSA-3900-1}
 	- openvpn 2.4.3-1 (bug #865480)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/21/6
 	NOTE: https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
@@ -11691,8 +11693,7 @@ CVE-2017-6088 (Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON)
 	NOT-FOR-US: EyesOfNetwork
 CVE-2017-6087 (EyesOfNetwork (&quot;EON&quot;) 5.0 and earlier allows remote authenticated ...)
 	NOT-FOR-US: EyesOfNetwork
-CVE-2017-6086
-	RESERVED
+CVE-2017-6086 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
 	NOT-FOR-US: ViMbAdmin
 CVE-2017-6085
 	RESERVED
@@ -19803,12 +19804,12 @@ CVE-2017-2845
 	RESERVED
 CVE-2017-2844
 	RESERVED
-CVE-2017-2843
-	RESERVED
-CVE-2017-2842
-	RESERVED
-CVE-2017-2841
-	RESERVED
+CVE-2017-2843 (In the web management interface in Foscam C1 Indoor HD Camera running ...)
+	TODO: check
+CVE-2017-2842 (In the web management interface in Foscam C1 Indoor HD Camera running ...)
+	TODO: check
+CVE-2017-2841 (An exploitable command injection vulnerability exists in the web ...)
+	TODO: check
 CVE-2017-2840
 	RESERVED
 CVE-2017-2839
@@ -20751,8 +20752,8 @@ CVE-2017-2493
 	RESERVED
 CVE-2017-2492
 	RESERVED
-CVE-2017-2491
-	RESERVED
+CVE-2017-2491 (Use after free vulnerability in the String.replace method ...)
+	TODO: check
 CVE-2017-2490 (An issue was discovered in certain Apple products. iOS before 10.3 is ...)
 	NOT-FOR-US: Apple involving Kernel component
 CVE-2017-2489 (An issue was discovered in certain Apple products. macOS before ...)
@@ -23126,8 +23127,8 @@ CVE-2017-1330
 	RESERVED
 CVE-2017-1329
 	RESERVED
-CVE-2017-1328
-	RESERVED
+CVE-2017-1328 (IBM API Connect 5.0.0.0 - 5.0.6.0 could allow a remote attacker to ...)
+	TODO: check
 CVE-2017-1327
 	RESERVED
 CVE-2017-1326 (IBM Sterling File Gateway does not properly restrict user requests ...)
@@ -23138,8 +23139,8 @@ CVE-2017-1324
 	RESERVED
 CVE-2017-1323
 	RESERVED
-CVE-2017-1322
-	RESERVED
+CVE-2017-1322 (IBM API Connect 5.0.6.0 is vulnerable to an XML External Entity ...)
+	TODO: check
 CVE-2017-1321
 	RESERVED
 CVE-2017-1320 (IBM Tivoli Federated Identity Manager 6.2 is vulnerable to cross-site ...)
@@ -23188,8 +23189,8 @@ CVE-2017-1299
 	RESERVED
 CVE-2017-1298
 	REJECTED
-CVE-2017-1297
-	RESERVED
+CVE-2017-1297 (IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 ...)
+	TODO: check
 CVE-2017-1296
 	RESERVED
 CVE-2017-1295
@@ -23314,8 +23315,8 @@ CVE-2017-1236
 	RESERVED
 CVE-2017-1235
 	RESERVED
-CVE-2017-1234
-	RESERVED
+CVE-2017-1234 (IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting. This ...)
+	TODO: check
 CVE-2017-1233
 	RESERVED
 CVE-2017-1232
@@ -23573,8 +23574,8 @@ CVE-2017-1107
 	RESERVED
 CVE-2017-1106
 	RESERVED
-CVE-2017-1105
-	RESERVED
+CVE-2017-1105 (IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 ...)
+	TODO: check
 CVE-2017-1104 (IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to ...)
 	NOT-FOR-US: IBM
 CVE-2017-1103 (IBM Team Concert (RTC) is vulnerable to a denial of service, caused by ...)