automatic update

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@45409 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: security tracker role <sectracker@debian.org> 2016-10-17 21:10:18 +0000
committer: security tracker role <sectracker@debian.org> 2016-10-17 21:10:18 +0000
commit: e34ac8895c9d0684529b9d4088d5ee367ba8ee05 (patch)
tree: 85d74d479c619e7b687735c7e272ca8d1e33b91a
parent: 62c072aeac6de752d28100a6d555762f9f6057f5 (diff)
3 files changed, 73 insertions, 31 deletions
diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index 82d784a32b..28e9210027 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -1,3 +1,13 @@
+CVE-2005-4900 (SHA-1 is not collision resistant, which makes it easier for ...)
+	TODO: check
+CVE-2005-4899
+	RESERVED
+CVE-2005-4898
+	RESERVED
+CVE-2005-4897
+	RESERVED
+CVE-2005-4896
+	RESERVED
 CVE-2005-XXXX [more related to CVE-2005-4890]
 	- shadow <unfixed> (unimportant; bug #628843)
 	NOTE: only affects the su executable, so if you use sudo you're not affected
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index 31b608235b..dd212e0444 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -23,14 +23,12 @@ CVE-2015-8954 [suricata: evasion issues]
 	[wheezy] - suricata <no-dsa> (Minor issue)
 	[squeeze] - suricata <no-dsa> (Minor issue)
 	NOTE: https://redmine.openinfosecfoundation.org/issues/1364
-CVE-2015-8953
-	RESERVED
+CVE-2015-8953 (fs/overlayfs/copy_up.c in the Linux kernel before 4.2.6 uses an ...)
 	- linux 4.2.6-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/ab79efab0a0ba01a74df782eb7fa44b044dae8b5 (v4.3)
-CVE-2015-8952
-	RESERVED
+CVE-2015-8952 (The mbcache feature in the ext2 and ext4 filesystem implementations in ...)
 	- linux 4.6.1-1 (low)
 	[jessie] - linux <no-dsa> (Minor issue and too intrusive to backport, workaround exists with the no_mbcache mount flag)
 	NOTE: https://git.kernel.org/linus/f9a61eb4e2471c56a63cd804c7474128138c38ac (v4.6-rc1)
@@ -16673,8 +16671,7 @@ CVE-2015-3289 (OpenStack Glance before 2015.1.1 (kilo) allows remote authenticat
 	- glance 2015.1.0-4 (bug #793896)
 	[jessie] - glance <not-affected> (Vulnerable code introduced later)
 	[wheezy] - glance <not-affected> (Vulnerable code introduced later)
-CVE-2015-3288 [zero page memory arbitrary modification]
-	RESERVED
+CVE-2015-3288 (mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous ...)
 	- linux 4.2-1
 	[jessie] - linux 3.16.7-ckt17-1
 	[wheezy] - linux 3.2.71-1
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index e55651df29..6487e8edcc 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -1,69 +1,91 @@
+CVE-2016-8673
+	RESERVED
+CVE-2016-8672
+	RESERVED
 CVE-2016-6911 [invalid read in gdImageCreateFromTiffPtr()]
 	RESERVED
 	{DSA-3693-1}
 	- libgd2 <unfixed> (bug #840806)
 	NOTE: Corresponds to the 0020-Fix-invalid-read-in-gdImageCreateFromTiffPtr.patch patch
 CVE-2016-8703
+	RESERVED
 	- potrace 1.13-1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
 	TODO: check
 CVE-2016-8702
+	RESERVED
 	- potrace 1.13-1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
 	TODO: check
 CVE-2016-8701
+	RESERVED
 	- potrace 1.13-1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
 	TODO: check
 CVE-2016-8700
+	RESERVED
 	- potrace 1.13-1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
 	TODO: check
 CVE-2016-8699
+	RESERVED
 	- potrace 1.13-1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
 	TODO: check
 CVE-2016-8698
+	RESERVED
 	- potrace 1.13-1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
 	TODO: check
 CVE-2016-8697 [AddressSanitizer: FPE on unknown address 0x508d51 in bm_new ... bitmap.h]
+	RESERVED
 	- potrace 1.13-1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-divide-by-zero-in-bm_new-bitmap-h/
 	TODO: check
 CVE-2016-8696
+	RESERVED
 	- potrace 1.13-1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiple-three-null-pointer-dereference-in-bm_readbody_bmp-bitmap_io-c/
 	TODO: check
 CVE-2016-8695
+	RESERVED
 	- potrace 1.13-1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiple-three-null-pointer-dereference-in-bm_readbody_bmp-bitmap_io-c/
 	TODO: check
 CVE-2016-8694
+	RESERVED
 	- potrace 1.13-1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiple-three-null-pointer-dereference-in-bm_readbody_bmp-bitmap_io-c/
 	TODO: check
 CVE-2016-8693 [attempting double-free ... mem_close ... jas_stream.c]
+	RESERVED
 	- jasper <unfixed> (bug #841110)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-double-free-in-mem_close-jas_stream-c/
 CVE-2016-8692 [FPE on unknown address ... jpc_dec_process_siz ... jpc_dec.c]
+	RESERVED
 	- jasper <unfixed> (bug #841111)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-two-divide-by-zero-in-jpc_dec_process_siz-jpc_dec-c/
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/d8c2604cd438c41ec72aff52c16ebd8183068020 (version-1.900.4)
 CVE-2016-8691 [FPE on unknown address ... jpc_dec_process_siz ... jpc_dec.c]
+	RESERVED
 	- jasper <unfixed> (bug #841111)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-two-divide-by-zero-in-jpc_dec_process_siz-jpc_dec-c/
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/d8c2604cd438c41ec72aff52c16ebd8183068020 (version-1.900.4)
 CVE-2016-8690 [SEGV on unknown address ... bmp_getdata ... bmp_dec.c]
+	RESERVED
 	- jasper <unfixed> (bug #841112)
 	NOTE: CVE ID for the first and fifth items of http://www.openwall.com/lists/oss-security/2016/08/23/6 post
 	NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c/
 CVE-2016-8689
+	RESERVED
+	{DLA-661-1}
 	- libarchive 3.2.1-5 (bug #840934)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-read_header-archive_read_support_format_7zip-c/
 	NOTE: https://github.com/libarchive/libarchive/issues/761
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/7f17c791dcfd8c0416e2cd2485b19410e47ef126
 CVE-2016-8688
+	RESERVED
+	{DLA-661-1}
 	- libarchive 3.2.1-5 (bug #840935)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-detect_form-archive_read_support_format_mtree-c/
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-memory-corruptionunknown-crash-in-bid_entry-archive_read_support_format_mtree-c/
@@ -72,34 +94,42 @@ CVE-2016-8688
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-use-after-free-in-detect_form-archive_read_support_format_mtree-c/
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/eec077f52bfa2d3f7103b4b74d52572ba8a15aca
 CVE-2016-8687
+	RESERVED
+	{DLA-661-1}
 	- libarchive 3.2.1-5 (bug #840936)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-stack-based-buffer-overflow-in-bsdtar_expand_char-util-c/
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/e37b620fe8f14535d737e89a4dcabaed4517bf1a
 	NOTE: https://github.com/libarchive/libarchive/issues/767
 CVE-2016-8678 [heap-based buffer overflow in IsPixelMonochrome]
+	RESERVED
 	- imagemagick <unfixed>
 	NOTE: https://blogs.gentoo.org/ago/2016/10/07/imagemagick-heap-based-buffer-overflow-in-ispixelmonochrome-pixel-accessor-h/
 	TODO: check
 CVE-2016-8677 [memory allocate failure in AcquireQuantumPixels]
+	RESERVED
 	- imagemagick <unfixed>
 	NOTE: https://blogs.gentoo.org/ago/2016/10/07/imagemagick-memory-allocate-failure-in-acquirequantumpixels-quantum-c/
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/6e48aa92ff4e6e95424300ecd52a9ea453c19c60
 	TODO: check
 CVE-2016-8676 [Issue that remains after addressing CVE-2016-8675 with e5b019725f53b79159931d3a7317107cbbfd0860]
+	RESERVED
 	- libav <removed>
 	NOTE: https://blogs.gentoo.org/ago/2016/09/07/libav-null-pointer-dereference-in-get_vlc2_get_bits_h/
 CVE-2016-8675
+	RESERVED
 	- libav <removed>
 	NOTE: https://blogs.gentoo.org/ago/2016/09/07/libav-null-pointer-dereference-in-get_vlc2_get_bits_h/
 	NOTE: Fixed by: https://github.com/libav/libav/commit/e5b019725f53b79159931d3a7317107cbbfd0860
 	NOTE: Cf. CVE-2016-8676 as well which remain unfixed after e5b019725f53b79159931d3a7317107cbbfd0860
 CVE-2016-8674
+	RESERVED
 	- mupdf <unfixed> (bug #840957)
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=1e03c06456d997435019fb3526fa2d4be7dbc6ec
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697015
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697019
 	NOTE: (Wheezy) Crash is not reproducible with reprocuder. Needs clarification from upstream.
 CVE-2016-8670 [Stack Buffer Overflow in GD dynamicGetbuf]
+	RESERVED
 	{DSA-3693-1}
 	- libgd2 <unfixed> (bug #840805)
 	NOTE: Workaround entry for DSA-3693-1 until CVE assigned
@@ -107,14 +137,17 @@ CVE-2016-8670 [Stack Buffer Overflow in GD dynamicGetbuf]
 	NOTE: https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/15/1
 CVE-2016-8671 [Incomplete fix for CVE-2016-6887]
+	RESERVED
 	- matrixssl <not-affected> (Incomplete fix for CVE-2016-6887 not applied)
 	NOTE: https://blog.fuzzing-project.org/54-Update-on-MatrixSSL-miscalculation-incomplete-fix-for-CVE-2016-6887.html
 CVE-2016-8669 [char: divide by zero error in serial_update_parameters]
+	RESERVED
 	- qemu <unfixed> (bug #840945)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02461.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1384909
 CVE-2016-8668 [net: OOB buffer access in rocker switch emulation]
+	RESERVED
 	- qemu <unfixed> (bug #840948)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced after v2.4.0-rc0)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced after v2.4.0-rc0)
@@ -122,6 +155,7 @@ CVE-2016-8668 [net: OOB buffer access in rocker switch emulation]
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02501.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1384896
 CVE-2016-8667 [dma: rc4030 divide by zero error in set_next_tick]
+	RESERVED
 	- qemu <unfixed> (bug #840950)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02577.html
@@ -255,23 +289,20 @@ CVE-2016-8595
 	RESERVED
 CVE-2016-8594
 	RESERVED
-CVE-2016-8666 [tunnels: Don't apply GRO to multiple layers of encapsulation]
-	RESERVED
+CVE-2016-8666 (The IP stack in the Linux kernel before 4.6 allows remote attackers to ...)
 	- linux 4.6.1-1
 	[jessie] - linux 3.6.36-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/fac8e0f579695a3ecbc4d3cac369139d7f819971
 	NOTE: Introduced by: htttps://git.kernel.org/linus/bf5a755f5e9186406bbf50f4087100af5bd68e40
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/13/11
-CVE-2016-8660 [local DoS due to a page lock order bug in the XFS seek hole/data implementation]
-	RESERVED
+CVE-2016-8660 (The XFS subsystem in the Linux kernel through 4.8.2 allows local users ...)
 	- linux <unfixed>
 CVE-2016-8659 [privilege escalation via ptrace]
 	RESERVED
 	- bubblewrap 0.1.2-2 (bug #840605)
 	NOTE: https://github.com/projectatomic/bubblewrap/issues/107
-CVE-2016-8658 [Broadcom Wifi Driver Brcmfmac brcmf_cfg80211_start_ap Buffer Overflow]
-	RESERVED
+CVE-2016-8658 (Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in ...)
 	- linux 4.7.5-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later in 3.7)
 	NOTE: Fixed by: https://git.kernel.org/linus/ded89912156b1a47d940a0c954c43afbabd0c42c (v4.8-rc8)
@@ -504,34 +535,42 @@ CVE-2016-XXXX [dbus format string vulnerability]
 	NOTE: already have root privileges could induce systemd to send messages
 	NOTE: that would trigger the format string vulnerability.
 CVE-2016-8686 [memory allocation failure]
+	RESERVED
 	- potrace <unfixed>
 	NOTE: https://blogs.gentoo.org/ago/2016/08/29/potrace-memory-allocation-failure
 CVE-2016-8685 [invalid memory access in findnext (decompose.c)]
+	RESERVED
 	- potrace <unfixed>
 	NOTE: https://blogs.gentoo.org/ago/2016/08/29/potrace-invalid-memory-access-in-findnext-decompose-c/
 CVE-2016-8684 [memory allocation failure in MagickMalloc (memory.c)]
+	RESERVED
 	- graphicsmagick <unfixed>
 	NOTE: https://blogs.gentoo.org/ago/2016/09/15/graphicsmagick-memory-allocation-failure-in-magickmalloc-memory-c/
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/c53725cb5449
 CVE-2016-8683 [memory allocation failure in ReadPCXImage (pcx.c)]
+	RESERVED
 	- graphicsmagick <unfixed>
 	NOTE: https://blogs.gentoo.org/ago/2016/09/15/graphicsmagick-memory-allocation-failure-in-readpcximage-pcx-c/
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/b9edafd479b9
 CVE-2016-8682 [stack-based buffer overflow in ReadSCTImage (sct.c)]
+	RESERVED
 	- graphicsmagick <unfixed>
 	NOTE: https://blogs.gentoo.org/ago/2016/09/15/graphicsmagick-stack-based-buffer-overflow-in-readsctimage-sct-c/
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/0a0dfa81906d
 CVE-2016-8679 [dwarf_util.c: heap-based buffer overflow in _dwarf_get_size_of_val]
+	RESERVED
 	- dwarfutils <unfixed> (bug #840958)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/08/11
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/2d14a7792889e33bc542c28d0f3792964c46214f/#diff-13
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/efe48cad0693d6994d9a7b561e1c3833b073a624/#diff-2
 	NOTE: Same fix as CVE-2016-8681 but different issue
 CVE-2016-8680 [dwarf_util.c: heap-based buffer overflow in _dwarf_get_abbrev_for_code]
+	RESERVED
 	- dwarfutils <unfixed> (bug #840960)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/08/12
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/268c1f18d1d28612af3b72d7c670076b1b88e51c/tree/libdwarf/dwarf_util.c?diff=0b28b923c3bd9827d1d904feed2abadde4fa5de2
 CVE-2016-8681 [dwarf_util.c: heap-based buffer overflow in _dwarf_get_abbrev_for_code second one]
+	RESERVED
 	- dwarfutils <unfixed> (bug #840961)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/2d14a7792889e33bc542c28d0f3792964c46214f/#diff-13
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/efe48cad0693d6994d9a7b561e1c3833b073a624/#diff-2
@@ -1901,10 +1940,12 @@ CVE-2016-7949
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXrender/commit/?id=9362c7ddd1af3b168953d0737877bc52d79c94f4
 CVE-2016-7948 [for all of the other mishandling of the reply data]
 	RESERVED
+	{DLA-660-1}
 	- libxrandr <unfixed> (bug #840441)
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6
 CVE-2016-7947 [for all of the integer overflows]
 	RESERVED
+	{DLA-660-1}
 	- libxrandr <unfixed> (bug #840441)
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6
 CVE-2016-7946 [for all of the other mishandling of the reply data]
@@ -3052,8 +3093,7 @@ CVE-2016-7427
 	RESERVED
 CVE-2016-7426
 	RESERVED
-CVE-2016-7425 [SCSI arcmsr driver: buffer overflow in arcmsr_iop_message_xfer()]
-	RESERVED
+CVE-2016-7425 (The arcmsr_iop_message_xfer function in ...)
 	- linux <unfixed>
 	NOTE: http://marc.info/?l=linux-scsi&m=147394713328707&w=2
 	NOTE: Upstream commit: https://git.kernel.org/linus/7bc2b55a5c030685b399bb65b6baa9ccc3d1f167
@@ -4113,8 +4153,7 @@ CVE-2016-7098 (Race condition in wget 1.17 and earlier, when used in recursive o
 	[wheezy] - wget <no-dsa> (Minor issue)
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=9ffb64ba6a8121909b01e984deddce8d096c498d
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=690c47e3b18c099843cdf557a0425d701fca4957
-CVE-2016-7097 [Setting a POSIX ACL via setxattr doesn't clear the setgid bit]
-	RESERVED
+CVE-2016-7097 (The filesystem implementation in the Linux kernel through 4.8.2 ...)
 	- linux <unfixed>
 	NOTE: http://www.spinics.net/lists/linux-fsdevel/msg98328.html
 	NOTE: http://marc.info/?l=linux-fsdevel&m=147162313630259&w=2
@@ -4239,8 +4278,7 @@ CVE-2016-7044 (The unformat_24bit_color function in the format parsing code in I
 	NOTE: http://irssi.org/security/irssi_sa_2016.txt
 CVE-2016-7043
 	RESERVED
-CVE-2016-7042 [Stack corruption while reading /proc/keys]
-	RESERVED
+CVE-2016-7042 (The proc_keys_show function in security/keys/proc.c in the Linux ...)
 	- linux <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373966
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373499 (not yet opened)
@@ -4248,8 +4286,7 @@ CVE-2016-7041
 	RESERVED
 CVE-2016-7040 (Red Hat CloudForms Management Engine 4.1 does not properly handle ...)
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2016-7039 [net: add recursion limit to GRO]
-	RESERVED
+CVE-2016-7039 (The IP stack in the Linux kernel through 4.8.2 allows remote attackers ...)
 	- linux <unfixed>
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -4756,8 +4793,7 @@ CVE-2016-6830 [Buffer overrun in CHICKEN Scheme's "process-execute" and "process
 	NOTE: http://lists.nongnu.org/archive/html/chicken-announce/2016-08/msg00001.html
 	NOTE: https://lists.nongnu.org/archive/html/chicken-hackers/2016-07/txtSWHYeFeG0R.txt
 	NOTE: http://bugs.call-cc.org/ticket/1308
-CVE-2016-6828 [Linux tcp_xmit_retransmit_queue use after free]
-	RESERVED
+CVE-2016-6828 (The tcp_check_send_head function in include/net/tcp.h in the Linux ...)
 	{DSA-3659-1 DLA-609-1}
 	- linux 4.7.2-1
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/bb1fceca22492109be12640d49f5ea5a544c6bb4
@@ -6350,8 +6386,7 @@ CVE-2016-6329
 	NOTE: This is a generic cryptographic weakness, not a vulnerability in OpenVPN per se
 CVE-2016-6328
 	RESERVED
-CVE-2016-6327
-	RESERVED
+CVE-2016-6327 (drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 ...)
 	- linux 4.6.1-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/51093254bf879bc9ce96590400a87897c7498463 (4.6-rc1)
@@ -9818,7 +9853,7 @@ CVE-2016-5258 (Use-after-free vulnerability in the WebRTC socket thread in Mozil
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-72/
 CVE-2016-5257 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
-	{DSA-3690-1 DSA-3674-1 DLA-636-1 DLA-658-1}
+	{DSA-3690-1 DSA-3674-1 DLA-658-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	- icedove 1:45.4.0-1
@@ -22498,8 +22533,8 @@ CVE-2016-0926 (Cross-site scripting (XSS) vulnerability in Apps Manager in Pivot
 	TODO: check
 CVE-2016-0925 (Cross-site scripting (XSS) vulnerability in the Case Management ...)
 	NOT-FOR-US: EMC RSA Adaptive Authentication
-CVE-2016-0924 (The TLS 1.2 implementation in EMC RSA BSAFE Micro Edition Suite (MES) ...)
-	TODO: check
+CVE-2016-0924
+	REJECTED
 CVE-2016-0923 (The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before ...)
 	TODO: check
 CVE-2016-0922 (EMC ViPR SRM before 3.7.2 does not restrict the number of ...)
@@ -24296,8 +24331,8 @@ CVE-2016-0251
 	RESERVED
 CVE-2016-0250
 	RESERVED
-CVE-2016-0249
-	RESERVED
+CVE-2016-0249 (SQL injection vulnerability in IBM Security Guardium Database Activity ...)
+	TODO: check
 CVE-2016-0248 (IBM Security Guardium 9.0 before p700 and 10.0 before p100 allows ...)
 	TODO: check
 CVE-2016-0247
@@ -24386,8 +24421,8 @@ CVE-2016-0206
 	RESERVED
 CVE-2016-0205
 	RESERVED
-CVE-2016-0204
-	RESERVED
+CVE-2016-0204 (Open redirect vulnerability in IBM Cloud Orchestrator 2.4.x before ...)
+	TODO: check
 CVE-2016-0203
 	RESERVED
 CVE-2016-0202
author	security tracker role <sectracker@debian.org>	2016-10-17 21:10:18 +0000
committer	security tracker role <sectracker@debian.org>	2016-10-17 21:10:18 +0000
commit	e34ac8895c9d0684529b9d4088d5ee367ba8ee05 (patch)
tree	85d74d479c619e7b687735c7e272ca8d1e33b91a
parent	62c072aeac6de752d28100a6d555762f9f6057f5 (diff)