diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-08-24 16:17:56 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-08-24 16:17:56 +0200 |
commit | 9ec1e4c263d8c3936840260dd4ec05ed8a8a9216 (patch) | |
tree | 2fffd62f666d746eb1c862089a2436dde34762fa /data/CVE/2016.list | |
parent | c0adeec9dbb1f0c55f961a286d8b3d575b6c2242 (diff) |
Use HTTPS transport for www.openwall.com/lists/oss-security URLs
Diffstat (limited to 'data/CVE/2016.list')
-rw-r--r-- | data/CVE/2016.list | 780 |
1 files changed, 390 insertions, 390 deletions
diff --git a/data/CVE/2016.list b/data/CVE/2016.list index df9a87fe45..3df4bff04f 100644 --- a/data/CVE/2016.list +++ b/data/CVE/2016.list @@ -2066,12 +2066,12 @@ CVE-2016-10252 (Memory leak in the IsOptionMember function in MagickCore/option. CVE-2016-10251 (Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in Jas ...) {DSA-3827-1 DLA-920-1} - jasper <removed> - NOTE: http://www.openwall.com/lists/oss-security/2016/11/04/11 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/04/11 NOTE: https://github.com/mdadams/jasper/commit/1f0dfe5a42911b6880a1445f13f6d615ddb55387 NOTE: https://github.com/asarubbo/poc/blob/master/00029-jasper-uninitvalue-jpc_pi_nextcprl CVE-2016-10248 (The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before 1.900. ...) - jasper <removed> (unimportant) - NOTE: http://www.openwall.com/lists/oss-security/2016/10/20/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/20/5 NOTE: Not suitable for code injection, hardly denial of service NOTE: https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd CVE-2016-10247 (Buffer overflow in the my_getline function in jstest_main.c in Mujstes ...) @@ -2079,13 +2079,13 @@ CVE-2016-10247 (Buffer overflow in the my_getline function in jstest_main.c in M [wheezy] - mupdf <not-affected> (Vulnerable code not present) NOTE: Although jstest_main.c compiled during build and mujstest is created NOTE: it is not included in the produced binary packages - NOTE: http://www.openwall.com/lists/oss-security/2016/10/16/19 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/16/19 CVE-2016-10246 (Buffer overflow in the main function in jstest_main.c in Mujstest in A ...) - mupdf <unfixed> (unimportant) [wheezy] - mupdf <not-affected> (Vulnerable code not present) NOTE: Although jstest_main.c compiled during build and mujstest is created NOTE: it is not included in the produced binary packages - NOTE: http://www.openwall.com/lists/oss-security/2016/10/16/20 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/16/20 CVE-2016-10245 (Insufficient sanitization of the query parameter in templates/html/sea ...) {DLA-1812-1} - doxygen 1.8.12-1 @@ -2252,28 +2252,28 @@ CVE-2016-10197 (The search_make_new function in evdns.c in libevent before 2.1.6 {DSA-3789-1 DLA-824-1} - libevent 2.0.21-stable-3 (bug #854092) NOTE: https://github.com/libevent/libevent/issues/332 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/17 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/31/17 CVE-2016-10196 (Stack-based buffer overflow in the evutil_parse_sockaddr_port function ...) {DSA-3789-1 DLA-824-1} - libevent 2.0.21-stable-3 (bug #854092) NOTE: https://github.com/libevent/libevent/issues/318 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/17 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/31/17 CVE-2016-10195 (The name_parse function in evdns.c in libevent before 2.1.6-beta allow ...) {DSA-3789-1 DLA-824-1} - libevent 2.0.21-stable-3 (bug #854092) NOTE: https://github.com/libevent/libevent/issues/317 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/17 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/31/17 CVE-2016-10199 (The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-p ...) {DSA-3820-1} - gst-plugins-good1.0 1.10.3-1 (low) - gst-plugins-good0.10 <not-affected> (Vulnerable code not present) - NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7 + NOTE: https://www.openwall.com/lists/oss-security/2017/02/01/7 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775451 CVE-2016-10198 (The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacpars ...) {DSA-3820-1 DLA-2225-1 DLA-828-1} - gst-plugins-good1.0 1.10.3-1 (low) - gst-plugins-good0.10 <removed> (low) - NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7 + NOTE: https://www.openwall.com/lists/oss-security/2017/02/01/7 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775450 CVE-2016-XXXX [iio-sensor-proxy: insecure dbus policy] - iio-sensor-proxy 2.0-4 (bug #853951) @@ -2281,19 +2281,19 @@ CVE-2016-10192 (Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10 - ffmpeg 7:3.2.2-1 - libav <not-affected> (Vulnerable code not present in libav, only in ffmpeg) NOTE: Patch: https://github.com/FFmpeg/FFmpeg/commit/a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/12 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/31/12 CVE-2016-10191 (Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2 ...) {DLA-1611-1} - ffmpeg 7:3.2.2-1 - libav <removed> NOTE: Patch: https://github.com/FFmpeg/FFmpeg/commit/7d57ca4d9a75562fa32e40766211de150f8b3ee7 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/12 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/31/12 CVE-2016-10190 (Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8. ...) {DLA-1611-1} - ffmpeg 7:3.2.2-1 - libav <removed> NOTE: Patch: https://github.com/FFmpeg/FFmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa - NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/12 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/31/12 CVE-2016-10193 (The espeak-ruby gem before 1.0.3 for Ruby allows remote attackers to e ...) NOT-FOR-US: espeak-ruby Ruby gem CVE-2016-10194 (The festivaltts4r gem for Ruby allows remote attackers to execute arbi ...) @@ -2329,7 +2329,7 @@ CVE-2016-10189 (BitlBee before 3.5 allows remote attackers to cause a denial of - bitlbee 3.5-1 NOTE: https://bugs.bitlbee.org/ticket/1282 NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f (3.5) - NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/4 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/30/4 NOTE: When fixing this CVE make sure to apply as well NOTE: https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441 NOTE: to not open CVE-2017-5668 @@ -2338,14 +2338,14 @@ CVE-2016-10188 (Use-after-free vulnerability in bitlbee-libpurple before 3.5 all - bitlbee 3.5-1 NOTE: https://bugs.bitlbee.org/ticket/1281 NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/ea902752503fc5b356d6513911081ec932d804f2 (3.5) - NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/4 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/30/4 CVE-2016-10187 (The E-book viewer in calibre before 2.75 allows remote attackers to re ...) {DLA-859-1} - calibre 2.75.1+dfsg-1 (low; bug #853004) [jessie] - calibre <no-dsa> (Minor issue) NOTE: Upstream report: https://launchpad.net/bugs/1651728 NOTE: Upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8cce0449d1758eee585ed0d0433c - NOTE: http://www.openwall.com/lists/oss-security/2017/01/29/8 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/29/8 CVE-2016-10173 (Directory traversal vulnerability in the minitar before 0.6 and archiv ...) {DSA-3778-1 DLA-808-1} - ruby-minitar 0.5.4-3.1 (bug #853075) @@ -2382,7 +2382,7 @@ CVE-2016-10166 (Integer underflow in the _gdContributionsAlloc function in gd_in - libgd2 2.2.4-1 [wheezy] - libgd2 <not-affected> (Vulnerable code not present) NOTE: https://github.com/libgd/libgd/commit/60bfb401ad5a4a8ae995dcd36372fe15c71e1a35 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/26/1 CVE-2016-10167 (The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Li ...) {DSA-3777-1 DLA-804-1} - php7.1 7.1.1-1 (unimportant) @@ -2393,7 +2393,7 @@ CVE-2016-10167 (The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graph NOTE: Fixed in PHP 7.1.1, 7.0.15, 5.6.30 - libgd2 2.2.4-1 NOTE: https://github.com/libgd/libgd/commit/fe9ed49dafa993e3af96b6a5a589efeea9bfb36f - NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/26/1 CVE-2016-10168 (Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) bef ...) {DSA-3777-1 DLA-804-1} - php7.1 7.1.1-1 (unimportant) @@ -2404,7 +2404,7 @@ CVE-2016-10168 (Integer overflow in gd_io.c in the GD Graphics Library (aka libg NOTE: Fixed in PHP 7.1.1, 7.0.15, 5.6.30 - libgd2 2.2.4-1 NOTE: https://github.com/libgd/libgd/commit/69d2fd2c597ffc0c217de1238b9bf4d4bceba8e6 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/26/1 CVE-2016-10165 (The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) all ...) {DSA-3774-1 DLA-803-1} - lcms2 2.8-4 (bug #852627) @@ -2414,7 +2414,7 @@ CVE-2016-10164 (Multiple integer overflows in libXpm before 3.5.12, when a progr {DSA-3772-1 DLA-801-1} - libxpm 1:3.5.12-1 NOTE: Fixed by: https://cgit.freedesktop.org/xorg/lib/libXpm/commit/?id=d1167418f0fd02a27f617ec5afd6db053afbe185 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/22/2 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/22/2 CVE-2016-10163 (Memory leak in the vrend_renderer_context_create_internal function in ...) - virglrenderer 0.6.0-1 (bug #852603) NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=747a293ff6055203e529f083896b823e22523fe7 (0.6.0) @@ -2530,7 +2530,7 @@ CVE-2016-10146 (Multiple memory leaks in the caption and label handling code in {DSA-3799-1 DLA-807-1} - imagemagick 8:6.9.7.0+dfsg-2 (bug #851380) NOTE: https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/16/6 CVE-2016-10140 (Information disclosure and authentication bypass vulnerability exists ...) {DLA-806-1} - zoneminder 1.30.4+dfsg-1 (bug #851710) @@ -2541,12 +2541,12 @@ CVE-2016-10144 (coders/ipl.c in ImageMagick allows remote attackers to have unsp {DSA-3799-1 DLA-807-1} - imagemagick 8:6.9.7.4+dfsg-1 (bug #851485) NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/97566cf2806c0a5a86e884c96831a0c3b1ec6c20 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/16/6 CVE-2016-10145 (Off-by-one error in coders/wpg.c in ImageMagick allows remote attacker ...) {DSA-3799-1 DLA-807-1} - imagemagick 8:6.9.7.4+dfsg-1 (bug #851483) NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/d23beebe7b1179fb75db1e85fbca3100e49593d9 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/16/6 CVE-2016-10141 (An integer overflow vulnerability was observed in the regemit function ...) NOT-FOR-US: MuJS CVE-2016-10133 (Heap-based buffer overflow in the js_stackoverflow function in jsrun.c ...) @@ -2588,7 +2588,7 @@ CVE-2016-10127 (PySAML2 allows remote attackers to conduct XML external entity ( NOTE: https://github.com/rohe/pysaml2/issues/366 NOTE: A proper fix for this issue would be to fix the underlying issue in src:libxml2 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1411794#c12 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/19/5 (for the scope of the CVE) + NOTE: https://www.openwall.com/lists/oss-security/2017/01/19/5 (for the scope of the CVE) CVE-2016-10149 (XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier a ...) {DSA-3759-1} - python-pysaml2 3.0.0-5 (bug #850716) @@ -2598,7 +2598,7 @@ CVE-2016-10134 (SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 befo {DSA-3802-1} - zabbix 1:3.0.4+dfsg-1 (bug #850936) NOTE: https://support.zabbix.com/browse/ZBX-11023 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/12/4 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/12/4 CVE-2016-10124 (An issue was discovered in Linux Containers (LXC) before 2016-02-22. W ...) - lxc 1:2.0.0-1 [jessie] - lxc <no-dsa> (Minor issue) @@ -2607,35 +2607,35 @@ CVE-2016-10124 (An issue was discovered in Linux Containers (LXC) before 2016-02 NOTE: https://github.com/lxc/lxc/commit/5eacdc3dbd0e45abf3cc90cf0216a7f8ee560abf (lxc-2.0.0.rc2) CVE-2016-10123 (Firejail allows --chroot when seccomp is not supported, which might al ...) - firejail 0.9.38-1 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/05/4 NOTE: https://github.com/netblue30/firejail/commit/a23ac1bf390fa4c3db4ea31e6ee6100a9c511d59 (0.9.38-rc1) CVE-2016-10122 (Firejail does not properly clean environment variables, which allows l ...) - firejail 0.9.44.2-1 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/05/4 NOTE: https://github.com/netblue30/firejail/commit/3b81e1f2c331644ced87d26a943b22eed6242b8f NOTE: https://github.com/netblue30/firejail/commit/72bc0e145c67da24e555d868086953148c52b5fc NOTE: In 0.9.44-bugfixes: https://github.com/netblue30/firejail/commit/e847207df28e181a8f590ade825b5f06d4fadf17 (0.9.44.2) NOTE: In 0.9.44-bugfixes: https://github.com/netblue30/firejail/commit/18f6e9dc9b304f7aca291c3edce5122562b1e36c (0.9.44.2) CVE-2016-10121 (Firejail uses weak permissions for /dev/shm/firejail and possibly othe ...) - firejail 0.9.38-1 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/05/4 NOTE: https://github.com/netblue30/firejail/commit/1cab02f5ae3c90c01fae4d1c16381820b757a3a6 (0.9.38) CVE-2016-10120 (Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, ( ...) - firejail 0.9.38-1 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/05/4 NOTE: https://github.com/netblue30/firejail/commit/cd0ecfc7a7b30abde20db6dea505cd8c58e7c046 (0.9.38-rc1) CVE-2016-10119 (Firejail uses 0777 permissions when mounting /tmp, which allows local ...) - firejail 0.9.38-1 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/05/4 NOTE: https://github.com/netblue30/firejail/commit/aa28ac9e09557b833f194f594e2940919d940d1f (0.9.38) CVE-2016-10118 (Firejail allows local users to truncate /etc/resolv.conf via a chroot ...) - firejail 0.9.44.2-1 (low) - NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/05/4 NOTE: https://github.com/netblue30/firejail/commit/6144229605177764b7f3f3450c1a47f56595dc9e NOTE: In 0.9.44-bugfixes: https://github.com/netblue30/firejail/commit/8b5b444c766b8d0592346decc6ed4a6d345e4f67 (0.9.44.2) CVE-2016-10117 (Firejail does not restrict access to --tmpfs, which allows local users ...) - firejail 0.9.38-1 - NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/05/4 NOTE: https://github.com/netblue30/firejail/commit/678cd1495457318dad39178bb646ba1b96332ddb (0.9.38-rc1) CVE-2016-10116 (NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo ...) NOT-FOR-US: NETGEAR @@ -2678,7 +2678,7 @@ CVE-2016-10109 (Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a - pcsc-lite 1.8.20-1 NOTE: https://anonscm.debian.org/cgit/pcsclite/PCSC.git/commit/?id=697fe05967af7ea215bcd5d5774be587780c9e22 NOTE: https://anonscm.debian.org/cgit/pcsclite/PCSC.git/commit/?id=3aaab9d998b5deb16a246cc7517e44144d281d3b - NOTE: http://www.openwall.com/lists/oss-security/2017/01/03/2 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/03/2 CVE-2016-10098 (An issue was discovered on SendQuick Entera and Avera devices before 2 ...) NOT-FOR-US: SendQuick Entera and Avera devices CVE-2016-10097 (XML External Entity (XXE) Vulnerability in /SSOPOST/metaAlias/%realm%/ ...) @@ -2786,8 +2786,8 @@ CVE-2016-10040 (Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allo [jessie] - qt4-x11 <ignored> (Minor issue) [wheezy] - qt4-x11 <ignored> (Minor issue) - qtbase-opensource-src 5.2.0+dfsg-7 - NOTE: CVE assignment specific to http://www.openwall.com/lists/oss-security/2016/12/24/2 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/24/1 + NOTE: CVE assignment specific to https://www.openwall.com/lists/oss-security/2016/12/24/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/24/1 NOTE: https://github.com/qt/qtbase/commit/f1053d94f59f053ce4acad9320df14f1fbe4faac CVE-2016-10039 (Directory traversal in /connectors/index.php in MODX Revolution before ...) NOT-FOR-US: MODX Revolution @@ -2812,7 +2812,7 @@ CVE-2016-10033 (The mailSend function in the isMail transport in PHPMailer befor - libphp-phpmailer 5.2.14+dfsg-2.1 (bug #849365) NOTE: https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html NOTE: Fixed by: https://github.com/PHPMailer/PHPMailer/commit/4835657cd639fbd09afd33307cef164edf807cdc#diff-ace81e501931d8763b49f2410cf3094dR1449 - NOTE: Fix potentially incomplete, cf http://www.openwall.com/lists/oss-security/2016/12/28/1 + NOTE: Fix potentially incomplete, cf https://www.openwall.com/lists/oss-security/2016/12/28/1 NOTE: When updating libphp-phpmailer for CVE-2016-10033 make sure to apply the NOTE: complete patch to not make libphp-phpmailer affected by CVE-2016-10045. NOTE: https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10045-Vuln-Patch-Bypass.html @@ -2862,7 +2862,7 @@ CVE-2016-10026 (ikiwiki 3.20161219 does not properly check if a revision changes - ikiwiki 3.20161219 NOTE: http://ikiwiki.info/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed/ NOTE: Fix: http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=9cada49ed6ad24556dbe9861ad5b0a9f526167f9 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/7 NOTE: When fixing this issue make sure to apply the complete correct fix to NOTE: not open ikiwiki to be vulnerable for CVE-2016-9645. CVE-2016-10025 (VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD v ...) @@ -2880,7 +2880,7 @@ CVE-2016-10028 (The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c [wheezy] - qemu <not-affected> (Vulnerable code not present) - qemu-kvm <not-affected> (Vulnerable code not present) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-12/msg01903.html - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/1 NOTE: Marked as unimportant, since 1:2.8+dfsg-2 reverted the support for NOTE: virtio gpu (virglrenderer) and opengl, but the affected code is NOTE: still present. @@ -2892,7 +2892,7 @@ CVE-2016-10029 (The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) - qemu-kvm <not-affected> (Vulnerable code not present) NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=acfc4846508a02cc4c83aa27799fd7 (v2.7.0-rc0) NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=2fe760554eb3769d70f608a158474f (v2.7.0-rc0) - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/2 CVE-2016-9999 RESERVED CVE-2016-9996 @@ -2973,7 +2973,7 @@ CVE-2016-9954 (The backtrack compilation code in the Irregex package (aka IrRegu [stretch] - chicken <no-dsa> (Minor issue) [jessie] - chicken <no-dsa> (Minor issue) [wheezy] - chicken <no-dsa> (Minor issue) - NOTE: http://www.openwall.com/lists/oss-security/2016/12/14/18 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/14/18 NOTE: https://github.com/ashinn/irregex/commit/a16ffc86eca15fca9e40607d41de3cea9cf868f1 NOTE: For chicken vulnerable code in ./irregex-core.scm CVE-2016-9953 (The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30 ...) @@ -3047,7 +3047,7 @@ CVE-2016-10003 (Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5 NOTE: Vulnerable Squid Versions: NOTE: 3.5.0.1 up to and including 3.5.22 NOTE: 4.0.1 up to and including 4.0.16 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/17/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/17/1 CVE-2016-10002 (Incorrect processing of responses to If-None-Modified HTTP conditional ...) {DSA-3745-1 DLA-763-1} - squid3 3.5.23-1 (bug #848493) @@ -3063,7 +3063,7 @@ CVE-2016-10002 (Incorrect processing of responses to If-None-Modified HTTP condi NOTE: 3.1.10 up to and including 3.1.23 NOTE: 3.2.0.3 up to and including 3.5.22 NOTE: 4.0.1 up to and including 4.0.16 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/17/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/17/1 CVE-2016-582384 REJECTED CVE-2016-9964 (redirect() in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequ ...) @@ -3075,37 +3075,37 @@ CVE-2016-9963 (Exim before 4.87.1 might allow remote attackers to obtain the pri {DSA-3747-1 DLA-762-1} - exim4 4.88~RC6-2 NOTE: https://bugs.exim.org/show_bug.cgi?id=1996 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/16/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/16/1 NOTE: https://exim.org/static/doc/CVE-2016-9963.txt CVE-2016-9961 (game-music-emu before 0.6.1 mishandles unspecified integer values. ...) {DSA-3735-1 DLA-750-1} - game-music-emu 0.6.0-4 (bug #848071) NOTE: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html - NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/15/1 CVE-2016-9960 (game-music-emu before 0.6.1 allows local users to cause a denial of se ...) {DSA-3735-1 DLA-750-1} - game-music-emu 0.6.0-4 (bug #848071) NOTE: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html - NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/15/1 CVE-2016-9959 (game-music-emu before 0.6.1 allows remote attackers to generate out of ...) {DSA-3735-1 DLA-750-1} - game-music-emu 0.6.0-4 (bug #848071) NOTE: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html - NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/15/1 CVE-2016-9958 (game-music-emu before 0.6.1 allows remote attackers to write to arbitr ...) {DSA-3735-1 DLA-750-1} - game-music-emu 0.6.0-4 (bug #848071) NOTE: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html - NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/15/1 CVE-2016-9957 (Stack-based buffer overflow in game-music-emu before 0.6.1. ...) {DSA-3735-1 DLA-750-1} - game-music-emu 0.6.0-4 (bug #848071) NOTE: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html - NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/15/1 CVE-2016-9956 (The route manager in FlightGear before 2016.4.4 allows remote attacker ...) {DSA-3742-1} - flightgear 1:2016.4.3+dfsg-1 (bug #848114) - NOTE: http://www.openwall.com/lists/oss-security/2016/12/14/11 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/14/11 CVE-2016-9951 (An issue was discovered in Apport before 2.20.4. A malicious Apport cr ...) NOT-FOR-US: Apport CVE-2016-9950 (An issue was discovered in Apport before 2.20.4. There is a path trave ...) @@ -3146,7 +3146,7 @@ CVE-2016-9955 (The SimpleSAML_XML_Validator class constructor in SimpleSAMLphp b [jessie] - simplesamlphp <no-dsa> (Minor issue) NOTE: https://simplesamlphp.org/security/201612-02 NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/a2326d75dd14accaac162dd2cb30aaefcc1f9205 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/14/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/14/7 CVE-2016-9939 (Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its A ...) {DSA-3748-1 DLA-766-1} - libcrypto++ 5.6.4-5 (bug #848009) @@ -3174,7 +3174,7 @@ CVE-2016-9936 (The unserialize implementation in ext/standard/var.c in PHP 7.x b NOTE: Fixed in PHP 7.0.14 and 7.1.0 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72978 NOTE: Fixed by: https://github.com/php/php-src/commit/b2af4e8868726a040234de113436c6e4f6372d17 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/12/2 CVE-2016-9935 (The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5. ...) {DSA-3737-1 DLA-818-1} - php7.0 7.0.14-1 @@ -3182,7 +3182,7 @@ CVE-2016-9935 (The php_wddx_push_element function in ext/wddx/wddx.c in PHP befo NOTE: Fixed in PHP 5.6.29 and 7.0.14 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73631 NOTE: Fixed by: https://github.com/php/php-src/commit/66fd44209d5ffcb9b3d1bc1b9fd8e35b485040c0 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/12/2 CVE-2016-9934 (ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remo ...) {DSA-3732-1 DLA-818-1} - php7.0 7.0.13-1 @@ -3190,7 +3190,7 @@ CVE-2016-9934 (ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows NOTE: Fixed in PHP 5.6.28, 7.0.13 and 7.1.0 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73331 NOTE: Fixed by: https://github.com/php/php-src/commit/6045de69c7dedcba3eadf7c4bba424b19c81d00d - NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/12/2 CVE-2016-9933 (Stack consumption vulnerability in the gdImageFillToBorder function in ...) {DSA-3751-1 DSA-3732-1 DLA-758-1} - libgd2 2.2.2-29-g3c2b605-1 (bug #849038) @@ -3205,7 +3205,7 @@ CVE-2016-9933 (Stack consumption vulnerability in the gdImageFillToBorder functi NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72696 NOTE: Fixed by: https://github.com/php/php-src/commit/863d37ea66d5c960db08d6f4a2cbd2518f0f80d1 NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd - NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/12/2 CVE-2016-9937 (An issue was discovered in Asterisk Open Source 13.12.x and 13.13.x be ...) - asterisk <not-affected> (Introduced in 13.12.0 but fixed with first version to unstable based on 13.12.1) NOTE: Vulnerability introduced in 13.12.0, but the first upload to unstable @@ -3411,7 +3411,7 @@ CVE-2016-9912 (Quick Emulator (Qemu) built with the Virtio GPU Device emulator s [wheezy] - qemu <not-affected> (Vulnerable code not present) - qemu-kvm <not-affected> (Vulnerable code not present) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg05043.html - NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/12 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/06/12 CVE-2016-9916 (Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows ...) {DLA-1497-1} - qemu 1:2.8+dfsg-1 (bug #847496) @@ -3421,7 +3421,7 @@ CVE-2016-9916 (Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) al NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg03278.html NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=898ae90a44551d25b8e956fd87372d303c82fe68 (v2.8.0-rc2) NOTE: Proxy filesystem driver introduced in: http://git.qemu.org/?p=qemu.git;a=commit;h=4c793dda22213a7aba8e4d9a814e8f368a5f8bf7 (v1.0-rc0) - NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/06/11 CVE-2016-9915 (Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows ...) {DLA-1497-1} - qemu 1:2.8+dfsg-1 (bug #847496) @@ -3431,7 +3431,7 @@ CVE-2016-9915 (Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) a NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg03278.html NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=971f406b77a6eb84e0ad27dcc416b663765aee30 (v2.8.0-rc2) NOTE: handle based fs driver introduced in: http://git.qemu.org/?p=qemu.git;a=commit;h=5f5422258e1f50f871bafcc5bfb2b498f414a310 (v1.0-rc0) - NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/06/11 NOTE: proxy driver not included during compilation in wheezy, see debian-lts ML: https://lists.debian.org/debian-lts/2016/12/msg00136.html CVE-2016-9914 (Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local ...) {DLA-1497-1} @@ -3441,7 +3441,7 @@ CVE-2016-9914 (Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows l [wheezy] - qemu-kvm <no-dsa> (proxy and handle drivers not included during compilation) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg03278.html NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=702dbcc274e2ca43be20ba64c758c0ca57dab91d (v2.8.0-rc2) - NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/06/11 NOTE: proxy and handle drivers not included during compilation in wheezy, so the cleanup function is never implemented: NOTE: see debian-lts ML: https://lists.debian.org/debian-lts/2016/12/msg00136.html CVE-2016-9913 (Memory leak in the v9fs_device_unrealize_common function in hw/9pfs/9p ...) @@ -3451,13 +3451,13 @@ CVE-2016-9913 (Memory leak in the v9fs_device_unrealize_common function in hw/9p - qemu-kvm <not-affected> (Vulnerable code not present) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg03278.html NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=4774718e5c194026ba5ee7a28d9be49be3080e42 (v2.8.0-rc2) - NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/06/11 CVE-2016-9911 (Quick Emulator (Qemu) built with the USB EHCI Emulation support is vul ...) {DLA-1497-1 DLA-765-1 DLA-764-1} - qemu 1:2.8+dfsg-1 (bug #847951) - qemu-kvm <removed> NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=791f97758e223de3290592d169f (v2.8.0-rc0) - NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/10 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/06/10 CVE-2016-9907 (Quick Emulator (Qemu) built with the USB redirector usb-guest support ...) {DLA-1497-1} - qemu 1:2.8+dfsg-1 (bug #847953) @@ -3466,7 +3466,7 @@ CVE-2016-9907 (Quick Emulator (Qemu) built with the USB redirector usb-guest sup [wheezy] - qemu-kvm <not-affected> (Vulnerable code not present) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg01379.html NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=07b026fd82d6cf11baf7d7c603c4f5f6070b35bf - NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/06/3 NOTE: Leakage introduced after 1.2.50: http://git.qemu.org/?p=qemu.git;a=commit;h=fc3f6e1b106abcf6b8cf487ac8f8e5fc2fd86776 CVE-2016-9908 (Quick Emulator (Qemu) built with the Virtio GPU Device emulator suppor ...) - qemu 1:2.8+dfsg-1 (bug #847400) @@ -3474,7 +3474,7 @@ CVE-2016-9908 (Quick Emulator (Qemu) built with the Virtio GPU Device emulator s [wheezy] - qemu <not-affected> (Vulnerable code not present) - qemu-kvm <not-affected> (Vulnerable code not present) NOTE: http://lists.gnu.org/archive/html/qemu-devel/2016-11/msg00059.html - NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/06/2 CVE-2016-9920 (steps/mail/sendmail.inc in Roundcube before 1.1.7 and 1.2.x before 1.2 ...) {DLA-737-1} - roundcube 1.2.3+dfsg.1-1 (bug #847287) @@ -3487,14 +3487,14 @@ CVE-2016-9910 (The serializer in html5lib before 0.99999999 might allow remote a [wheezy] - html5lib <no-dsa> (Minor issue) NOTE: Fixed by: https://github.com/html5lib/html5lib-python/commit/9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7 NOTE: https://www.sourceclear.com/registry/security/cross-site-scripting-xss-/python/sid-3068 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/06/5 CVE-2016-9909 (The serializer in html5lib before 0.99999999 might allow remote attack ...) - html5lib 0.999999999-1 [jessie] - html5lib <no-dsa> (Minor issue) [wheezy] - html5lib <no-dsa> (Minor issue) NOTE: Fixed by: https://github.com/html5lib/html5lib-python/commit/9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7 NOTE: https://www.sourceclear.com/registry/security/cross-site-scripting-xss-/python/sid-3068 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/06/5 CVE-2016-9839 (In MapServer before 7.0.3, OGR driver error messages are too verbose a ...) {DLA-734-1} - mapserver 7.0.3-1 @@ -3632,8 +3632,8 @@ CVE-2016-9844 (Buffer overflow in the zi_short function in zipinfo.c in Info-Zip - unzip 6.0-21 (bug #847486) [jessie] - unzip 6.0-16+deb8u3 NOTE: https://launchpad.net/bugs/1643750 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/05/13 - NOTE: Proposed patch in http://www.openwall.com/lists/oss-security/2016/12/05/19 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/05/13 + NOTE: Proposed patch in https://www.openwall.com/lists/oss-security/2016/12/05/19 CVE-2016-XXXX [tiffcrop: divide-by-zero in readSeparateStripsIntoBuffer when BitsPerSample is missing] - tiff 4.0.7-2 (unimportant; bug #846838) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2619 @@ -3751,7 +3751,7 @@ CVE-2016-9814 (The validateSignature method in the SAML2\Utils class in SimpleSA NOTE: https://github.com/simplesamlphp/saml2/pull/81 NOTE: https://github.com/simplesamlphp/saml2/commit/7008b0916426212c1cc2fc238b38ab9ebff0748c NOTE: only exploitable in hard to achieve conditions - NOTE: http://www.openwall.com/lists/oss-security/2016/12/03/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/03/5 CVE-2016-9754 (The ring_buffer_resize function in kernel/trace/ring_buffer.c in the p ...) - linux 4.6.1-1 [jessie] - linux 3.16.39-1 @@ -3946,7 +3946,7 @@ CVE-2016-9775 (The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API - tomcat6 6.0.41-3 NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie - NOTE: http://www.openwall.com/lists/oss-security/2016/12/02/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/02/5 CVE-2016-9774 (The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 ...) {DSA-3739-1 DSA-3738-1 DLA-753-1 DLA-746-1} - tomcat8 8.5.8-2 (bug #845393) @@ -3954,7 +3954,7 @@ CVE-2016-9774 (The postinst script in the tomcat6 package before 6.0.45+dfsg-1~d NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API - tomcat6 6.0.41-3 NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie - NOTE: http://www.openwall.com/lists/oss-security/2016/12/02/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/02/5 CVE-2016-9777 (KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does ...) - linux 4.8.15-1 [jessie] - linux <not-affected> (Vulnerable code introduced later) @@ -3962,7 +3962,7 @@ CVE-2016-9777 (KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1400804 NOTE: Fixed by: https://git.kernel.org/linus/81cdb259fb6d8c1c4ecfeea389ff5a73c07f5755 (v4.9-rc7) NOTE: Introduced in: https://git.kernel.org/linus/af1bae5497b98cb99d6b0492e6981f060420a00c (v4.8-rc1) - NOTE: http://www.openwall.com/lists/oss-security/2016/12/02/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/02/2 CVE-2016-9776 (QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Contro ...) {DLA-1497-1} - qemu 1:2.8+dfsg-1 (bug #846797) @@ -4066,7 +4066,7 @@ CVE-2016-9772 (OpenAFS 1.6.19 and earlier allows remote attackers to obtain sens NOTE: https://www.openafs.org/pages/security/OPENAFS-SA-2016-003.txt NOTE: Upstream patch: https://www.openafs.org/pages/security/openafs-sa-2016-003-master.patch (master) NOTE: Upstream patch: https://www.openafs.org/pages/security/openafs-sa-2016-003.patch - NOTE: http://www.openwall.com/lists/oss-security/2016/12/01/12 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/01/12 CVE-2016-9685 (Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the ...) - linux 4.5.1-1 [jessie] - linux 3.16.36-1 @@ -4085,7 +4085,7 @@ CVE-2016-9646 (ikiwiki before 3.20161229 incorrectly called the CGI::FormBuilder CVE-2016-9643 (The regex code in Webkit 2.4.11 allows remote attackers to cause a den ...) - webkitgtk 2.14.6-1 (unimportant) NOTE: Not covered by security support - NOTE: http://www.openwall.com/lists/oss-security/2016/11/26/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/26/2 CVE-2016-9642 (JavaScriptCore in WebKit allows attackers to cause a denial of service ...) - webkitgtk <removed> (unimportant) NOTE: Not covered by security support @@ -4151,7 +4151,7 @@ CVE-2016-9603 (A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx - xen 4.4.0-1 NOTE: Xen switched to qemu-system in 4.4.0-1 NOTE: https://xenbits.xen.org/xsa/advisory-211.html - NOTE: http://www.openwall.com/lists/oss-security/2017/03/14/2 + NOTE: https://www.openwall.com/lists/oss-security/2017/03/14/2 NOTE: Upstream patch http://git.qemu-project.org/?p=qemu.git;a=commit;h=50628d3479e4f9aa97e323506856e394fe7ad7a6 CVE-2016-9602 (Qemu before version 2.9 is vulnerable to an improper link following wh ...) {DLA-1497-1 DLA-1035-1 DLA-965-1} @@ -4159,7 +4159,7 @@ CVE-2016-9602 (Qemu before version 2.9 is vulnerable to an improper link followi - qemu-kvm <removed> NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1413929 NOTE: The original proposed patch does not fix the issue, cf. - NOTE: http://www.openwall.com/lists/oss-security/2017/01/17/14 + NOTE: https://www.openwall.com/lists/oss-security/2017/01/17/14 NOTE: Upstream patchset: https://lists.gnu.org/archive/html/qemu-devel/2017-01/msg06225.html NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1035 NOTE: If fixing this issue for older suites, then make sure not to open the @@ -4228,7 +4228,7 @@ CVE-2016-9584 (libical allows remote attackers to cause a denial of service (use - libical <removed> (bug #852034) [stretch] - libical <ignored> (Minor issue) [jessie] - libical <no-dsa> (Minor issue) - NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/15/5 NOTE: Upstream ticket: https://github.com/libical/libical/issues/253 CVE-2016-9583 (An out-of-bounds heap read vulnerability was found in the jpc_pi_nextp ...) - jasper <removed> (unimportant) @@ -4336,7 +4336,7 @@ CVE-2016-9562 (SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Deni NOT-FOR-US: SAP CVE-2016-9561 (The che_configure function in libavcodec/aacdec_template.c in FFmpeg b ...) - ffmpeg 7:3.2.4-1 (unimportant) - NOTE: http://www.openwall.com/lists/oss-security/2016/12/08/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/08/1 NOTE: non-issue, legitimate media file. If a server application uses libav* on untrusted media NOTE: files, it needs to set resource limits CVE-2016-9554 (The Sophos Web Appliance Remote / Secure Web Gateway server (version 4 ...) @@ -4555,7 +4555,7 @@ CVE-2016-9866 (An issue was discovered in phpMyAdmin. When the arg_separator is CVE-2016-9639 (Salt before 2015.8.11 allows deleted minions to read or write to minio ...) - salt 2016.3.0+ds-1 [jessie] - salt <no-dsa> (Minor issue) - NOTE: http://www.openwall.com/lists/oss-security/2016/11/25/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/25/2 CVE-2016-9813 (The _parse_pat function in the mpegts parser in GStreamer before 1.10. ...) {DSA-3818-1} - gst-plugins-bad1.0 1.10.2-1 (low) @@ -4796,7 +4796,7 @@ CVE-2016-9928 (MCabber before 1.0.4 is vulnerable to roster push attacks, which - mcabber 0.10.2-1.1 (bug #845258) NOTE: https://bitbucket.org/McKael/mcabber-crew/commits/6e1ead98930d7dd0a520ad17c720ae4908429033/raw NOTE: Similar issue for mcabber as for gajim in CVE-2015-8688 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/09/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/09/5 CVE-2016-XXXX [Rorster vulnerability similar to CVE-2015-8688] - slixmpp 1.2.2-1 NOTE: Similar issue for mcabber as for gajim in CVE-2015-8688 (but should get a seprate CVE) @@ -4817,19 +4817,19 @@ CVE-2016-10071 (coders/mat.c in ImageMagick before 6.9.4-0 allows remote attacke NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366 NOTE: https://github.com/ImageMagick/ImageMagick/issues/131 NOTE: https://github.com/ImageMagick/ImageMagick/commit/f3b483e8b054c50149912523b4773687e18afe25 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10070 (Heap-based buffer overflow in the CalcMinMax function in coders/mat.c ...) {DSA-3726-1 DLA-756-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #845246) NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366 NOTE: https://github.com/ImageMagick/ImageMagick/issues/131 NOTE: https://github.com/ImageMagick/ImageMagick/commit/b173a352397877775c51c9a0e9d59eb6ce24c455 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10069 (coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to ...) {DSA-3726-1 DLA-756-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #845244) NOTE: https://github.com/ImageMagick/ImageMagick/commit/8a370f9ab120faf182aa160900ba692ba8e2bcf0 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-9559 (coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to ...) {DSA-3726-1 DLA-756-1} - imagemagick 8:6.9.6.5+dfsg-1 (bug #845243) @@ -4853,46 +4853,46 @@ CVE-2016-10068 (The MSL interpreter in ImageMagick before 6.9.6-4 allows remote - imagemagick 8:6.9.6.5+dfsg-1 (bug #845241) NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30797 NOTE: https://github.com/ImageMagick/ImageMagick/commit/56d6e20de489113617cbbddaf41e92600a34db22 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10058 (Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagi ...) - imagemagick 8:6.9.6.5+dfsg-1 (bug #845239) [jessie] - imagemagick <not-affected> (Vulnerable code using layer_info[i].info introduced later) [wheezy] - imagemagick <not-affected> (Vulnerable code using layer_info[i].info introduced later) NOTE: https://github.com/ImageMagick/ImageMagick/commit/4ec444f4eab88cf4bec664fafcf9cab50bc5ff6a - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10067 (magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers ...) {DSA-3726-1 DLA-756-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #845213) NOTE: https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10066 (Buffer overflow in the ReadVIFFImage function in coders/viff.c in Imag ...) {DSA-3726-1 DLA-756-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #845213) NOTE: https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10065 (The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0. ...) {DSA-3726-1 DLA-756-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #845212) NOTE: https://github.com/ImageMagick/ImageMagick/issues/129 NOTE: https://github.com/ImageMagick/ImageMagick/commit/134463b926fa965571aa4febd61b810be5e7da05 NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545183 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10064 (Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows ...) {DSA-3726-1 DLA-756-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #845202) NOTE: https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10063 (Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows ...) {DSA-3726-1 DLA-756-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #845198) NOTE: https://github.com/ImageMagick/ImageMagick/commit/2bb6941a2d557f26a2f2049ade466e118eeaab91 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10062 (The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not ...) {DSA-3799-1 DLA-868-1} - imagemagick 8:6.9.7.4+dfsg-1 (bug #849439) NOTE: https://github.com/ImageMagick/ImageMagick/issues/196 NOTE: https://github.com/ImageMagick/ImageMagick/issues/352 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 NOTE: CVE is for the fwrite issue in ReadGROUP4Image. This was NOTE: specifically noted at the beginning of issues/196, but not fixed in NOTE: either of these commits 933e96f01a8c889c7bf5ffd30020e86a02a046e7 nor @@ -4904,19 +4904,19 @@ CVE-2016-10061 (The ReadGROUP4Image function in coders/tiff.c in ImageMagick bef - imagemagick 8:6.9.6.2+dfsg-2 (bug #845196) NOTE: https://github.com/ImageMagick/ImageMagick/commit/4e914bbe371433f0590cefdf3bd5f3a5710069f9 NOTE: https://github.com/ImageMagick/ImageMagick/issues/196 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10060 (The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagi ...) {DLA-756-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #845196) [jessie] - imagemagick <not-affected> (Vulnerable code not present) NOTE: https://github.com/ImageMagick/ImageMagick/commit/933e96f01a8c889c7bf5ffd30020e86a02a046e7 NOTE: https://github.com/ImageMagick/ImageMagick/issues/196 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10059 (Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows ...) {DSA-3726-1 DLA-756-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #845195) NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/58cf5bf4fade82e3b510e8f3463a967278a3e410 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-9448 (The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attacke ...) - tiff <not-affected> (Vulnerable code introduced by fix for CVE-2016-9297) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2593 @@ -5121,23 +5121,23 @@ CVE-2016-9452 (The transliterate mechanism in Drupal 8.x before 8.2.3 allows rem - drupal8 <itp> (bug #756305) - drupal7 <not-affected> (Only affects Drupal 8) NOTE: https://www.drupal.org/SA-CORE-2016-005 - NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/18/8 CVE-2016-9451 (Confirmation forms in Drupal 7.x before 7.52 make it easier for remote ...) {DSA-3718-1 DLA-715-1} - drupal7 7.52-1 NOTE: https://www.drupal.org/SA-CORE-2016-005 - NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/18/8 CVE-2016-9450 (The user password reset form in Drupal 8.x before 8.2.3 allows remote ...) - drupal8 <itp> (bug #756305) - drupal7 <not-affected> (Only affects Drupal 8) NOTE: https://www.drupal.org/SA-CORE-2016-005 - NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/18/8 CVE-2016-9449 (The taxonomy module in Drupal 7.x before 7.52 and 8.x before 8.2.3 mig ...) {DSA-3718-1 DLA-715-1} - drupal8 <itp> (bug #756305) - drupal7 7.52-1 NOTE: https://www.drupal.org/SA-CORE-2016-005 - NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/18/8 CVE-2016-9443 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...) - w3m 0.5.3-30 [jessie] - w3m 0.5.3-19+deb8u1 @@ -5376,7 +5376,7 @@ CVE-2016-9400 (The CClient::ProcessServerPacket method in engine/client/client.c [wheezy] - teeworlds <end-of-life> (Games are not supported in Wheezy) NOTE: https://www.teeworlds.com/?page=news&id=12086 NOTE: https://github.com/teeworlds/teeworlds/commit/ff254722a2683867fcb3e67569ffd36226c4bc62 (0.6.4-release) - NOTE: http://www.openwall.com/lists/oss-security/2016/11/16/8 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/16/8 CVE-2016-9321 RESERVED CVE-2016-9320 @@ -5504,13 +5504,13 @@ CVE-2016-9447 (The ROM mappings in the NSF decoder in gstreamer 0.10.x allow rem NOTE: http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html CVE-2016-9299 (The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allow ...) - jenkins <removed> - NOTE: http://www.openwall.com/lists/oss-security/2016/11/12/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/12/4 CVE-2016-9298 (Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c i ...) - imagemagick 8:6.9.6.5+dfsg-1 (bug #844211) [jessie] - imagemagick <not-affected> (Vulnerable code not present) [wheezy] - imagemagick <not-affected> (Vulnerable code not present) NOTE: https://github.com/ImageMagick/ImageMagick/issues/296 - NOTE: http://www.openwall.com/lists/oss-security/2016/11/13/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/13/1 CVE-2016-9300 REJECTED CVE-2016-9301 @@ -5523,7 +5523,7 @@ CVE-2016-9297 (The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote at - tiff3 <removed> [wheezy] - tiff3 <not-affected> (Unreproducible) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2590 - NOTE: http://www.openwall.com/lists/oss-security/2016/11/12/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/12/2 NOTE: Patch https://github.com/vadz/libtiff/commit/30c9234c7fd0dd5e8b1e83ad44370c875a0270ed NOTE: Reproducible with valgrind in wheezy with 4.0.2-6+deb7u7 NOTE: Reproducible with valgrind in jessie with 4.0.3-12.3+deb8u1 @@ -5579,7 +5579,7 @@ CVE-2016-9532 (Integer overflow in the writeBufferToSeparateStrips function in t [wheezy] - tiff3 <not-affected> (Tools not shipped by tiff3) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2592 NOTE: Patch: https://github.com/vadz/libtiff/commit/21d39de1002a5e69caa0574b2cc05d795d6fbfad - NOTE: http://www.openwall.com/lists/oss-security/2016/11/11/14 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/11/14 CVE-2016-9296 (A null pointer dereference bug affects the 16.02 and many old versions ...) - p7zip 16.02+dfsg-2 (unimportant; bug #844344) [jessie] - p7zip <not-affected> (Vulnerable code with potential NULL pointer dereference introduced later) @@ -5681,7 +5681,7 @@ CVE-2016-9243 (HKDF in cryptography before 1.5.2 returns an empty byte-string if [jessie] - python-cryptography 0.6.1-1+deb8u1 NOTE: Upstream bug: https://github.com/pyca/cryptography/issues/3211 NOTE: Upstream commit: https://github.com/pyca/cryptography/commit/b924696b2e8731f39696584d12cceeb3aeb2d874 - NOTE: http://www.openwall.com/lists/oss-security/2016/11/08/6 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/08/6 CVE-2016-9242 (Multiple SQL injection vulnerabilities in the update method in framewo ...) NOT-FOR-US: Exponent CMS CVE-2016-9241 @@ -5894,7 +5894,7 @@ CVE-2016-9179 (lynx: It was found that Lynx doesn't parse the authority componen - lynx 2.8.9dev11-1 (bug #843258) - lynx-cur <removed> [jessie] - lynx-cur <no-dsa> (Minor issue) - NOTE: http://www.openwall.com/lists/oss-security/2016/11/03/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/03/4 NOTE: Slight mitigation and documentation improvement was done in 2.8.9dev.10 upstream NOTE: the uplaod to unstable as 2.8.9dev10-1 CVE-2016-9644 (The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the L ...) @@ -5905,7 +5905,7 @@ CVE-2016-9644 (The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in NOTE: 548acf19234dbda5a52d5a8e7e205af46e9da840 (added in 4.6), as such NOTE: src:linux was never affected. 1c109fabbd5 also wasn't backported to NOTE: the 3.2 and 3.16 LTS series - NOTE: http://www.openwall.com/lists/oss-security/2016/11/03/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/03/2 CVE-2016-9178 (The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the L ...) {DLA-772-1} - linux 4.7.5-1 @@ -5931,7 +5931,7 @@ CVE-2016-9181 (perl-Image-Info: When parsing an SVG file, external entity expans NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=118099 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1379556 NOTE: Upstream commit: https://github.com/eserte/image-info/commit/781625b643bc05ba92127a4554de7910f3f2f8e6 - NOTE: http://www.openwall.com/lists/oss-security/2016/11/02/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/02/1 NOTE: Older versions of libimage-info-perl only can use XML::Simple. NOTE: Controlling XXE processing behavior in XML::Simple is not really NOTE: possible (see https://rt.cpan.org/Ticket/Display.html?id=83794), @@ -5945,7 +5945,7 @@ CVE-2016-9180 (perl-XML-Twig: The option to `expand_external_ents`, documented a [wheezy] - libxml-twig-perl <no-dsa> (Minor issue, new flag would require changes to applications too, not worth the effort) NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=118097 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1379553 - NOTE: http://www.openwall.com/lists/oss-security/2016/11/02/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/02/1 NOTE: Release 3.50 adds a no_xxe flag which will fail to parse files with external entities. NOTE: 2016-12-13: The corresponding changes is not in the public git repository yet: https://github.com/mirod/xmltwig/commits/master CVE-2016-9136 (Artifex Software, Inc. MuJS before a0ceaf5050faf419401fe1b83acfa950ec8 ...) @@ -5994,7 +5994,7 @@ CVE-2016-9139 (Cross-site scripting (XSS) vulnerability in Open Ticket Request S - otrs2 5.0.14-1 (bug #843091) [jessie] - otrs2 3.3.18-1+deb8u1 NOTE: https://community.otrs.com/security-advisory-2016-02-security-update-otrs - NOTE: http://www.openwall.com/lists/oss-security/2016/11/01/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/01/5 NOTE: upstream fix likely https://github.com/OTRS/otrs/commit/6578a8bcf82529461302291ab3fcb500363b005a CVE-2016-9120 (Race condition in the ion_ioctl function in drivers/staging/android/io ...) - linux 4.6.1-1 (unimportant) @@ -6071,33 +6071,33 @@ CVE-2016-9107 (The OTR plugin for Gajim sends information in cleartext when usin - gajim-otr <itp> (bug #722130) NOTE: Upstream bug: https://trac-plugins.gajim.org/ticket/145 NOTE: Upstream fix: https://trac-plugins.gajim.org/changeset/c7c2e519ed63377bc943dd01c4661b0fe49321ae - NOTE: http://www.openwall.com/lists/oss-security/2016/10/30/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/30/2 CVE-2016-9106 (Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Qu ...) {DLA-1599-1 DLA-698-1 DLA-689-1} - qemu 1:2.8+dfsg-1 (bug #842463) - qemu-kvm <removed> NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02623.html - NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/28/4 NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=fdfcc9aeea1492f4b819a24c94dfb678145b1bf9 CVE-2016-9105 (Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Qui ...) {DLA-1599-1 DLA-698-1 DLA-689-1} - qemu 1:2.8+dfsg-1 (bug #842463) - qemu-kvm <removed> NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02608.html - NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/28/3 NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=4c1586787ff43c9acd18a56c12d720e3e6be9f7c CVE-2016-9104 (Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xat ...) {DLA-1599-1 DLA-698-1 DLA-689-1} - qemu 1:2.8+dfsg-1 (bug #842463) - qemu-kvm <removed> NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02942.html - NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/28/2 CVE-2016-9103 (The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emula ...) {DLA-1599-1 DLA-698-1 DLA-689-1} - qemu 1:2.8+dfsg-1 (bug #842463) - qemu-kvm <removed> NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01790.html - NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/28/1 NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=eb687602853b4ae656e9236ee4222609f3a6887d CVE-2016-9102 (Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU ( ...) {DLA-1599-1 DLA-698-1 DLA-689-1} @@ -6105,7 +6105,7 @@ CVE-2016-9102 (Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in Q - qemu-kvm <removed> NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01861.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1389550 - NOTE: http://www.openwall.com/lists/oss-security/2016/10/27/15 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/27/15 NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ff55e94d23ae94c8628b0115320157c763eb3e06 CVE-2016-9101 (Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows l ...) {DLA-1599-1 DLA-698-1 DLA-689-1} @@ -6113,7 +6113,7 @@ CVE-2016-9101 (Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) all - qemu-kvm <removed> NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg03024.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1389538 - NOTE: http://www.openwall.com/lists/oss-security/2016/10/27/14 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/27/14 NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=2634ab7fe29b3f75d0865b719caf8f310d634aae (v2.8.0-rc0) CVE-2016-9088 RESERVED @@ -6549,12 +6549,12 @@ CVE-2016-8911 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remo CVE-2016-9016 (Firejail 0.9.38.4 allows local users to execute arbitrary commands out ...) - firejail 0.9.44-1 NOTE: https://github.com/netblue30/firejail/commit/46dc2b34f1fbbc4597b4ff9f6a3cb28b2d500d1b - NOTE: http://www.openwall.com/lists/oss-security/2016/10/25/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/25/3 CVE-2016-9011 (The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote attac ...) {DLA-694-1} - libwmf 0.2.8.4-10.6 (bug #842090) [jessie] - libwmf 0.2.8.4-10.3+deb8u2 - NOTE: http://www.openwall.com/lists/oss-security/2016/10/18/9 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/18/9 NOTE: https://blogs.gentoo.org/ago/2016/10/18/libwmf-memory-allocation-failure-in-wmf_malloc-api-c NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00015-libwmf-memalloc-wmf_malloc NOTE: Proposed patch: https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=842090;filename=libwmf-0.2.8.4-CVE-2016-9011-debian.patch;msg=10 @@ -7045,13 +7045,13 @@ CVE-2016-8910 (The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU ( - qemu 1:2.8+dfsg-1 (bug #841955) - qemu-kvm <removed> NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html - NOTE: http://www.openwall.com/lists/oss-security/2016/10/24/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/24/2 CVE-2016-8909 (The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick ...) {DLA-1599-1 DLA-698-1 DLA-689-1} - qemu 1:2.8+dfsg-1 (bug #841950) - qemu-kvm <removed> NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg04717.html - NOTE: http://www.openwall.com/lists/oss-security/2016/10/24/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/24/1 CVE-2016-XXXX [Privilege escalation possible to other user than root] - bash <unfixed> (unimportant; bug #841856) NOTE: This is strongly related to the problem described in CVE-2016-7543 and the correction @@ -7063,7 +7063,7 @@ CVE-2016-10249 (Integer overflow in the jpc_dec_tiledecode function in jpc_dec.c NOTE: Fixed by: https://github.com/mdadams/jasper/commit/988f8365f7d8ad8073b6786e433d34c553ecf568 (version-1.900.12) NOTE: https://blogs.gentoo.org/ago/2016/10/23/jasper-heap-based-buffer-overflow-in-jpc_dec_tiledecode-jpc_dec-c/ NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00001-jasper-heapoverflow-jpc_dec_tiledecode - NOTE: http://www.openwall.com/lists/oss-security/2016/10/23/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/23/7 CVE-2016-10250 (The jp2_colr_destroy function in jp2_cod.c in JasPer before 1.900.13 a ...) - jasper <not-affected> (Incomplete fix for CVE-206-8887 not applied) NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00002-jasper-NULLptr-jp2_colr_destroy @@ -7127,7 +7127,7 @@ CVE-2016-8859 (Multiple integer overflows in the TRE library and musl libc allow [jessie] - tre 0.8.0-4+deb8u1 - musl 1.1.15-2 (bug #842171) [jessie] - musl 1.1.5-2+deb8u1 - NOTE: http://www.openwall.com/lists/oss-security/2016/10/19/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/19/1 NOTE: other issues may still be present in tre after this: https://github.com/laurikari/tre/issues/37 NOTE: musl patch: http://git.musl-libc.org/cgit/musl/commit/?id=c3edc06d1e1360f3570db9155d6b318ae0d0f0f7, not released yet CVE-2016-8858 (** DISPUTED ** The kex_input_kexinit function in kex.c in OpenSSH 6.x ...) @@ -7144,21 +7144,21 @@ CVE-2016-8862 (The AcquireMagickMemory function in MagickCore/memory.c in ImageM NOTE: The initial patch was initiall meant to be incomplete and resulted in CVE-2016-8866. So when fixing NOTE: this CVE make sure to fix it completely to not open up CVE-2016-8866. NOTE: The "incomplete fix" though is not a real problem, cf. https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30908#p140255 - NOTE: http://www.openwall.com/lists/oss-security/2016/10/17/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/17/4 CVE-2016-8860 (Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal funct ...) {DSA-3694-1 DLA-663-1} - tor 0.2.8.9-1 NOTE: https://trac.torproject.org/projects/tor/ticket/20384 NOTE: https://blog.torproject.org/blog/tor-0289-released-important-fixes NOTE: https://gitweb.torproject.org/tor.git/commit/?id=3cea86eb2fbb65949673eb4ba8ebb695c87a57ce - NOTE: http://www.openwall.com/lists/oss-security/2016/10/18/11 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/18/11 CVE-2016-9138 (PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modifica ...) {DSA-3732-1} - php7.0 7.0.12-1 - php5 <removed> [wheezy] - php5 <not-affected> (Vulnerable code not present in version 5.4.45) NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73147 - NOTE: http://www.openwall.com/lists/oss-security/2016/11/01/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/01/7 CVE-2016-9137 (Use-after-free vulnerability in the CURLFile implementation in ext/cur ...) {DSA-3698-1} - php7.0 7.0.12-1 @@ -7167,7 +7167,7 @@ CVE-2016-9137 (Use-after-free vulnerability in the CURLFile implementation in ex NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73147 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=0e6fe3a4c96be2d3e88389a5776f878021b4c59f NOTE: Fixed in 7.0.12, 5.6.27 - NOTE: http://www.openwall.com/lists/oss-security/2016/10/18/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/18/1 CVE-2016-8673 (A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl ...) NOT-FOR-US: Siemens SIMATIC CP CVE-2016-8672 (A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl ...) @@ -7248,7 +7248,7 @@ CVE-2016-8690 (The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer bef {DLA-1583-1} - jasper <removed> (low; bug #841112) [wheezy] - jasper <no-dsa> (Minor issue) - NOTE: CVE ID for the first and fifth items of http://www.openwall.com/lists/oss-security/2016/08/23/6 post + NOTE: CVE ID for the first and fifth items of https://www.openwall.com/lists/oss-security/2016/08/23/6 post NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c/ NOTE: The original fix is incomplete resulting in two follow ups CVE-2016-8884 and NOTE: CVE-2016-8885. @@ -7304,7 +7304,7 @@ CVE-2016-8670 (Integer signedness error in the dynamicGetbuf function in gd_io_d - libgd2 2.2.3-87-gd0fec80-1 (bug #840805) NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73280 NOTE: https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9 - NOTE: http://www.openwall.com/lists/oss-security/2016/10/15/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/15/1 CVE-2016-8671 (The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not prop ...) - matrixssl <not-affected> (Incomplete fix for CVE-2016-6887 not applied) NOTE: https://blog.fuzzing-project.org/54-Update-on-MatrixSSL-miscalculation-incomplete-fix-for-CVE-2016-6887.html @@ -7561,11 +7561,11 @@ CVE-2016-8612 (Apache HTTP Server mod_cluster before version httpd 2.4.23 is vul - libapache2-mod-cluster <itp> (bug #731410) CVE-2016-8611 (A vulnerability was found in Openstack Glance. No limits are enforced ...) - glance <unfixed> (unimportant) - NOTE: http://www.openwall.com/lists/oss-security/2016/10/27/16 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/27/16 CVE-2016-8610 (A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 thro ...) {DSA-3773-1 DLA-814-1} - openssl 1.0.2j-1 - NOTE: http://www.openwall.com/lists/oss-security/2016/10/24/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/24/3 NOTE: Fixed by: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=af58be768ebb690f78530f796e92b8ae5c9a4401 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1384743 mentions countermeasures in gnutls NOTE: https://gitlab.com/gnutls/gnutls/commit/1ffb827e45721ef56982d0ffd5c5de52376c428e @@ -7594,7 +7594,7 @@ CVE-2016-8596 (Buffer overflow in the csp_can_process_frame in csp_if_can.c in t NOTE: https://github.com/GomSpace/libcsp/pull/81/commits/4435fbed4090ff3cd090a61517430fe8a3924cd8 CVE-2016-8595 (The gsm_parse function in libavcodec/gsm_parser.c in FFmpeg before 3.1 ...) - ffmpeg 7:3.1.5-1 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/08/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/08/2 NOTE: https://github.com/FFmpeg/FFmpeg/commit/987690799dd86433bf98b897aaa4c8d93ade646d CVE-2016-8594 RESERVED @@ -7604,7 +7604,7 @@ CVE-2016-8666 (The IP stack in the Linux kernel before 4.6 allows remote attacke [wheezy] - linux <not-affected> (Vulnerable code introduced later) NOTE: Fixed by: https://git.kernel.org/linus/fac8e0f579695a3ecbc4d3cac369139d7f819971 NOTE: Introduced by: htttps://git.kernel.org/linus/bf5a755f5e9186406bbf50f4087100af5bd68e40 - NOTE: http://www.openwall.com/lists/oss-security/2016/10/13/11 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/13/11 CVE-2016-8660 (The XFS subsystem in the Linux kernel through 4.8.2 allows local users ...) - linux <unfixed> (unimportant) [jessie] - linux <not-affected> (Vulnerable code not present) @@ -7841,7 +7841,7 @@ CVE-2016-XXXX [dbus format string vulnerability] NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=98157 NOTE: Versions affected: dbus >= 1.4.0 NOTE: Fixed in: dbus >= 1.11.6, 1.10.x >= 1.10.12, 1.8.x >= 1.8.22 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/10/10/9 + NOTE: CVE Request: https://www.openwall.com/lists/oss-security/2016/10/10/9 NOTE: In Debian CVE-2015-0245 was already fixed, and this issue is NOTE: not believed to be exploitable in practice, because the relevant NOTE: message is ignored unless it comes from the owner of the bus name @@ -7882,7 +7882,7 @@ CVE-2016-8679 (The _dwarf_get_size_of_val function in libdwarf/dwarf_util.c in L - dwarfutils 20161001-2 (bug #840958) [jessie] - dwarfutils <no-dsa> (Minor issue) [wheezy] - dwarfutils <no-dsa> (Minor issue) - NOTE: http://www.openwall.com/lists/oss-security/2016/10/08/11 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/08/11 NOTE: https://sourceforge.net/p/libdwarf/code/ci/2d14a7792889e33bc542c28d0f3792964c46214f/#diff-13 NOTE: https://sourceforge.net/p/libdwarf/code/ci/efe48cad0693d6994d9a7b561e1c3833b073a624/#diff-2 NOTE: Same fix as CVE-2016-8681 but different issue @@ -7890,7 +7890,7 @@ CVE-2016-8680 (The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwa - dwarfutils 20161001-2 (bug #840960) [jessie] - dwarfutils <no-dsa> (Minor issue) [wheezy] - dwarfutils <no-dsa> (Minor issue) - NOTE: http://www.openwall.com/lists/oss-security/2016/10/08/12 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/08/12 NOTE: https://sourceforge.net/p/libdwarf/code/ci/268c1f18d1d28612af3b72d7c670076b1b88e51c/tree/libdwarf/dwarf_util.c?diff=0b28b923c3bd9827d1d904feed2abadde4fa5de2 CVE-2016-8681 (The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf 20 ...) - dwarfutils 20161001-2 (bug #840961) @@ -7898,7 +7898,7 @@ CVE-2016-8681 (The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwa [wheezy] - dwarfutils <no-dsa> (Minor issue) NOTE: https://sourceforge.net/p/libdwarf/code/ci/2d14a7792889e33bc542c28d0f3792964c46214f/#diff-13 NOTE: https://sourceforge.net/p/libdwarf/code/ci/efe48cad0693d6994d9a7b561e1c3833b073a624/#diff-2 - NOTE: http://www.openwall.com/lists/oss-security/2016/10/08/13 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/08/13 CVE-2016-8602 (The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 al ...) {DSA-3691-1 DLA-674-1} - ghostscript 9.19~dfsg-3.1 (bug #840451) @@ -8149,29 +8149,29 @@ CVE-2016-7979 (Ghostscript before 9.21 might allow remote attackers to bypass th NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697190 NOTE: Reproducer: http://bugs.ghostscript.com/show_bug.cgi?id=697190#c0 NOTE: Patch: https://git.ghostscript.com/?p=ghostpdl.git;h=875a0095f37626a721c7ff57d606a0f95af03913 - NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/7 - NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/19 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/05/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/05/19 CVE-2016-7978 (Use-after-free vulnerability in Ghostscript 9.20 might allow remote at ...) {DSA-3691-1 DLA-674-1} - ghostscript 9.19~dfsg-3.1 (bug #839845) NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697179 NOTE: Reproducer: http://bugs.ghostscript.com/show_bug.cgi?id=697179#c0 NOTE: Patch: https://git.ghostscript.com/?p=ghostpdl.git;h=6f749c0c44e7b9e09737b9f29edf29925a34f0cf - NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/05/7 CVE-2016-7977 (Ghostscript before 9.21 might allow remote attackers to bypass the SAF ...) {DSA-3691-1 DLA-674-1} - ghostscript 9.19~dfsg-3.1 (high; bug #839841) NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697169 - NOTE: Reproducer: http://www.openwall.com/lists/oss-security/2016/09/29/28 + NOTE: Reproducer: https://www.openwall.com/lists/oss-security/2016/09/29/28 NOTE: Patch: https://git.ghostscript.com/?p=ghostpdl.git;h=8abd22010eb4db0fb1b10e430d5f5d83e015ef70 - NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/05/7 CVE-2016-7976 (The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attacker ...) {DSA-3691-1 DLA-674-1} - ghostscript 9.19~dfsg-3.1 (high; bug #839260) NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697178 - NOTE: Reproducer: http://www.openwall.com/lists/oss-security/2016/09/30/8 + NOTE: Reproducer: https://www.openwall.com/lists/oss-security/2016/09/30/8 NOTE: Patch: https://git.ghostscript.com/?p=ghostpdl.git;h=6d444c273da5499a4cd72f21cb6d4c9a5256807d - NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/05/7 CVE-2016-1000247 [mpg123 memory overread] {DLA-655-1} - mpg123 1.23.8-1 (low; bug #838960) @@ -8187,7 +8187,7 @@ CVE-2016-XXXX [nspr, nss: unprotected environment variables] [wheezy] - nss 2:3.26-1+debu7u1 NOTE: Workaround entry for DSA-3688-1/DLA-677-1 until CVE is assigned NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.22.1_release_notes - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/10/02/4 + NOTE: CVE Request: https://www.openwall.com/lists/oss-security/2016/10/02/4 CVE-2016-8390 (An exploitable out of bounds write vulnerability exists in the parsing ...) NOT-FOR-US: Hopper Disassembler CVE-2016-8389 (An exploitable integer-overflow vulnerability exists within Iceni Argu ...) @@ -8456,7 +8456,7 @@ CVE-2016-7553 (The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak pe [jessie] - irssi 0.8.17-1+deb8u2 NOTE: Fixed by: https://github.com/irssi/scripts.irssi.org/commit/f1b1eb154baa684fad5d65bf4dff79c8ded8b65a NOTE: https://irssi.org/2016/09/22/buf.pl-update/ - NOTE: http://www.openwall.com/lists/oss-security/2016/09/24/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/24/1 CVE-2016-1000242 RESERVED CVE-2016-1000241 @@ -8519,7 +8519,7 @@ CVE-2016-7466 (Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=b53dd4495ced2432a0b652ea895e651d07336f7e NOTE: The usb_xhci_exit and thus the patched code was introduced in: NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=53c30545fb34c43c84d62ea1c2b0dc6b53303c34 (v2.2.0-rc0) - NOTE: http://www.openwall.com/lists/oss-security/2016/09/19/8 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/19/8 CVE-2016-8280 (Directory traversal vulnerability in Huawei eSight before V300R003C20S ...) NOT-FOR-US: Huawei eSight UMS CVE-2016-8279 (The video driver in Huawei Mate S smartphones with software CRR-TL00 b ...) @@ -8647,7 +8647,7 @@ CVE-2016-7423 (The mptsas_process_scsi_io_request function in QEMU (aka Quick Em - qemu-kvm <not-affected> (Vulnerable code introduced later) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg03604.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1376776 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/16/5 NOTE: LSI SAS1068 (mptsas) device support added in NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=e351b82611293683c4cabe4b69b7552bde5d4e2a (v2.6.0-rc0) NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=670e56d3ed2918b3861d9216f2c0540d9e9ae0d5 @@ -8659,7 +8659,7 @@ CVE-2016-7422 (The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (ak NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg03546.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1376755 NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=3b3b0628217e2726069990ff9942a5d6d9816bd7 (v2.6.0-rc0) - NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/16/4 CVE-2016-7421 (The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU ...) {DLA-1599-1} - qemu 1:2.7+dfsg-1 (bug #838147) @@ -8667,7 +8667,7 @@ CVE-2016-7421 (The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in - qemu-kvm <not-affected> (Vulnerable code not present, introduced after 1.5) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg03609.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1376731 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/16/3 NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=d251157ac1928191af851d199a9ff255d330bec9 CVE-2016-8220 (Pivotal Gemfire for PCF, versions 1.6.x prior to 1.6.5.0 and 1.7.x pri ...) NOT-FOR-US: Pivotal @@ -8716,7 +8716,7 @@ CVE-2016-7444 (The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in Gnu NOTE: http://lists.gnutls.org/pipermail/gnutls-devel/2016-September/008146.html NOTE: Upstream fix: https://gitlab.com/gnutls/gnutls/commit/964632f37dfdfb914ebc5e49db4fa29af35b1de9 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1374266 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/18/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/18/3 CVE-2016-8200 RESERVED CVE-2016-8199 @@ -9326,7 +9326,7 @@ CVE-2016-7954 (Bundler 1.x might allow remote attackers to inject arbitrary Ruby [stretch] - bundler <ignored> (Minor issue, too intrusive to backport) [jessie] - bundler <ignored> (Minor issue, too intrusive to backport) [wheezy] - bundler <no-dsa> (Minor issue, too intrusive to backport) - NOTE: http://www.openwall.com/lists/oss-security/2016/10/04/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/10/04/5 NOTE: There is no plan from upstream to address this for bundler 1.x NOTE: due to lockfile format. CVE-2016-7953 (Buffer underflow in X.org libXvMC before 1.0.10 allows remote X server ...) @@ -10334,7 +10334,7 @@ CVE-2016-7543 (Bash before 4.4 allows local users to execute arbitrary commands {DLA-680-1} - bash 4.4-1 [jessie] - bash 4.3-11+deb8u1 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/26/9 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/26/9 NOTE: Default shell is dash which is not vulnerable, but bash in Jessie and NOTE: Wheezy are affected. NOTE: Fixed by (4.3): https://ftp.gnu.org/pub/gnu/bash/bash-4.3-patches/bash43-048 @@ -11352,7 +11352,7 @@ CVE-2016-7405 (The qstr method in the PDO driver in the ADOdb Library for PHP be NOTE: https://github.com/ADOdb/ADOdb/commit/bd9eca9 NOTE: Issue only with the PDO driver and only if queries built by inlining NOTE: the quoted string (not recommended). - NOTE: http://www.openwall.com/lists/oss-security/2016/09/07/8 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/07/8 CVE-2016-7154 (Use-after-free vulnerability in the FIFO event channel code in Xen 4.4 ...) {DSA-3663-1} - xen 4.6.0-1 @@ -11421,7 +11421,7 @@ CVE-2016-7155 (hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local gu [wheezy] - qemu-kvm <not-affected> (Vulnerable code not present) NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg00050.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373462 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/06/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/06/2 NOTE: Vulnerable code introduced after version 1.5: http://wiki.qemu.org/ChangeLog/1.5 CVE-2016-7156 (The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (ak ...) {DLA-1599-1} @@ -11431,7 +11431,7 @@ CVE-2016-7156 (The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEM [wheezy] - qemu-kvm <not-affected> (Vulnerable code not present) NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg00772.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373478 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/06/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/06/3 NOTE: Vulnerable code introduced after version 1.5: http://wiki.qemu.org/ChangeLog/1.5 CVE-2016-7157 (The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 func ...) - qemu 1:2.6+dfsg-3.1 (bug #837603) @@ -11441,7 +11441,7 @@ CVE-2016-7157 (The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 [wheezy] - qemu-kvm <not-affected> (Vulnerable code not present) NOTE: Upstream patches: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg04295.html NOTE: Upstream patches: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg04296.html - NOTE: http://www.openwall.com/lists/oss-security/2016/09/06/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/06/4 NOTE: Vulnerable code introduced after version 2.6: http://wiki.qemu.org/ChangeLog/2.6 CVE-2016-7140 (Multiple cross-site scripting (XSS) vulnerabilities in the ZMI page in ...) NOT-FOR-US: Plone @@ -11465,20 +11465,20 @@ CVE-2016-7145 (The m_authenticate function in ircd/m_authenticate.c in nefarious NOT-FOR-US: Nefarious 2 CVE-2016-7144 (The m_authenticate function in modules/m_sasl.c in UnrealIRCd before 3 ...) - unrealircd <itp> (bug #515130) - NOTE: http://www.openwall.com/lists/oss-security/2016/09/04/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/04/3 NOTE: unrealircd reportedly vulnerable, and ircd-seven reportedly not vulnerable CVE-2016-7143 (The m_authenticate function in modules/m_sasl.c in Charybdis before 3. ...) {DSA-3661-1} - charybdis 3.5.3-1 (bug #836714) [wheezy] - charybdis <no-dsa> (unsupported) NOTE: charybdis patch: https://github.com/charybdis-ircd/charybdis/commit/818a3fda944b26d4814132cee14cfda4ea4aa824 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/04/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/04/3 CVE-2016-7142 (The m_sasl module in InspIRCd before 2.0.23, when used with a service ...) {DSA-3662-1} - inspircd 2.0.23-1 (bug #836706) [wheezy] - inspircd <end-of-life> (not supported in Wheezy) NOTE: http://www.inspircd.org/2016/09/03/v2023-released.html - NOTE: http://www.openwall.com/lists/oss-security/2016/09/04/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/04/3 CVE-2016-7120 RESERVED CVE-2016-7134 (ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a l ...) @@ -11486,14 +11486,14 @@ CVE-2016-7134 (ext/curl/interface.c in PHP 7.x before 7.0.10 does not work aroun - php5 <not-affected> (Only affects PHP 7) NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72674 NOTE: Fixed in 7.0.10 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/02/5 NOTE: https://github.com/php/php-src/commit/72dbb7f416160f490c4e9987040989a10ad431c7?w=1 CVE-2016-7133 (Zend/zend_alloc.c in PHP 7.x before 7.0.10, when open_basedir is enabl ...) - php7.0 7.0.10-1 - php5 <not-affected> (Only affects PHP 7) NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72742 NOTE: Fixed in 7.0.10 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/02/5 NOTE: https://github.com/php/php-src/commit/c2a13ced4272f2e65d2773e2ea6ca11c1ce4a911?w=1 CVE-2016-7132 (ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remo ...) {DSA-3689-1 DLA-749-1} @@ -11501,7 +11501,7 @@ CVE-2016-7132 (ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows - php5 5.6.26+dfsg-1 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72799 NOTE: Fixed in 7.0.10, 5.6.25 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/02/5 NOTE: https://github.com/php/php-src/commit/a14fdb9746262549bbbb96abb87338bacd147e1b?w=1 NOTE: 72790 and 72799 are associated with the same commit. Not all of the NOTE: commit is about the pop issue in 72799. @@ -11511,7 +11511,7 @@ CVE-2016-7131 (ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows - php5 5.6.26+dfsg-1 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72790 NOTE: Fixed in 7.0.10, 5.6.25 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/02/5 NOTE: https://github.com/php/php-src/commit/a14fdb9746262549bbbb96abb87338bacd147e1b?w=1 NOTE: Cf. as well https://bugs.php.net/bug.php?id=72799 NOTE: 72790 and 72799 are associated with the same commit. Not all of the @@ -11522,7 +11522,7 @@ CVE-2016-7130 (The php_wddx_pop_element function in ext/wddx/wddx.c in PHP befor - php5 5.6.26+dfsg-1 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72750 NOTE: Fixed in 7.0.10, 5.6.25 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/02/5 NOTE: https://github.com/php/php-src/commit/698a691724c0a949295991e5df091ce16f899e02?w=1 CVE-2016-7129 (The php_wddx_process_data function in ext/wddx/wddx.c in PHP before 5. ...) {DSA-3689-1 DLA-749-1} @@ -11530,7 +11530,7 @@ CVE-2016-7129 (The php_wddx_process_data function in ext/wddx/wddx.c in PHP befo - php5 5.6.26+dfsg-1 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72749 NOTE: Fixed in 7.0.10, 5.6.25 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/02/5 NOTE: https://github.com/php/php-src/commit/426aeb2808955ee3d3f52e0cfb102834cdb836a5?w=1 CVE-2016-7128 (The exif_process_IFD_in_TIFF function in ext/exif/exif.c in PHP before ...) {DSA-3689-1 DLA-749-1} @@ -11538,7 +11538,7 @@ CVE-2016-7128 (The exif_process_IFD_in_TIFF function in ext/exif/exif.c in PHP b - php5 5.6.26+dfsg-1 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72627 NOTE: Fixed in 7.0.10, 5.6.25 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/02/5 NOTE: https://github.com/php/php-src/commit/6dbb1ee46b5f4725cc6519abf91e512a2a10dfed?w=1 CVE-2016-7127 (The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and ...) {DSA-3689-1} @@ -11547,7 +11547,7 @@ CVE-2016-7127 (The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.2 - php5 5.6.26+dfsg-1 (unimportant) NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72730 NOTE: Fixed in 7.0.10, 5.6.25 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/02/5 NOTE: https://github.com/php/php-src/commit/1bd103df00f49cf4d4ade2cfe3f456ac058a4eae?w=1 CVE-2016-7126 (The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6. ...) {DSA-3689-1} @@ -11556,7 +11556,7 @@ CVE-2016-7126 (The imagetruecolortopalette function in ext/gd/gd.c in PHP before - php5 5.6.26+dfsg-1 (unimportant) NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72697 NOTE: Fixed in 7.0.10, 5.6.25 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/02/5 NOTE: https://github.com/php/php-src/commit/b6f13a5ef9d6280cf984826a5de012a32c396cd4?w=1 CVE-2016-7125 (ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips ...) {DSA-3689-1 DLA-628-1} @@ -11564,7 +11564,7 @@ CVE-2016-7125 (ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 - php5 5.6.26+dfsg-1 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72681 NOTE: Fixed in 7.0.10, 5.6.25 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/02/5 NOTE: https://github.com/php/php-src/commit/8763c6090d627d8bb0ee1d030c30e58f406be9ce?w=1 NOTE: Scope of CVE also includes the "The similar issue also exist in session php_binary NOTE: handler" part of 72681. @@ -11574,7 +11574,7 @@ CVE-2016-7124 (ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x befo - php5 5.6.26+dfsg-1 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72663 NOTE: Fixed in 7.0.10, 5.6.25 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/02/5 NOTE: https://github.com/php/php-src/commit/20ce2fe8e3c211a42fee05a461a5881be9a8790e?w=1 CVE-2016-7123 (Cross-site request forgery (CSRF) vulnerability in the admin web inter ...) - mailman 2.1.15-1 @@ -11602,34 +11602,34 @@ CVE-2016-10057 (Buffer overflow in the WriteGROUP4Image function in coders/tiff. {DSA-3675-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #836172) NOTE: https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10056 (Buffer overflow in the sixel_decode function in coders/sixel.c in Imag ...) {DSA-3675-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #836172) NOTE: https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10055 (Buffer overflow in the WritePDBImage function in coders/pdb.c in Image ...) {DSA-3675-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #836172) NOTE: https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10054 (Buffer overflow in the WriteMAPImage function in coders/map.c in Image ...) {DSA-3675-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #836172) NOTE: https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10053 (The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9 ...) {DSA-3675-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #836171) [wheezy] - imagemagick <not-affected> (Vulnerability likely introduced in a version after 6.7.7.10) NOTE: https://github.com/ImageMagick/ImageMagick/commit/f983dcdf9c178e0cbc49608a78713c5669aa1bb5 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-7118 (fs/fcntl.c in the "aufs 3.2.x+setfl-debian" patch in the linux-image p ...) {DLA-609-1} - linux <not-affected> NOTE: Bit of complicated tracking information. For jessie the affected version is not in any yet NOTE: released version, thus should be n/a. wheezy OTOH, has already the issue in a released version. Issue then was fixed in 3.2.81-2 in DLA-609-1 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/31/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/31/1 CVE-2016-7116 (Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick E ...) {DLA-1599-1 DLA-619-1 DLA-618-1} - qemu 1:2.6+dfsg-3.1 (bug #836502) @@ -12213,14 +12213,14 @@ CVE-2016-6889 CVE-2016-6881 (The zlib_refill function in libavformat/swfdec.c in FFmpeg before 3.1. ...) - ffmpeg 7:3.1.3-1 (unimportant) - libav <not-affected> - NOTE: http://www.openwall.com/lists/oss-security/2016/09/26/6 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/26/6 NOTE: https://github.com/FFmpeg/FFmpeg/commit/4770eac6 NOTE: Vulnerable code not present in any Libav version. CVE-2016-6902 (lshell 0.9.16 allows remote authenticated users to break out of a limi ...) - lshell <removed> (bug #834949) [wheezy] - lshell <not-affected> (Vulnerable code not present) NOTE: https://github.com/ghantoos/lshell/issues/147 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/22/15 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/22/15 NOTE: As for 2016-08-23 https://github.com/ghantoos/lshell/issues/147#issuecomment-241366750 ist still NOTE: as well under the scope of CVE-2016-6902, until "there is further vendor followup NOTE: about issues/147" and possibly a new/additional CVE assignment. @@ -12228,7 +12228,7 @@ CVE-2016-6903 (lshell 0.9.16 allows remote authenticated users to break out of a - lshell <removed> (bug #834946) [wheezy] - lshell <not-affected> (Vulnerable code not present) NOTE: https://github.com/ghantoos/lshell/issues/149 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/22/15 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/22/15 CVE-2016-6897 (Cross-site request forgery (CSRF) vulnerability in the wp_ajax_update_ ...) - wordpress 4.6.1+dfsg-1 (bug #837090) [jessie] - wordpress <not-affected> (wp_ajax_update_plugin function introduced in 4.2) @@ -12366,7 +12366,7 @@ CVE-2016-6866 (slock allows attackers to bypass the screen lock via vectors invo {DLA-598-1} - suckless-tools 41-1 [jessie] - suckless-tools 40-1+deb8u2 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/18/22 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/18/22 NOTE: http://s1m0n.dft-labs.eu/files/slock/ NOTE: Starting with 41-1 slock.c got patched to use PAM, cf. #739629 NOTE: and with the patch readpw(dpy, pws) is not called anymore, and @@ -12441,7 +12441,7 @@ CVE-2016-6812 (The HTTP transport module in Apache CXF prior to 3.0.12 and 3.1.x NOT-FOR-US: Apache CXF CVE-2016-6811 (In Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn use ...) - hadoop <itp> (bug #793644) - NOTE: http://www.openwall.com/lists/oss-security/2018/05/01/2 + NOTE: https://www.openwall.com/lists/oss-security/2018/05/01/2 CVE-2016-6810 (In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scri ...) - activemq 5.14.2+dfsg-1 (unimportant) NOTE: Admin console not enabled in the Debian package, see #702670 @@ -12526,7 +12526,7 @@ CVE-2016-10052 (Buffer overflow in the WriteProfile function in coders/jpeg.c in {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #834501) NOTE: https://github.com/ImageMagick/ImageMagick/commit/9e187b73a8a1290bb0e1a1c878f8be1917aa8742 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-6792 RESERVED CVE-2016-6791 (An elevation of privilege vulnerability in the Qualcomm sound driver c ...) @@ -12790,7 +12790,7 @@ CVE-2016-10051 (Use-after-free vulnerability in the ReadPWPImage function in cod - imagemagick 8:6.9.6.2+dfsg-2 (bug #834183) NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30245 NOTE: https://github.com/ImageMagick/ImageMagick/commit/ecc03a2518c2b7dd375fde3a040fdae0bdf6a521 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-6833 (Use-after-free vulnerability in the vmxnet3_io_bar0_write function in ...) {DLA-1497-1} - qemu 1:2.6+dfsg-3.1 (bug #834904) @@ -12799,7 +12799,7 @@ CVE-2016-6833 (Use-after-free vulnerability in the vmxnet3_io_bar0_write functio [wheezy] - qemu-kvm <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5) NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=6c352ca9b4ee3e1e286ea9e8434bd8e69ac7d0d8 NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01602.html - NOTE: http://www.openwall.com/lists/oss-security/2016/08/12/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/12/1 CVE-2016-6834 (The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in ...) {DLA-1599-1} - qemu 1:2.6+dfsg-3.1 (bug #834905) @@ -12808,7 +12808,7 @@ CVE-2016-6834 (The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt. [wheezy] - qemu-kvm <not-affected> (Vulnerable code not present, packet abstraction introduced in 1.5) NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ead315e43ea0c2ca3491209c6c8db8ce3f2bbe05 NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01601.html - NOTE: http://www.openwall.com/lists/oss-security/2016/08/11/8 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/11/8 CVE-2016-6835 (The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in ...) {DLA-1497-1} - qemu 1:2.6+dfsg-3.1 (bug #835031) @@ -12816,7 +12816,7 @@ CVE-2016-6835 (The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt. - qemu-kvm <removed> [wheezy] - qemu-kvm <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5) NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-stable/2016-08/msg00077.html - NOTE: http://www.openwall.com/lists/oss-security/2016/08/11/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/11/7 CVE-2016-6836 (The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka ...) {DLA-1599-1} - qemu 1:2.6+dfsg-3.1 (bug #834944) @@ -12825,7 +12825,7 @@ CVE-2016-6836 (The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU [wheezy] - qemu-kvm <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5) NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg02108.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1366369 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/11/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/11/5 CVE-2016-6671 (The raw_decode function in libavcodec/rawdec.c in FFmpeg before 3.1.2 ...) - ffmpeg 7:3.1.2-1 CVE-2016-6670 (Huawei S7700, S9300, S9700, and S12700 devices with software before V2 ...) @@ -12943,30 +12943,30 @@ CVE-2016-10050 (Heap-based buffer overflow in the ReadRLEImage function in coder {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #833744) NOTE: https://github.com/ImageMagick/ImageMagick/commit/73fb0aac5b958521e1511e179ecc0ad49f70ebaf - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10049 (Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageM ...) {DSA-3652-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #833743) [wheezy] - imagemagick <not-affected> (Vulnerability likely introduced in a version after 6.7.7.10) NOTE: https://github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4 NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29710 - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10048 (Directory traversal vulnerability in magick/module.c in ImageMagick 6. ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.5.7+dfsg-1 (bug #833735) NOTE: https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10047 (Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMa ...) {DSA-3652-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #833732) [wheezy] - imagemagick <not-affected> (Vulnerable code not present in version 6.7.7.10) NOTE: https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-10046 (Heap-based buffer overflow in the DrawImage function in magick/draw.c ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #833730) NOTE: https://github.com/ImageMagick/ImageMagick/commit/989f9f88ea6db09b99d25586e912c921c0da8d3f - NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-6887 (The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not prop ...) - matrixssl <removed> [wheezy] - matrixssl <end-of-life> (not supported in Wheezy) @@ -13145,65 +13145,65 @@ CVE-2016-7514 (The ReadPSDChannelPixels function in coders/psd.c in ImageMagick NOTE: https://github.com/ImageMagick/ImageMagick/commit/6f1879d498bcc5cce12fe0c5decb8dbc0f608e5d NOTE: https://github.com/ImageMagick/ImageMagick/commit/e14fd0a2801f73bdc123baf4fbab97dec55919eb NOTE: https://github.com/ImageMagick/ImageMagick/commit/280215b9936d145dd5ee91403738ccce1333cab1 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7515 (The ReadRLEImage function in coders/rle.c in ImageMagick allows remote ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832461) NOTE: https://bugs.launchpad.net/bugs/1533445 NOTE: https://github.com/ImageMagick/ImageMagick/issues/82 NOTE: https://github.com/ImageMagick/ImageMagick/commit/2ad6d33493750a28a5a655d319a8e0b16c392de1 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7516 (The ReadVIFFImage function in coders/viff.c in ImageMagick allows remo ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832467) NOTE: https://bugs.launchpad.net/bugs/1533452 NOTE: https://github.com/ImageMagick/ImageMagick/issues/77 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7517 (The EncodeImage function in coders/pict.c in ImageMagick allows remote ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832467) NOTE: https://bugs.launchpad.net/bugs/1533449 NOTE: https://github.com/ImageMagick/ImageMagick/issues/80 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7518 (The ReadSUNImage function in coders/sun.c in ImageMagick allows remote ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832467) NOTE: https://bugs.launchpad.net/bugs/1533447 NOTE: https://github.com/ImageMagick/ImageMagick/issues/81 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7519 (The ReadRLEImage function in coders/rle.c in ImageMagick allows remote ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832467) NOTE: https://bugs.launchpad.net/bugs/1533445 NOTE: https://github.com/ImageMagick/ImageMagick/issues/82 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7520 (Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remot ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832469) NOTE: https://bugs.launchpad.net/bugs/1537213 NOTE: https://github.com/ImageMagick/ImageMagick/issues/90 NOTE: https://github.com/ImageMagick/ImageMagick/commit/14e606db148d6ebcaae20f1e1d6d71903ca4a556 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7521 (Heap-based buffer overflow in coders/psd.c in ImageMagick allows remot ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832474) NOTE: https://bugs.launchpad.net/bugs/1537418 NOTE: https://github.com/ImageMagick/ImageMagick/issues/92 NOTE: https://github.com/ImageMagick/ImageMagick/commit/30eec879c8b446b0ea9a3bb0da1a441cc8482bc4 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7522 (The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832475) NOTE: https://bugs.launchpad.net/bugs/1537419 NOTE: https://github.com/ImageMagick/ImageMagick/issues/93 NOTE: https://github.com/ImageMagick/ImageMagick/commit/4b1b9c0522628887195bad3a6723f7000b0c9a58 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7523 (coders/meta.c in ImageMagick allows remote attackers to cause a denial ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832478) NOTE: https://bugs.launchpad.net/bugs/1537420 NOTE: https://github.com/ImageMagick/ImageMagick/issues/94 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7524 (coders/meta.c in ImageMagick allows remote attackers to cause a denial ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832478) @@ -13216,7 +13216,7 @@ CVE-2016-7525 (Heap-based buffer overflow in coders/psd.c in ImageMagick allows NOTE: https://bugs.launchpad.net/bugs/1537424 NOTE: https://github.com/ImageMagick/ImageMagick/issues/98 NOTE: https://github.com/ImageMagick/ImageMagick/commit/5f16640725b1225e6337c62526e6577f0f88edb8 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7526 (coders/wpg.c in ImageMagick allows remote attackers to cause a denial ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832482) @@ -13224,21 +13224,21 @@ CVE-2016-7526 (coders/wpg.c in ImageMagick allows remote attackers to cause a de NOTE: https://github.com/ImageMagick/ImageMagick/issues/102 NOTE: https://github.com/ImageMagick/ImageMagick/commit/b6ae2f9e0ab13343c0281732d479757a8e8979c7 NOTE: https://github.com/ImageMagick/ImageMagick/commit/d9b2209a69ee90d8df81fb124eb66f593eb9f599 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7527 (coders/wpg.c in ImageMagick allows remote attackers to cause a denial ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832482) NOTE: https://bugs.launchpad.net/bugs/1542115 NOTE: https://github.com/ImageMagick/ImageMagick/issues/122 NOTE: https://github.com/ImageMagick/ImageMagick/commit/a251039393f423c7858e63cab6aa98d17b8b7a41 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7528 (The ReadVIFFImage function in coders/viff.c in ImageMagick allows remo ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832483) NOTE: https://bugs.launchpad.net/bugs/1537425 NOTE: https://github.com/ImageMagick/ImageMagick/issues/99 NOTE: https://github.com/ImageMagick/ImageMagick/commit/ca0c886abd6d3ef335eb74150cd23b89ebd17135 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7529 (coders/xcf.c in ImageMagick allows remote attackers to cause a denial ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832504) @@ -13247,7 +13247,7 @@ CVE-2016-7529 (coders/xcf.c in ImageMagick allows remote attackers to cause a de NOTE: https://github.com/ImageMagick/ImageMagick/issues/104 NOTE: https://github.com/ImageMagick/ImageMagick/issues/103 NOTE: https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7530 (The quantum handling code in ImageMagick allows remote attackers to ca ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832506) @@ -13258,74 +13258,74 @@ CVE-2016-7530 (The quantum handling code in ImageMagick allows remote attackers NOTE: https://github.com/ImageMagick/ImageMagick/commit/c4e63ad30bc42da691f2b5f82a24516dd6b4dc70 NOTE: https://github.com/ImageMagick/ImageMagick/issues/110 NOTE: https://github.com/ImageMagick/ImageMagick/commit/b5ed738f8060266bf4ae521f7e3ed145aa4498a3 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7531 (MagickCore/memory.c in ImageMagick allows remote attackers to cause a ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832633) NOTE: https://bugs.launchpad.net/bugs/1539061 NOTE: https://bugs.launchpad.net/bugs/1542112 NOTE: https://github.com/ImageMagick/ImageMagick/issues/107 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7532 (coders/psd.c in ImageMagick allows remote attackers to cause a denial ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832776) NOTE: https://bugs.launchpad.net/bugs/1539066 NOTE: https://github.com/ImageMagick/ImageMagick/issues/109 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7533 (The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832780) NOTE: https://bugs.launchpad.net/bugs/1542114 NOTE: https://github.com/ImageMagick/ImageMagick/issues/120 NOTE: https://github.com/ImageMagick/ImageMagick/commit/bef1e4f637d8f665bc133a9c6d30df08d983bc3a - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7534 (The generic decoder in ImageMagick allows remote attackers to cause a ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832785) NOTE: https://bugs.launchpad.net/bugs/1542785 NOTE: https://github.com/ImageMagick/ImageMagick/issues/126 NOTE: https://github.com/ImageMagick/ImageMagick/commit/430403b0029b37decf216d57f810899cab2317dd - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7535 (coders/psd.c in ImageMagick allows remote attackers to cause a denial ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832787) NOTE: https://bugs.launchpad.net/bugs/1545180 NOTE: https://github.com/ImageMagick/ImageMagick/issues/128 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7536 (magick/profile.c in ImageMagick allows remote attackers to cause a den ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832789) NOTE: https://bugs.launchpad.net/bugs/1545367 NOTE: https://github.com/ImageMagick/ImageMagick/issues/130 NOTE: https://github.com/ImageMagick/ImageMagick/commit/478cce544fdf1de882d78381768458f397964453 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7537 (MagickCore/memory.c in ImageMagick allows remote attackers to cause a ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832791) NOTE: https://bugs.launchpad.net/bugs/1553366 NOTE: https://github.com/ImageMagick/ImageMagick/issues/143 NOTE: https://github.com/ImageMagick/ImageMagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7538 (coders/psd.c in ImageMagick allows remote attackers to cause a denial ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832793) NOTE: https://bugs.launchpad.net/bugs/1556273 NOTE: https://github.com/ImageMagick/ImageMagick/issues/148 NOTE: https://github.com/ImageMagick/ImageMagick/commit/53c1dcd34bed85181b901bfce1a2322f85a59472 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7539 (Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows rem ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #833101) NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=2&t=28946 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-7540 (coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to ...) {DSA-3652-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #827643) [wheezy] - imagemagick <not-affected> (RGF coder is not present in version 6.7.7.10) NOTE: https://bugs.launchpad.net/bugs/1594060 NOTE: https://github.com/ImageMagick/ImageMagick/pull/223 - NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/08/07/1 CVE-2016-6603 (ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypas ...) NOT-FOR-US: ZOHO WebNMS CVE-2016-6602 (ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm ...) @@ -13564,7 +13564,7 @@ CVE-2016-6494 (The client in MongoDB uses world-readable permissions on .dbshell {DLA-588-1} - mongodb 1:2.6.12-3 (bug #832908) [jessie] - mongodb 1:2.4.10-5+deb8u1 - NOTE: http://www.openwall.com/lists/oss-security/2016/07/29/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/29/4 CVE-2016-6491 (Buffer overflow in the Get8BIMProperty function in MagickCore/property ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #833099) @@ -13576,7 +13576,7 @@ CVE-2016-6489 (The RSA and DSA decryption code in Nettle makes it easier for att NOTE: https://lists.lysator.liu.se/pipermail/nettle-bugs/2016/003093.html NOTE: https://git.lysator.liu.se/nettle/nettle/commit/3fe1d6549765ecfb24f0b80b2ed086fdc818bff3 NOTE: Original patch had some unintended side effects: https://lists.lysator.liu.se/pipermail/nettle-bugs/2016/003104.html - NOTE: Cf. http://www.openwall.com/lists/oss-security/2016/07/30/2 + NOTE: Cf. https://www.openwall.com/lists/oss-security/2016/07/30/2 NOTE: Additionally needed: https://git.lysator.liu.se/nettle/nettle/commit/52b9223126b3f997c00d399166c006ae28669068 NOTE: GnuTLS needs an update when/before src:nettle is fixed to continue working with patched src:nettle for CVE-2016-6489 NOTE: but not a vulnerability in GnuTLS. Needs https://gitlab.com/gnutls/gnutls/commit/186dc9c2012003587a38d7f4d03edd8da5fe989f @@ -13592,7 +13592,7 @@ CVE-2016-6513 (epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshar NOTE: https://www.wireshark.org/security/wnpa-sec-2016-49.html NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12663 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=347f071f1b9180563c28b0f3d0627b91eb456c72 - NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/28/3 CVE-2016-6512 (epan/dissectors/packet-wap.c in Wireshark 2.x before 2.0.5 omits an ov ...) - wireshark 2.0.5+ga3be9c6-1 [jessie] - wireshark <not-affected> (Only affects 2.x) @@ -13601,7 +13601,7 @@ CVE-2016-6512 (epan/dissectors/packet-wap.c in Wireshark 2.x before 2.0.5 omits NOTE: https://www.wireshark.org/security/wnpa-sec-2016-48.html NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12661 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2193bea3212d74e2a907152055e27d409b59485e - NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/28/3 CVE-2016-6511 (epan/proto.c in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 a ...) {DSA-3648-1 DLA-595-1} - wireshark 2.0.5+ga3be9c6-1 @@ -13609,7 +13609,7 @@ CVE-2016-6511 (epan/proto.c in Wireshark 1.12.x before 1.12.13 and 2.x before 2. NOTE: https://www.wireshark.org/security/wnpa-sec-2016-47.html NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12659 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=56706427f53cc64793870bf072c2c06248ae88f3 - NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/28/3 CVE-2016-6510 (Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector ...) {DSA-3648-1 DLA-595-1} - wireshark 2.0.5+ga3be9c6-1 @@ -13617,7 +13617,7 @@ CVE-2016-6510 (Off-by-one error in epan/dissectors/packet-rlc.c in the RLC disse NOTE: https://www.wireshark.org/security/wnpa-sec-2016-46.html NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12664 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=47a5fa850b388fcf4ea762073806f01b459820fe - NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/28/3 CVE-2016-6509 (epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark 1.12. ...) {DSA-3648-1 DLA-595-1} - wireshark 2.0.5+ga3be9c6-1 @@ -13625,7 +13625,7 @@ CVE-2016-6509 (epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark NOTE: https://www.wireshark.org/security/wnpa-sec-2016-45.html NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12662 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5a469ddc893f7c1912d0e15cc73bd3011e6cc2fb - NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/28/3 CVE-2016-6508 (epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x ...) {DSA-3648-1 DLA-595-1} - wireshark 2.0.5+ga3be9c6-1 @@ -13633,7 +13633,7 @@ CVE-2016-6508 (epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1. NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12660 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6cf9616df68a4db7e436bb77392586ff9ad84feb NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13. - NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/28/3 CVE-2016-6507 (epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark 1.12. ...) {DSA-3648-1 DLA-595-1} - wireshark 2.0 @@ -13642,7 +13642,7 @@ CVE-2016-6507 (epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12624 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b5a10743258bd016c07ebf6479137fda3d172a0f NOTE: Affects 1.12.0 to 1.12.12, fixed 1.12.13 - NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/28/3 CVE-2016-6506 (epan/dissectors/packet-wsp.c in the WSP dissector in Wireshark 1.12.x ...) {DSA-3648-1 DLA-595-1} - wireshark 2.0.5+ga3be9c6-1 @@ -13650,7 +13650,7 @@ CVE-2016-6506 (epan/dissectors/packet-wsp.c in the WSP dissector in Wireshark 1. NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12594 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a9d5256890c9189c7461bfce6ed6edce5d861499 NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 , fixed in 2.0.5, 1.12.13 - NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/28/3 CVE-2016-6505 (epan/dissectors/packet-packetbb.c in the PacketBB dissector in Wiresha ...) {DSA-3648-1 DLA-595-1} - wireshark 2.0.5+ga3be9c6-1 @@ -13658,7 +13658,7 @@ CVE-2016-6505 (epan/dissectors/packet-packetbb.c in the PacketBB dissector in Wi NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12577 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=94e97e45cf614c7bb8fe90c23df52910246b2c95 NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13. - NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/28/3 CVE-2016-6504 (epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wireshark 1 ...) {DSA-3648-1 DLA-595-1} - wireshark 2.0 @@ -13667,13 +13667,13 @@ CVE-2016-6504 (epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wiresh NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12576 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9eacbb4d48df647648127b9258f9e5aeeb0c7d99 NOTE: Affects 1.12.0 to 1.12.12, fixed in 1.12.13. - NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/28/3 CVE-2016-6503 (The CORBA IDL dissectors in Wireshark 2.x before 2.0.5 on 64-bit Windo ...) - wireshark <not-affected> (Only affects Wireshark on Windows) NOTE: https://www.wireshark.org/security/wnpa-sec-2016-39.html NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12495 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=581a17af40b84ef0c9e7f41ed0795af345b61ce1 - NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/28/3 CVE-2016-6490 (The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Qui ...) - qemu 1:2.6+dfsg-3.1 (bug #832767) [jessie] - qemu <not-affected> (Vulnerable code not present) @@ -14163,13 +14163,13 @@ CVE-2016-6351 (The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emula - qemu-kvm <removed> NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=926cde5f3e4d2504ed161ed0cb771ac7cad6fd11 (v2.7.0-rc0) NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=cc96677469388bad3d66479379735cf75db069e3 (v2.7.0-rc0) - NOTE: http://www.openwall.com/lists/oss-security/2016/07/25/14 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/25/14 NOTE: According to maintainer the fix relies on the fix for CVE-2016-4439 CVE-2016-6350 (OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (N ...) NOT-FOR-US: OpenBSD CVE-2016-6349 (The machinectl command in oci-register-machine allows local users to l ...) NOT-FOR-US: oci-register-machine - NOTE: http://www.openwall.com/lists/oss-security/2016/07/26/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/26/5 NOTE: Requirement is that docker containers would register themselves to NOTE: to systemd-machined by oci-register-machine (not packaged in Debian, NOTE: and https://github.com/projectatomic/docker/commit/a307e90141ba31b378bc31bb7720ed141f47cd9b @@ -14541,11 +14541,11 @@ CVE-2016-6263 (The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libi - libidn 1.33-1 NOTE: https://lists.gnu.org/archive/html/help-libidn/2016-07/msg00009.html NOTE: Test / Fix: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=1fbee57ef3c72db2206dd87e4162108b2f425555 (libidn-1-33) - NOTE: http://www.openwall.com/lists/oss-security/2016/07/20/6 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/20/6 CVE-2016-6262 (idn in libidn before 1.33 might allow remote attackers to obtain sensi ...) - libidn <not-affected> (Incomplete fix for CVE-2015-8948 not applied) NOTE: Follow-up fix for CVE-2015-8948: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=5e3cb9c7b5bf0ce665b9d68f5ddf095af5c9ba60 (libidn-1-33) - NOTE: http://www.openwall.com/lists/oss-security/2016/07/20/6 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/20/6 CVE-2016-6261 (The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allo ...) {DSA-3658-1 DLA-582-1} - libidn 1.33-1 @@ -14553,7 +14553,7 @@ CVE-2016-6261 (The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 NOTE: Test: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=9a1a7e15d0706634971364493fbb06e77e74726c (libidn-1-33) NOTE: Fix: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=f20ce1128fb7f4d33297eee307dddaf0f92ac72d (libidn-1-33) NOTE: Follow-up memory leak fix: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=11abd0e02c16f9e0b6944aea4ef0f2df44b42dd4 (libidn-1-33) - NOTE: http://www.openwall.com/lists/oss-security/2016/07/20/6 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/20/6 CVE-2016-6249 (F5 BIG-IP 12.0.0 and 11.5.0 - 11.6.1 REST requests which timeout durin ...) NOT-FOR-US: F5 CVE-2016-1000037 (Pagure: XSS possible in file attachment endpoint ...) @@ -14577,7 +14577,7 @@ CVE-2016-6250 (Integer overflow in the ISO9660 writer in libarchive before 3.2.1 - libarchive 3.2.1-1 (low) NOTE: https://github.com/libarchive/libarchive/issues/711 NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/3014e19820ea53c15c90f9d447ca3e668a0b76c6 (v3.2.1) - NOTE: http://www.openwall.com/lists/oss-security/2016/07/20/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/20/1 CVE-2016-6252 (Integer overflow in shadow 4.2.1 allows local users to gain privileges ...) {DSA-3793-1} - shadow 1:4.4-1 (bug #832170) @@ -14682,7 +14682,7 @@ CVE-2016-6255 (Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attac - libupnp 1:1.6.19+git20160116-1.1 (bug #831857) NOTE: https://twitter.com/mjg59/status/755062278513319936 NOTE: Proposed fix: https://github.com/mjg59/pupnp-code/commit/be0a01bdb83395d9f3a5ea09c1308a4f1a972cbd - NOTE: http://www.openwall.com/lists/oss-security/2016/07/18/13 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/18/13 CVE-2016-6233 (The (1) order and (2) group methods in Zend_Db_Select in the Zend Fram ...) - zendframework 1.12.19+dfsg-1 [jessie] - zendframework <not-affected> (introduced after 1.12.9) @@ -14810,12 +14810,12 @@ CVE-2016-6905 (The read_image_tga function in gd_tga.c in the GD Graphics Librar NOTE: https://github.com/libgd/libgd/commit/5a3f19e962b507560c9206965087db4dc0ad107f NOTE: Fixed by: https://github.com/libgd/libgd/commit/3c2b605d72e8b080dace1d98a6e50b46c1d12186 NOTE: followed by: https://github.com/libgd/libgd/commit/01c61f8ab110a77ae64b5ca67c244c728c506f03 - NOTE: http://www.openwall.com/lists/oss-security/2016/07/12/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/12/4 CVE-2016-6352 (The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows ...) {DLA-2043-1} - gdk-pixbuf 2.35.4-1 (bug #832496) [wheezy] - gdk-pixbuf <not-affected> (Fails with ENOMEM, no crash) - NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/11 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/13/11 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=769170 NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=88af50a864195da1a4f7bda5f02539704fbda599 CVE-2016-6224 (ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap ...) @@ -14823,7 +14823,7 @@ CVE-2016-6224 (ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted NOTE: Actually due to an incomplete fix of LP#1447282 NOTE: https://launchpad.net/bugs/1597154 NOTE: https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/882 - NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/13/2 CVE-2016-6214 (gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows re ...) {DSA-3619-1} - libgd2 2.2.2-29-g3c2b605-1 @@ -14831,12 +14831,12 @@ CVE-2016-6214 (gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allo NOTE: https://github.com/libgd/libgd/issues/247#issuecomment-232084241 NOTE: https://github.com/libgd/libgd/commit/10ef1dca63d62433fda13309b4a228782db823f7 NOTE: Different issue than CVE-2016-6132 - NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/13/5 CVE-2016-6223 (The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in ...) {DSA-3762-1 DLA-693-1 DLA-610-1} - tiff 4.0.6-2 (bug #842270) - tiff3 <removed> - NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/13/3 NOTE: Upstream patch: https://github.com/vadz/libtiff/commit/0ba5d8814a17a64bdb8d9035f4c533f3f3f4b496 CVE-2016-1000023 REJECTED @@ -14894,7 +14894,7 @@ CVE-2016-6187 (The apparmor_setprocattr function in security/apparmor/lsm.c in t [wheezy] - linux <not-affected> (Vulnerable code introduced later) NOTE: Introduced by: https://git.kernel.org/linus/bb646cdb12e75d82258c2f2e7746d5952d3e321a (v4.5-rc1) NOTE: Fixed by: https://git.kernel.org/linus/30a46a4647fd1df9cf52e43bf467f0d9265096ca (v4.7-rc7) - NOTE: http://www.openwall.com/lists/oss-security/2016/07/09/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/09/1 CVE-2016-XXXX [GNUTLS-SA-2016-2: certificate verification issue] - gnutls28 3.4.14-1 (unimportant) NOTE: http://gnutls.org/security.html#GNUTLS-SA-2016-2 @@ -15835,13 +15835,13 @@ CVE-2016-5844 (Integer overflow in the ISO parser in libarchive before 3.2.1 all CVE-2016-5842 (MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote atta ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #831034) - NOTE: Details: http://www.openwall.com/lists/oss-security/2016/06/23/1 + NOTE: Details: https://www.openwall.com/lists/oss-security/2016/06/23/1 NOTE: https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b NOTE: Reproducer http://bugs.fi/media/afl/imagemagick/CVE-2016-5842.jpg CVE-2016-5841 (Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #831034) - NOTE: Details: http://www.openwall.com/lists/oss-security/2016/06/23/1 + NOTE: Details: https://www.openwall.com/lists/oss-security/2016/06/23/1 NOTE: https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b NOTE: Reproducer http://bugs.fi/media/afl/imagemagick/CVE-2016-5841.jpg CVE-2016-5829 (Multiple heap-based buffer overflows in the hiddev_ioctl_usage functio ...) @@ -15889,7 +15889,7 @@ CVE-2016-5824 (libical 1.0 allows remote attackers to cause a denial of service NOTE: Related upstream ticket: https://github.com/libical/libical/issues/251 NOTE: Whilst the upstream commits in issues/251 fix the issue of #251 itself NOTE: they do not fix the bugzilla.mozilla.org case 1275400 which was assigned - NOTE: in http://www.openwall.com/lists/oss-security/2016/06/25/4 + NOTE: in https://www.openwall.com/lists/oss-security/2016/06/25/4 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/#CVE-2016-5824 NOTE: thunderbird uses embedded libical copy CVE-2016-5823 (The icalproperty_new_clone function in libical 0.47 and 1.0 allows rem ...) @@ -16045,7 +16045,7 @@ CVE-2016-5742 (SQL injection vulnerability in the XML-RPC interface in Movable T {DLA-532-1} - movabletype-opensource <removed> NOTE: https://movabletype.org/news/2016/06/movable_type_626_and_613_released.html - NOTE: http://www.openwall.com/lists/oss-security/2016/06/22/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/06/22/3 NOTE: https://github.com/movabletype/movabletype/commit/42113544e7d8ebf6064b7b01b921734b667a1682 CVE-2016-5737 (The Gerrit configuration in the Openstack Puppet module for Gerrit (ak ...) NOT-FOR-US: Openstack-infra puppet-gerrit module @@ -16856,7 +16856,7 @@ CVE-2016-6211 (The User module in Drupal 7.x before 7.44 allows remote authentic {DSA-3604-1 DLA-550-1} - drupal7 7.44-1 NOTE: https://www.drupal.org/SA-CORE-2016-002 - NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/07/13/4 NOTE: https://gist.github.com/lamby/4697fea399f3f01ca6de3ce9ed79fce7 tarball diff NOTE: https://gist.github.com/lamby/dbeda4d49f48a32aa0dd4b3ed7f06a13 filtered diff CVE-2016-5636 (Integer overflow in the get_data function in zipimport.c in CPython (a ...) @@ -17197,7 +17197,7 @@ CVE-2016-5339 RESERVED CVE-2016-5361 (programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial ...) - libreswan <not-affected> (Fixed before initial upload to Debian) - NOTE: Possibly the CVE should be rejected: http://www.openwall.com/lists/oss-security/2016/06/13/1 + NOTE: Possibly the CVE should be rejected: https://www.openwall.com/lists/oss-security/2016/06/13/1 NOTE: MITRE has not assigned the CVE to the protocol flaw, but specific to libreswan, but as NOTE: Huzaifa Sidhpurwala <huzaifas@redhat.com> pointed out that is not a libreswan issue, rather NOTE: the protocol is flawed. @@ -17638,7 +17638,7 @@ CVE-2016-4456 (The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 all - gnutls28 3.4.13-1 [jessie] - gnutls28 <not-affected> (Introduced in 3.4.12) NOTE: http://gnutls.org/security.html#GNUTLS-SA-2016-1 - NOTE: http://www.openwall.com/lists/oss-security/2016/06/07/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/06/07/2 CVE-2016-1000002 (gdm3 3.14.2 and possibly later has an information leak before screen l ...) - gdm3 <unfixed> (low; bug #849432) [buster] - gdm3 <ignored> (Minor issue) @@ -17717,7 +17717,7 @@ CVE-2016-XXXX [doesn't remove metadata in embedded images in PDFs] NOTE: Workaround entry for DLA-650-1/DSA-3708-1 until/if CVE is assigned NOTE: https://0xacab.org/mat/mat/issues/11067 NOTE: Patch in 0.6.1-3 disabled PDF support - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/06/02/5 + NOTE: CVE Request: https://www.openwall.com/lists/oss-security/2016/06/02/5 CVE-2016-5239 (The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and G ...) {DSA-3580-1 DLA-1456-1 DLA-486-1 DLA-484-1} - graphicsmagick 1.3.24-1 @@ -18042,7 +18042,7 @@ CVE-2016-5157 (Heap-based buffer overflow in the opj_dwt_interleave_v function i [jessie] - openjpeg2 2.1.0-2+deb8u3 - chromium-browser 53.0.2785.89-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) - NOTE: http://www.openwall.com/lists/oss-security/2016/09/08/8 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/08/8 NOTE: https://github.com/uclouvain/openjpeg/pull/823 CVE-2016-5156 (extensions/renderer/event_bindings.cc in the event bindings in Google ...) {DSA-3660-1} @@ -18208,7 +18208,7 @@ CVE-2016-5126 (Heap-based buffer overflow in the iscsi_aio_ioctl function in blo NOTE: https://lists.gnu.org/archive/html/qemu-block/2016-05/msg00779.html NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=a6b3167fa0e825aebb5a7cd8b437b6d41584a196 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1340924 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/30/6 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/30/6 CVE-2016-XXXX [CSRF protection for POST requests] - postfixadmin 2.93-2 (bug #825151) [jessie] - postfixadmin <no-dsa> (Minor issue) @@ -18221,7 +18221,7 @@ CVE-2016-5118 (The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 a - imagemagick 8:6.8.9.9-7.1 (bug #825799) - graphicsmagick 1.3.24-1 (bug #825800) NOTE: fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/ae3928faa858 - NOTE: patch available at http://www.openwall.com/lists/oss-security/2016/05/29/7 + NOTE: patch available at https://www.openwall.com/lists/oss-security/2016/05/29/7 CVE-2016-5116 (gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used ...) {DSA-3619-1} - libgd2 2.2.1-1 @@ -18232,7 +18232,7 @@ CVE-2016-5116 (gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as - php5 <removed> (unimportant) NOTE: PHP bug: https://bugs.php.net/bug.php?id=72115 NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd - NOTE: http://www.openwall.com/lists/oss-security/2016/05/29/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/29/3 CVE-2016-5115 (The avcodec_decode_audio4 function in libavcodec in libavformat 57.34. ...) - libav <removed> (low) [jessie] - libav <no-dsa> (Minor issue) @@ -18277,7 +18277,7 @@ CVE-2016-5108 (Buffer overflow in the DecodeAdpcmImaQT function in modules/codec {DSA-3598-1} - vlc 2.2.3-2 (bug #825728) [wheezy] - vlc <end-of-life> (Unsupported in wheezy-lts) - NOTE: Details: http://www.openwall.com/lists/oss-security/2016/05/27/3 + NOTE: Details: https://www.openwall.com/lists/oss-security/2016/05/27/3 NOTE: https://git.videolan.org/?p=vlc.git;a=commit;h=458ed62bbeb9d1bddf7b8df104e14936408a3db9 CVE-2016-5090 RESERVED @@ -18618,33 +18618,33 @@ CVE-2016-4552 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail bef [wheezy] - roundcube <not-affected> (vulnerable code not present) NOTE: https://github.com/roundcube/roundcubemail/issues/5240 NOTE: https://github.com/roundcube/roundcubemail/pull/5241 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/8 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/25/8 CVE-2016-5096 (Integer overflow in the fread function in ext/standard/file.c in PHP b ...) {DSA-3602-1 DLA-533-1} - php5 5.6.22+dfsg-1 NOTE: PHP bug: https://bugs.php.net/bug.php?id=72114 NOTE: Fixed in 5.6.22, 5.5.36 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/25/3 CVE-2016-5095 (Integer overflow in the php_escape_html_entities_ex function in ext/st ...) {DSA-3602-1 DLA-533-1} - php5 5.6.22+dfsg-1 NOTE: PHP bug: https://bugs.php.net/bug.php?id=72135 NOTE: Fixed in 5.6.22, 5.5.36 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/25/3 NOTE: For the additional issue reported in the "[2016-05-17 12:55 UTC]" comment CVE-2016-5094 (Integer overflow in the php_html_entities function in ext/standard/htm ...) {DSA-3602-1 DLA-533-1} - php5 5.6.22+dfsg-1 NOTE: PHP bug: https://bugs.php.net/bug.php?id=72135 NOTE: Fixed in 5.6.22, 5.5.36 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/25/3 CVE-2016-5093 (The get_icu_value_internal function in ext/intl/locale/locale_methods. ...) {DSA-3602-1 DLA-533-1} - php7.0 7.0.7-1 - php5 5.6.22+dfsg-1 NOTE: PHP bug: https://bugs.php.net/bug.php?id=72241 NOTE: Fixed in 7.0.7, 5.6.22, 5.5.36 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/25/3 CVE-2016-5091 (Extbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and 8.1.1 allo ...) - typo3-src <removed> [wheezy] - typo3-src <end-of-life> (Not supported in Wheezy LTS) @@ -18794,7 +18794,7 @@ CVE-2016-5117 (OpenNTPD before 6.0p1 does not validate the CN for HTTPS constrai - openntpd 1:6.0p1-1 (bug #825856; unimportant) [jessie] - openntpd <not-affected> (Vulnerable code introduced later) [wheezy] - openntpd <not-affected> (Vulnerable code introduced later) - NOTE: http://www.openwall.com/lists/oss-security/2016/05/23/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/23/2 NOTE: Authenticated TLS "contraints" introduced in 2015-03-24 OpenNTPD 5.7p4 NOTE: Option is not enabled at buildtime. CVE-2016-4964 (The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Qu ...) @@ -19258,7 +19258,7 @@ CVE-2016-4762 (WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, i NOT-FOR-US: Webkit as used by Apple CVE-2016-4761 (WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow rem ...) - webkitgtk <removed> (unimportant) - NOTE: http://www.openwall.com/lists/oss-security/2016/11/04/14 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/04/14 NOTE: Not covered by security support CVE-2016-4760 (WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Sa ...) NOT-FOR-US: Webkit as used by Apple @@ -19721,14 +19721,14 @@ CVE-2016-4567 (Cross-site scripting (XSS) vulnerability in flash/FlashMediaEleme NOTE: Fixed by: https://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06e NOTE: Vulnerable code present, but Flash Player disabled in Debian NOTE: See 0004-Deactivate-Flash-and-Silverlight.patch - NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/07/2 CVE-2016-4566 (Cross-site scripting (XSS) vulnerability in plupload.flash.swf in Plup ...) - wordpress 4.5.2+dfsg-1 (bug #823640) [jessie] - wordpress <not-affected> (Vulnerable code not present) [wheezy] - wordpress <not-affected> (Vulnerable code not present) NOTE: https://wordpress.org/news/2016/05/wordpress-4-5-2/ NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37382 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/07/2 CVE-2016-4568 (drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4. ...) - linux 4.5.3-1 [jessie] - linux <not-affected> (Vulnerable code introduced in 4.4) @@ -19753,7 +19753,7 @@ CVE-2016-4561 (Cross-site scripting (XSS) vulnerability in the cgierror function {DSA-3571-1 DLA-463-1} - ikiwiki 3.20160506 NOTE: http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=32ef584dc5abb6ddb9f794f94ea0b2934967bba7 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/06/8 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/06/8 CVE-2016-4547 (Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow atta ...) NOT-FOR-US: Samsung Android component CVE-2016-4546 (Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users t ...) @@ -19762,13 +19762,13 @@ CVE-2016-4570 (The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and poss {DLA-1641-1} - mxml 2.9-1 (bug #825855) [wheezy] - mxml <no-dsa> (Minor issue) - NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/8 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/07/8 NOTE: https://github.com/michaelrsweet/mxml/commit/d8c0ba900728d47523d76ba4acf33176cd04647c CVE-2016-4571 (The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and poss ...) {DLA-1641-1} - mxml 2.9-2 (bug #825855) [wheezy] - mxml <no-dsa> (Minor issue) - NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/8 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/07/8 NOTE: https://github.com/michaelrsweet/mxml/commit/5f74dc212497332d05882660db130a37d2f458eb CVE-2016-4558 (The BPF subsystem in the Linux kernel before 4.5.5 mishandles referenc ...) - linux 4.5.3-1 @@ -19785,7 +19785,7 @@ CVE-2016-4557 (The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c NOTE: Fixed by: https://git.kernel.org/linus/8358b02bf67d3a5d8a825070e1aa73f25fb2e4c7 (v4.6-rc6) NOTE: Introduced by: https://git.kernel.org/linus/0246e64d9a5fcd4805198de59b9b5cf1f974eb41 (v3.18-rc1) NOTE: Exploitable since: https://git.kernel.org/linus/1be7f75d1668d6296b80bf35dcf6762393530afc (v4.4-rc1) - NOTE: http://www.openwall.com/lists/oss-security/2016/05/06/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/06/4 CVE-2016-4556 (Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x ...) {DSA-3625-1 DLA-478-1} - squid3 3.5.19-1 (bug #823968) @@ -19997,7 +19997,7 @@ CVE-2016-4539 (The xml_parse_into_struct function in ext/xml/xml.c in PHP before NOTE: https://bugs.php.net/bug.php?id=72099 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=dccda88f27a084bcbbb30198ace12b4e7ae961cc NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/05/21 NOTE: HHVM fix: https://github.com/facebook/hhvm/commit/7290b3bbcaa1e10a8d807fab3242204e9ec3a015 CVE-2016-4537 (The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6 ...) {DSA-3602-1 DLA-499-1} @@ -20006,7 +20006,7 @@ CVE-2016-4537 (The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35 NOTE: https://bugs.php.net/bug.php?id=72093 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=d650063a0457aec56364e4005a636dc6c401f9cd NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/05/21 CVE-2016-4538 (The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6 ...) {DSA-3602-1 DLA-628-1} - php7.0 7.0.6-1 @@ -20014,7 +20014,7 @@ CVE-2016-4538 (The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35 NOTE: https://bugs.php.net/bug.php?id=72093 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=d650063a0457aec56364e4005a636dc6c401f9cd NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/05/21 CVE-2016-4540 (The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c i ...) {DSA-3602-1 DLA-499-1} - php7.0 7.0.6-1 @@ -20022,7 +20022,7 @@ CVE-2016-4540 (The grapheme_stripos function in ext/intl/grapheme/grapheme_strin NOTE: https://bugs.php.net/bug.php?id=72061 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=fd9689745c44341b1bd6af4756f324be8abba2fb NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/05/21 CVE-2016-4541 (The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in ...) {DSA-3602-1 DLA-499-1} - php7.0 7.0.6-1 @@ -20030,7 +20030,7 @@ CVE-2016-4541 (The grapheme_strpos function in ext/intl/grapheme/grapheme_string NOTE: https://bugs.php.net/bug.php?id=72061 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=fd9689745c44341b1bd6af4756f324be8abba2fb NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/05/21 CVE-2016-4542 (The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5 ...) {DSA-3602-1 DLA-499-1} - php7.0 7.0.6-1 @@ -20038,7 +20038,7 @@ CVE-2016-4542 (The exif_process_IFD_TAG function in ext/exif/exif.c in PHP befor NOTE: https://bugs.php.net/bug.php?id=72094 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92 NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/05/21 CVE-2016-4543 (The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before ...) {DSA-3602-1 DLA-499-1} - php7.0 7.0.6-1 @@ -20046,7 +20046,7 @@ CVE-2016-4543 (The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP b NOTE: https://bugs.php.net/bug.php?id=72094 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92 NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/05/21 CVE-2016-4544 (The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP befor ...) {DSA-3602-1 DLA-499-1} - php7.0 7.0.6-1 @@ -20054,7 +20054,7 @@ CVE-2016-4544 (The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP NOTE: https://bugs.php.net/bug.php?id=72094 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92 NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/05/21 CVE-2016-4536 (The client in OpenAFS before 1.6.17 does not properly initialize the ( ...) {DLA-493-1} - openafs 1.6.17-1 @@ -20258,12 +20258,12 @@ CVE-2016-4423 (The attemptAuthentication function in Component/Security/Http/Fir NOTE: https://symfony.com/blog/cve-2016-4423-large-username-storage-in-session CVE-2016-XXXX [XSS] - dotclear <removed> - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/05/04/9 + NOTE: CVE Request: https://www.openwall.com/lists/oss-security/2016/05/04/9 CVE-2016-4482 (The proc_connectinfo function in drivers/usb/core/devio.c in the Linux ...) {DSA-3607-1 DLA-516-1} - linux 4.5.5-1 NOTE: http://www.spinics.net/lists/linux-usb/msg140243.html - NOTE: http://www.openwall.com/lists/oss-security/2016/05/04/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/04/2 NOTE: Fixed by: https://github.com/torvalds/linux/commit/681fef8380eb818c0b845fca5d2ab1dcbab114ee CVE-2016-4483 (The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 all ...) {DSA-3593-1 DLA-503-1} @@ -20404,19 +20404,19 @@ CVE-2016-4478 (Buffer overflow in the xmlrpc_char_encode function in modules/tra {DSA-3586-1} - atheme-services 7.0.7-2 NOTE: https://github.com/atheme/atheme/commit/87580d767868360d2fed503980129504da84b63e - NOTE: http://www.openwall.com/lists/oss-security/2016/05/02/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/02/2 CVE-2016-4425 (Jansson 2.7 and earlier allows context-dependent attackers to cause a ...) {DSA-3577-1 DLA-471-1} - jansson 2.7-5 (bug #823238) NOTE: https://github.com/akheron/jansson/issues/282 NOTE: https://github.com/akheron/jansson/pull/284 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/01/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/01/5 CVE-2016-4422 (The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth mi ...) {DSA-3567-1} - libpam-sshauth 0.4.1-2 NOTE: Introduced in: https://bazaar.launchpad.net/~ltsp-upstream/ltsp/libpam-sshauth/revision/93/src/pam_sshauth.c NOTE: Fixed in: https://bazaar.launchpad.net/~ltsp-upstream/ltsp/libpam-sshauth/revision/114 - NOTE: http://www.openwall.com/lists/oss-security/2016/05/01/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/01/2 CVE-2016-4414 (The onReadyRead function in core/coreauthhandler.cpp in Quassel before ...) - quassel 1:0.12.4-2 (bug #826402) [jessie] - quassel 1:0.10.0-2.3+deb8u3 @@ -20424,7 +20424,7 @@ CVE-2016-4414 (The onReadyRead function in core/coreauthhandler.cpp in Quassel b NOTE: https://github.com/quassel/quassel/blob/f64ac93/src/core/coreauthhandler.cpp#L100 NOTE: Introduced by: https://github.com/quassel/quassel/commit/d1bf207 (0.10.0) NOTE: Fixed by: https://github.com/quassel/quassel/commit/e67887343c433cc35bc26ad6a9392588f427e746 (0.12.4) - NOTE: http://www.openwall.com/lists/oss-security/2016/04/30/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/30/2 CVE-2016-4349 (Untrusted search path vulnerability in Cisco WebEx Productivity Tools ...) NOT-FOR-US: Cisco CVE-2016-4352 (Integer overflow in the demuxer function in libmpdemux/demux_gif.c in ...) @@ -20434,7 +20434,7 @@ CVE-2016-4352 (Integer overflow in the demuxer function in libmpdemux/demux_gif. [jessie] - mplayer2 <no-dsa> (Minor issue) NOTE: https://trac.mplayerhq.hu/ticket/2295 NOTE: Fixed in Revision r37857 upstream - NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/29/3 CVE-2016-4341 (NetApp Clustered Data ONTAP before 8.3.2P7 allows remote attackers to ...) NOT-FOR-US: NetApp CVE-2016-4339 @@ -21020,7 +21020,7 @@ CVE-2016-4074 (The jv_dump_term function in jq 1.5 allows remote attackers to ca - jq 1.5+dfsg-1.1 (low; bug #822456) [jessie] - jq 1.4-2.1+deb8u1 NOTE: https://github.com/stedolan/jq/issues/1136 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/24/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/24/3 CVE-2016-4069 (Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail b ...) {DLA-613-1} - roundcube 1.1.5+dfsg.1-1 (bug #822333) @@ -21028,7 +21028,7 @@ CVE-2016-4069 (Cross-site request forgery (CSRF) vulnerability in Roundcube Webm NOTE: https://github.com/roundcube/roundcubemail/wiki/Changelog#release-115 NOTE: https://github.com/roundcube/roundcubemail/commit/4a408843b0ef816daf70a472a02b78cd6073a4d5 NOTE: https://github.com/roundcube/roundcubemail/commit/699af1e5206ed9114322adaa3c25c1c969640a53 (release-1.1) - NOTE: http://www.openwall.com/lists/oss-security/2016/04/23/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/23/3 CVE-2016-4068 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1 ...) {DLA-537-1} - roundcube 1.2.1+dfsg.1-1 @@ -21175,7 +21175,7 @@ CVE-2016-3955 (The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c {DSA-3607-1 DLA-516-1} - linux 4.5.2-1 NOTE: Upstream commit: https://git.kernel.org/linus/b348d7dddb6c4fbfc810b7a0626e8ec9e29f7cbb (v4.6-rc3) - NOTE: http://www.openwall.com/lists/oss-security/2016/04/19/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/19/1 CVE-2016-4038 (Array index error in the msm_sensor_config function in kernel/SM-G9008 ...) NOT-FOR-US: Samsung Android driver CVE-2016-4035 @@ -21196,7 +21196,7 @@ CVE-2016-4037 (The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allo [wheezy] - qemu-kvm <no-dsa> (Minor issue) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg02691.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1325129 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/18/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/18/3 NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=1ae3f2f178087711f9591350abad133525ba93f2 (v2.6.0-rc3) NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=a49923d2837d20510d645d3758f1ad87c32d0730 (v2.6.0-rc3) CVE-2016-4030 (Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005 ...) @@ -21258,7 +21258,7 @@ CVE-2016-4024 (Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allow {DSA-3555-1} - imlib2 1.4.8-1 (bug #821732) NOTE: Upstream fix: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=7eba2e4c8ac0e20838947f10f29d0efe1add8227 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/14/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/14/5 CVE-2016-4005 (The Huawei Hilink App application before 3.19.2 for Android does not v ...) NOT-FOR-US: Huawei CVE-2016-4004 (Directory traversal vulnerability in Dell OpenManage Server Administra ...) @@ -21272,7 +21272,7 @@ CVE-2016-4020 (The patch_instruction function in hw/i386/kvmvapic.c in QEMU does - qemu-kvm <removed> NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01118.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1313686 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/13/6 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/13/6 CVE-2016-4000 (Jython before 2.7.1rc1 allows attackers to execute arbitrary code via ...) {DSA-3893-1 DLA-989-1} - jython 2.5.3-17 (bug #864859) @@ -21287,7 +21287,7 @@ CVE-2016-3997 (NetApp Clustered Data ONTAP allows man-in-the-middle attackers to CVE-2016-XXXX [auth bypass] - brltty <not-affected> (Vulnerable code introduced later) NOTE: https://bugzilla.suse.com/show_bug.cgi?id=967436 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/04/12/4 + NOTE: CVE Request: https://www.openwall.com/lists/oss-security/2016/04/12/4 NOTE: Introduced in: https://github.com/brltty/brltty/commit/e62b3c925d03239a372d425fb87b2cac65d8ef19 NOTE: Fixed by: https://github.com/brltty/brltty/commit/74affe7d1401f2b43ad32e18cb78704d22604ad7 CVE-2016-3996 (ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly che ...) @@ -21333,7 +21333,7 @@ CVE-2016-4002 (Buffer overflow in the mipsnet_receive function in hw/net/mipsnet [wheezy] - qemu-kvm <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1326082 NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01131.html - NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/6 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/11/6 CVE-2016-4001 (Buffer overflow in the stellaris_enet_receive function in hw/net/stell ...) {DLA-1599-1} - qemu 1:2.6+dfsg-1 (bug #821038) @@ -21343,12 +21343,12 @@ CVE-2016-4001 (Buffer overflow in the stellaris_enet_receive function in hw/net/ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1325884 NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01334.html NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=3a15cc0e1ee7168db0782133d2607a6bfa422d66 (v2.6.0-rc2) - NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/11/4 CVE-2016-4008 (The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 ...) {DSA-3568-1 DLA-495-1} - libtasn1-6 4.8-1 - libtasn1-3 <removed> - NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/11/3 NOTE: http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=f435825c0f527a8e52e6ffbc3ad0bc60531d537e NOTE: http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=a6e0a0b58f5cdaf4e9beca5bce69c09808cbb625 CVE-2016-3995 (The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and ...) @@ -21356,13 +21356,13 @@ CVE-2016-3995 (The timing attack protection in Rijndael::Enc::ProcessAndXorBlock [jessie] - libcrypto++ 5.6.1-6+deb8u2 [wheezy] - libcrypto++ 5.6.1-6+deb7u2 NOTE: https://github.com/weidai11/cryptopp/issues/146 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/10/6 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/10/6 NOTE: Initial upload in 5.6.3-5 was incomplete CVE-2016-3994 (The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause ...) {DSA-3555-1} - imlib2 1.4.8-1 (bug #785369) NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=37a96801663b7b4cd3fbe56cc0eb8b6a17e766a8 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/09/6 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/09/6 CVE-2016-4070 (** DISPUTED ** Integer overflow in the php_raw_url_encode function in ...) {DSA-3560-1 DLA-499-1} - php7.0 7.0.5-1 @@ -21371,7 +21371,7 @@ CVE-2016-4070 (** DISPUTED ** Integer overflow in the php_raw_url_encode functio NOTE: Fixed in 7.0.5, 5.6.20, 5.5.34 NOTE: https://bugs.php.net/bug.php?id=71798 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=95433e8e339dbb6b5d5541473c1661db6ba2c451 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/11/7 NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/ea6ff01f6c31f1615a935ef96622d623a6277d37 CVE-2016-4071 (Format string vulnerability in the php_snmp_error function in ext/snmp ...) {DSA-3560-1 DLA-499-1} @@ -21380,7 +21380,7 @@ CVE-2016-4071 (Format string vulnerability in the php_snmp_error function in ext NOTE: Fixed in 7.0.5, 5.6.20, 5.5.34 NOTE: https://bugs.php.net/bug.php?id=71704 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=6e25966544fb1d2f3d7596e060ce9c9269bbdcf8 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/11/7 CVE-2016-4072 (The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x ...) {DSA-3560-1 DLA-499-1} - php7.0 7.0.5-1 @@ -21389,7 +21389,7 @@ CVE-2016-4072 (The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and NOTE: https://bugs.php.net/bug.php?id=71860 NOTE: https://gist.github.com/smalyshev/80b5c2909832872f2ba2 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=1e9b175204e3286d64dfd6c9f09151c31b5e099a - NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/11/7 CVE-2016-4073 (Multiple integer overflows in the mbfl_strcut function in ext/mbstring ...) {DSA-3560-1 DLA-499-1} - php7.0 7.0.5-1 @@ -21398,7 +21398,7 @@ CVE-2016-4073 (Multiple integer overflows in the mbfl_strcut function in ext/mbs NOTE: https://bugs.php.net/bug.php?id=71906 NOTE: https://gist.github.com/smalyshev/d8355c96a657cc5dba70 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=64f42c73efc58e88671ad76b6b6bc8e2b62713e1 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/11/7 CVE-2016-3976 (Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through ...) NOT-FOR-US: SAP CVE-2016-3975 (Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.1 ...) @@ -21449,7 +21449,7 @@ CVE-2016-3963 (Siemens SCALANCE S613 allows remote attackers to cause a denial o NOT-FOR-US: Siemens CVE-2016-3992 (cronic before 3 allows local users to write to arbitrary files via a s ...) - cronic 3-1 (bug #820331) - NOTE: http://www.openwall.com/lists/oss-security/2016/04/09/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/09/4 CVE-2016-3962 (Stack-based buffer overflow in the NTP time-server interface on Meinbe ...) NOT-FOR-US: Meinberg CVE-2016-3961 (Xen and the Linux kernel through 4.5.x do not properly suppress hugetl ...) @@ -21513,7 +21513,7 @@ CVE-2016-3993 (Off-by-one error in the __imlib_MergeUpdate function in lib/updat {DSA-3555-1} - imlib2 1.4.8-1 (bug #819818) NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=ce94edca1ccfbe314cb7cd9453433fad404ec7ef - NOTE: http://www.openwall.com/lists/oss-security/2016/04/09/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/09/5 CVE-2016-3948 (Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds ...) {DSA-3625-1} - squid3 3.5.16-1 (bug #819784) @@ -22347,7 +22347,7 @@ CVE-2016-3622 (The fpAcc function in tif_predict.c in the tiff2rgba tool in LibT {DSA-3762-1 DLA-795-1} - tiff 4.0.7-1 (low; bug #820365) - tiff3 <not-affected> (tiff tools not built) - NOTE: http://www.openwall.com/lists/oss-security/2016/04/07/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/07/4 NOTE: Fixed by: https://github.com/vadz/libtiff/commit/92d966a5fcfbdca67957c8c5c47b467aa650b286 CVE-2016-3621 (The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4. ...) {DLA-693-1} @@ -22355,7 +22355,7 @@ CVE-2016-3621 (The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTI [jessie] - tiff 4.0.3-12.3+deb8u2 - tiff3 <not-affected> (tiff tools not built) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2565 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/07/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/07/3 NOTE: Utility bmp2tiff has been removed from upstream LibTIFF NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package CVE-2016-3620 (The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4. ...) @@ -22364,7 +22364,7 @@ CVE-2016-3620 (The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTI [jessie] - tiff 4.0.3-12.3+deb8u2 - tiff3 <not-affected> (tiff tools not built) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2570 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/07/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/07/2 NOTE: Utility bmp2tiff has been removed from upstream LibTIFF NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package CVE-2016-3619 (The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in ...) @@ -22373,7 +22373,7 @@ CVE-2016-3619 (The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff too [jessie] - tiff 4.0.3-12.3+deb8u2 - tiff3 <not-affected> (tiff tools not built) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2567 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/07/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/07/1 NOTE: Utility bmp2tiff has been removed from upstream LibTIFF NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package CVE-2016-3618 @@ -22396,7 +22396,7 @@ CVE-2016-3627 (The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and {DSA-3593-1 DLA-503-1} - libxml2 2.9.3+dfsg1-1.1 (bug #819006) NOTE: https://git.gnome.org/browse/libxml2/commit/?id=bdd66182ef53fe1f7209ab6535fda56366bd7ac9 (v2.9.4) - NOTE: http://www.openwall.com/lists/oss-security/2016/03/21/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/21/3 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=762100 CVE-2016-3615 (Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 a ...) {DSA-3632-1 DSA-3624-1 DLA-567-1} @@ -23475,7 +23475,7 @@ CVE-2016-3156 (The IPv4 implementation in the Linux kernel before 4.5.2 mishandl {DSA-3607-1} - linux 4.5.1-1 [wheezy] - linux <not-affected> (Not a security issue since containers are not supported) - NOTE: http://www.openwall.com/lists/oss-security/2016/03/15/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/15/3 CVE-2016-3133 RESERVED CVE-2016-3132 (Double free vulnerability in the SplDoublyLinkedList::offsetSet functi ...) @@ -23625,7 +23625,7 @@ CVE-2016-3079 (Multiple cross-site scripting (XSS) vulnerabilities in the Web UI NOT-FOR-US: Red Hat Satellite / Spacewalk CVE-2016-3078 (Multiple integer overflows in php_zip.c in the zip extension in PHP be ...) - php7.0 7.0.6-1 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/28/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/28/1 NOTE: Fixed in 7.0.6 NOTE: https://bugs.php.net/bug.php?id=71923 CVE-2016-3077 (The VersionMapper.fromKernelVersionString method in oVirt Engine allow ...) @@ -23705,12 +23705,12 @@ CVE-2016-XXXX [fscanf format string security bug in flashrom layout code] CVE-2016-3183 (The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 ...) - openjpeg2 2.1.1-1 (low; bug #818399) [jessie] - openjpeg2 <no-dsa> (Minor issue) - NOTE: http://www.openwall.com/lists/oss-security/2016/03/14/14 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/14/14 NOTE: https://github.com/uclouvain/openjpeg/issues/726 CVE-2016-3182 (The color_esycc_to_rgb function in bin/common/color.c in OpenJPEG befo ...) - openjpeg2 2.1.1-1 [jessie] - openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0) - NOTE: http://www.openwall.com/lists/oss-security/2016/03/14/13 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/14/13 NOTE: https://github.com/uclouvain/openjpeg/issues/725 CVE-2016-3181 REJECTED @@ -24175,24 +24175,24 @@ CVE-2016-2860 (The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6 CVE-2016-3154 (The encoder_contexte_ajax function in ecrire/inc/filtres.php in SPIP 2 ...) {DSA-3518-1} - spip 3.0.22-1 - NOTE: http://www.openwall.com/lists/oss-security/2016/03/15/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/15/2 NOTE: patch https://core.spip.net/projects/spip/repository/revisions/22903 CVE-2016-3153 (SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 al ...) {DSA-3518-1} - spip 3.0.22-1 - NOTE: http://www.openwall.com/lists/oss-security/2016/03/15/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/15/2 NOTE: patch https://core.spip.net/projects/spip/repository/revisions/22911 CVE-2016-XXXX [Cross-site scripting (XSS) vulnerability in cgit's "txt2html" filter] - cgit 0.12.0.git2.7.0-1 [jessie] - cgit 0.10.2.git2.0.1-3+deb8u1 NOTE: https://git.zx2c4.com/cgit/commit/filters/html-converters/txt2html?id=13c2d3df0440ce04273de3149631a9bd97490c6e - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/05/8 + NOTE: CVE Request: https://www.openwall.com/lists/oss-security/2016/03/05/8 CVE-2016-3172 (SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier al ...) {DLA-560-1} - cacti 0.8.8g+ds1-2 (bug #818647) [jessie] - cacti 0.8.8b+dfsg-8+deb8u5 NOTE: http://bugs.cacti.net/view.php?id=2667 - NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/13 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/10/13 NOTE: Requires authenticated user CVE-2016-3116 (CRLF injection vulnerability in Dropbear SSH before 2016.72 allows rem ...) - dropbear 2016.72-1 @@ -24206,7 +24206,7 @@ CVE-2016-3115 (Multiple CRLF injection vulnerabilities in session.c in sshd in O [wheezy] - openssh <no-dsa> (Minor issue) NOTE: http://www.openssh.com/txt/x11fwd.adv NOTE: Portable OpenSSH 7.2p2 contains a fix for this vulnerability. - NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/8 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/10/8 NOTE: Upstream fix: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c.diff?r1=1.281&r2=1.282&sortby=date&f=h CVE-2016-3134 (The netfilter subsystem in the Linux kernel through 4.5.2 does not val ...) {DSA-3607-1 DLA-516-1} @@ -24215,8 +24215,8 @@ CVE-2016-3134 (The netfilter subsystem in the Linux kernel through 4.5.2 does no NOTE: https://code.google.com/p/google-security-research/issues/detail?id=758 NOTE: https://patchwork.ozlabs.org/patch/595575/ NOTE: http://marc.info/?l=netfilter-devel&m=145757134822741&w=2 - NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/4 - NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/10/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/10/7 NOTE: Non-privileged user namespaces disabled by default, only vulnerable with sysctl kernel.unprivileged_userns_clone=1 CVE-2016-3135 (Integer overflow in the xt_alloc_table_info function in net/netfilter/ ...) - linux 4.4.6-1 @@ -24224,7 +24224,7 @@ CVE-2016-3135 (Integer overflow in the xt_alloc_table_info function in net/netfi [wheezy] - linux <not-affected> (Vulnerable code not present) NOTE: http://marc.info/?l=netfilter-devel&m=145757136822750&w=2 NOTE: https://patchwork.ozlabs.org/patch/595576/ - NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/10/7 CVE-2016-2859 REJECTED CVE-2016-3124 (The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote at ...) @@ -24232,7 +24232,7 @@ CVE-2016-3124 (The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remo NOTE: https://simplesamlphp.org/security/201603-01 NOTE: Fixed upstream in 1.14.1 NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/952027dd7f794ff4b2d4f5eddf549c5b5070fa38 - NOTE: http://www.openwall.com/lists/oss-security/2016/03/08/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/08/4 NOTE: Not treated as a security issue, many components in Debian reveal the release in use CVE-2016-2855 (The Huawei Mobile Broadband HL Service 22.001.25.00.03 and earlier use ...) NOT-FOR-US: Huawei @@ -24297,8 +24297,8 @@ CVE-2016-3142 (The phar_parse_zipfile function in zip.c in the PHAR extension in [wheezy] - php5 <no-dsa> (Minor issue, can be fixed in next update round) NOTE: https://bugs.php.net/bug.php?id=71498 NOTE: Fixed in 5.5.33, 5.6.19 - NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/5 - NOTE: http://www.openwall.com/lists/oss-security/2016/03/13/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/10/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/13/2 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=a6fdc5bb27b20d889de0cd29318b3968aabb57bd CVE-2016-3141 (Use-after-free vulnerability in wddx.c in the WDDX extension in PHP be ...) {DLA-818-1} @@ -24307,8 +24307,8 @@ CVE-2016-3141 (Use-after-free vulnerability in wddx.c in the WDDX extension in P [wheezy] - php5 <no-dsa> (Minor issue, can be fixed in next update round) NOTE: https://bugs.php.net/bug.php?id=71587 NOTE: Fixed in 5.5.33, 5.6.19 - NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/5 - NOTE: http://www.openwall.com/lists/oss-security/2016/03/13/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/10/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/13/1 CVE-2016-2858 (QEMU, when built with the Pseudo Random Number Generator (PRNG) back-e ...) {DLA-1599-1} - qemu 1:2.6+dfsg-1 (bug #817183) @@ -24318,7 +24318,7 @@ CVE-2016-2858 (QEMU, when built with the Pseudo Random Number Generator (PRNG) b NOTE: Upstream patch: http://git.qemu.org/?p=qemu.git;a=commit;h=60253ed1e6ec6d8e5ef2efe7bf755f475dce9956 (v2.6.0-rc0) NOTE: Introduced in: http://git.qemu.org/?p=qemu.git;a=commit;h=a9b7b2ad7b075dba5495271706670e5c6b1304bc (v1.3.0-rc0) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1314676 - NOTE: http://www.openwall.com/lists/oss-security/2016/03/04/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/04/1 CVE-2016-8000 REJECTED CVE-2016-2840 (An issue was discovered in Open-Xchange Server 6 / OX AppSuite before ...) @@ -24329,7 +24329,7 @@ CVE-2016-2857 (The net_checksum_calculate function in net/checksum.c in QEMU all - qemu-kvm <removed> NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=362786f14a753d8a5256ef97d7c10ed576d6572b (v2.6.0-rc0) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1296567 - NOTE: http://www.openwall.com/lists/oss-security/2016/03/03/9 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/03/9 CVE-2016-2854 (The aufs module for the Linux kernel 3.x and 4.x does not properly mai ...) - linux 3.18-1~exp1 [jessie] - linux <ignored> (Not exploitable in default configuration) @@ -24634,7 +24634,7 @@ CVE-2016-2841 (The ne2000_receive function in the NE2000 NIC emulation support ( [wheezy] - qemu-kvm <no-dsa> (Minor issue) NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=415ab35a441eca767d033a2702223e785b9d5190 (v2.6.0-rc0) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1303106 - NOTE: http://www.openwall.com/lists/oss-security/2016/03/02/8 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/02/8 CVE-2016-2788 (MCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet Enterprise ...) - mcollective 2.12.0+dfsg-1 (bug #850968) [jessie] - mcollective <no-dsa> (Minor issue) @@ -25107,7 +25107,7 @@ CVE-2016-2779 (runuser in util-linux allows local users to escape to the parent [wheezy] - util-linux <not-affected> (runuser[.c] not yet present) [squeeze] - util-linux <not-affected> (runuser[.c] not yet present) NOTE: Restricting ioctl on the kernel side seems the better approach, patches have been posted to kernel-hardening list - NOTE: http://www.openwall.com/lists/oss-security/2016/02/27/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/27/1 NOTE: https://marc.info/?l=util-linux-ng&m=145694736107128&w=2 NOTE: 2.31 introduces a new --pty option to separate privileged and unprivileged NOTE: shells (not enabled by default and the cli switch is necessary). @@ -25118,7 +25118,7 @@ CVE-2016-XXXX [Partial SMAP bypass on 64-bit Linux kernels] - linux-2.6 <not-affected> (Introduced in 3.10) NOTE: Introduced by: https://git.kernel.org/linus/63bcff2a307b9bcc712a8251eb27df8b2e117967 (v3.10-rc1) NOTE: Fixed by: https://git.kernel.org/linus/3d44d51bd339766f0178f0cf2e8d048b4a4872aa (v4.5-rc6) - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/26/6 + NOTE: CVE Request: https://www.openwall.com/lists/oss-security/2016/02/26/6 CVE-2016-7575 REJECTED CVE-2016-2573 @@ -25229,14 +25229,14 @@ CVE-2016-3162 (The File module in Drupal 7.x before 7.43 and 8.x before 8.0.4 al - drupal7 7.43-1 - drupal6 <not-affected> (Only affects Drupal 7.x and Drupal 8.x) NOTE: https://www.drupal.org/SA-CORE-2016-001 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/24/19 CVE-2016-3163 (The XML-RPC system in Drupal 6.x before 6.38 and 7.x before 7.43 might ...) {DSA-3498-1} - drupal7 7.43-1 - drupal6 <removed> [squeeze] - drupal6 <end-of-life> NOTE: https://www.drupal.org/SA-CORE-2016-001 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/24/19 CVE-2016-3164 (Drupal 6.x before 6.38, 7.x before 7.43, and 8.x before 8.0.4 might al ...) {DSA-3498-1} - drupal8 <itp> (bug #756305) @@ -25244,52 +25244,52 @@ CVE-2016-3164 (Drupal 6.x before 6.38, 7.x before 7.43, and 8.x before 8.0.4 mig - drupal6 <removed> [squeeze] - drupal6 <end-of-life> NOTE: https://www.drupal.org/SA-CORE-2016-001 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/24/19 CVE-2016-3165 (The Form API in Drupal 6.x before 6.38 ignores access restrictions on ...) - drupal7 <not-affected> (Only affects Drupal 6) - drupal6 <removed> [squeeze] - drupal6 <end-of-life> NOTE: https://www.drupal.org/SA-CORE-2016-001 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/24/19 CVE-2016-3166 (CRLF injection vulnerability in the drupal_set_header function in Drup ...) - drupal7 <not-affected> (Only affects Drupal 6) - drupal6 <removed> [squeeze] - drupal6 <end-of-life> NOTE: https://www.drupal.org/SA-CORE-2016-001 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/24/19 CVE-2016-3167 (Open redirect vulnerability in the drupal_goto function in Drupal 6.x ...) - drupal7 <not-affected> (Only affects Drupal 6) - drupal6 <removed> [squeeze] - drupal6 <end-of-life> NOTE: https://www.drupal.org/SA-CORE-2016-001 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/24/19 CVE-2016-3168 (The System module in Drupal 6.x before 6.38 and 7.x before 7.43 might ...) {DSA-3498-1} - drupal7 7.43-1 - drupal6 <removed> [squeeze] - drupal6 <end-of-life> NOTE: https://www.drupal.org/SA-CORE-2016-001 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/24/19 CVE-2016-3169 (The User module in Drupal 6.x before 6.38 and 7.x before 7.43 allows r ...) {DSA-3498-1} - drupal7 7.43-1 - drupal6 <removed> [squeeze] - drupal6 <end-of-life> NOTE: https://www.drupal.org/SA-CORE-2016-001 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/24/19 CVE-2016-3170 (The "have you forgotten your password" links in the User module in Dru ...) {DSA-3498-1} - drupal8 <itp> (bug #756305) - drupal7 7.43-1 - drupal6 <not-affected> (Only affects Drupal 7.x and Drupal 8.x) NOTE: https://www.drupal.org/SA-CORE-2016-001 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/24/19 CVE-2016-3171 (Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before ...) - drupal7 <not-affected> (Only affects Drupal 6) - drupal6 <removed> [squeeze] - drupal6 <end-of-life> NOTE: https://www.drupal.org/SA-CORE-2016-001 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/24/19 CVE-2016-2541 (Audacity before 2.1.2 allows remote attackers to cause a denial of ser ...) - audacity 2.1.2-1 (unimportant) [jessie] - audacity <not-affected> (Vulnerable code not present) @@ -25528,7 +25528,7 @@ CVE-2016-2538 (Multiple integer overflows in the USB Net device emulator (hw/usb NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1303120 NOTE: Upstream commit: http://git.qemu.org/?p=qemu.git;a=commit;h=fe3c546c5ff2a6210f9a4d8561cc64051ca8603e (v2.6.0-rc0) NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=6c9f886ceae5b998dc2b9af2bf77666941689bce (v0.10.0) - NOTE: http://www.openwall.com/lists/oss-security/2016/02/22/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/22/3 CVE-2016-2515 (Hawk before 3.1.3 and 4.x before 4.1.1 allow remote attackers to cause ...) NOT-FOR-US: NodeJS Hawk CVE-2016-2511 (Cross-site scripting (XSS) vulnerability in WebSVN 2.3.3 and earlier a ...) @@ -25814,7 +25814,7 @@ CVE-2016-2391 (The ohci_bus_start function in the USB OHCI emulation support (hw [squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS) NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=fa1298c2d623522eda7b4f1f721fcb935abb7360 (v2.6.0-rc0) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1304794 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/16/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/16/2 CVE-2016-2390 (The FwdState::connectedToPeer method in FwdState.cc in Squid before 3. ...) - squid 4.1-1 (unimportant) - squid3 3.5.14-1 (unimportant) @@ -26030,7 +26030,7 @@ CVE-2016-2384 (Double free vulnerability in the snd_usbmidi_create function in s - linux 4.4.2-1 - linux-2.6 <removed> NOTE: Fixed by: https://git.kernel.org/linus/07d86ca93db7e5cdf4743564d98292042ec21af7 (v4.5-rc4) - NOTE: http://www.openwall.com/lists/oss-security/2016/02/14/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/14/2 NOTE: https://xairy.github.io/blog/2016/cve-2016-2384 CVE-2016-2383 (The adjust_branches function in kernel/bpf/verifier.c in the Linux ker ...) - linux 4.4.2-1 @@ -26039,7 +26039,7 @@ CVE-2016-2383 (The adjust_branches function in kernel/bpf/verifier.c in the Linu - linux-2.6 <not-affected> (Vulnerable code not present) NOTE: Fixed by: https://git.kernel.org/linus/a1b14d27ed0965838350f1377ff97c93ee383492 (v4.5-rc4) NOTE: Introduced by: https://git.kernel.org/linus/9bac3d6d548e5cc925570b263f35b70a00a00ffd (v4.1-rc1) - NOTE: http://www.openwall.com/lists/oss-security/2016/02/14/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/14/1 CVE-2016-XXXX [exec functions ignore length but look for NULL termination] - php5 5.6.18+dfsg-1 [jessie] - php5 5.6.19+dfsg-0+deb8u1 @@ -26140,7 +26140,7 @@ CVE-2016-2554 (Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.3 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305543 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=07c7df68bd68bbe706371fccc77c814ebb335d9e NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/22/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/22/5 CVE-2016-XXXX [Type confusion vulnerability in WDDX packet deserialization] - php5 5.6.18+dfsg-1 [jessie] - php5 5.6.19+dfsg-0+deb8u1 @@ -26192,7 +26192,7 @@ CVE-2016-2324 (Integer overflow in Git before 2.7.4 allows remote attackers to e {DSA-3521-1} - git 1:2.8.0~rc3-1 (bug #818318) NOTE: Removal of path_name: https://github.com/git/git/commit/9831e92bfa833ee9c0ce464bbc2f941ae6c2698d (v2.8.0-rc0) - NOTE: http://www.openwall.com/lists/oss-security/2016/03/16/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/16/2 NOTE: https://bugzilla.suse.com/show_bug.cgi?id=971328#c4 - cgit <not-affected> (path_name function from embedded git is not called) CVE-2016-2323 @@ -26375,7 +26375,7 @@ CVE-2016-2313 (auth_login.php in Cacti before 0.8.8g allows remote authenticated NOTE: http://bugs.cacti.net/view.php?id=2656 NOTE: Upstream fix: http://svn.cacti.net/viewvc?view=rev&revision=7770 NOTE: https://bugzilla.suse.com/show_bug.cgi?id=965930 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/09/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/09/3 NOTE: Only exploitable in non default setup CVE-2016-2312 (Turning all screens off in Plasma-workspace and kscreenlocker while th ...) - plasma-workspace 4:5.4.3-2 (bug #814355) @@ -26450,13 +26450,13 @@ CVE-2016-2224 (The __decode_dotted function in libc/inet/resolv.c in uClibc-ng b - uclibc <unfixed> (unimportant) NOTE: Just for cross-compiling, not used for actual packages NOTE: http://repo.or.cz/uclibc-ng.git/commit/d9c3a16dcab57d6b56225b9a67e9119cc9e2e4ac - NOTE: http://www.openwall.com/lists/oss-security/2016/02/05/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/05/2 CVE-2016-2225 (The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng bef ...) {DLA-561-1} - uclibc <unfixed> (unimportant) NOTE: Just for cross-compiling, not used for actual packages NOTE: http://repo.or.cz/uclibc-ng.git/commit/6932f2282ba0578d6ca2f21eead920d6b78bc93c - NOTE: http://www.openwall.com/lists/oss-security/2016/02/05/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/05/2 CVE-2016-2216 (The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 ...) - nodejs 4.3.0~dfsg-1 (unimportant) NOTE: libv8 is not covered by security support @@ -26528,7 +26528,7 @@ CVE-2016-2228 (Cross-site scripting (XSS) vulnerability in horde/templates/topba NOTE: http://lists.horde.org/archives/announce/2016/001140.html NOTE: https://github.com/horde/horde/commit/f03301cf6edcca57121a15e80014c4d0f29d99a0 NOTE: https://github.com/horde/horde/commit/ab07a1b447de34e13983b4d7ceb18b58c3a358d8 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/06/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/06/4 CVE-2016-7028 REJECTED CVE-2016-2199 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Orga ...) @@ -26566,7 +26566,7 @@ CVE-2016-2191 (The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG befo {DSA-3546-1} - optipng 0.7.6-1 (bug #820068) NOTE: https://sourceforge.net/p/optipng/bugs/59/ - NOTE: http://www.openwall.com/lists/oss-security/2016/04/04/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/04/2 CVE-2016-2190 (Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x ...) - moodle 2.7.13+dfsg-1 CVE-2016-2189 @@ -26836,11 +26836,11 @@ CVE-2016-2117 (The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2 - linux 4.5.2-1 [wheezy] - linux <not-affected> (Issue introduced with v3.10-rc1) NOTE: Introduced in https://git.kernel.org/linus/ec5f061564238892005257c83565a0b58ec79295 (v3.10-rc1) - NOTE: http://www.openwall.com/lists/oss-security/2016/03/16/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/16/7 CVE-2016-2116 (Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900. ...) {DSA-3508-1} - jasper <removed> (bug #816626) - NOTE: http://www.openwall.com/lists/oss-security/2016/03/03/12 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/03/12 CVE-2016-2115 (Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before ...) {DSA-3548-1} - samba 2:4.3.7+dfsg-1 @@ -26939,20 +26939,20 @@ CVE-2016-2533 (Buffer overflow in the ImagingPcdDecode function in PcdDecode.c i - python-imaging <removed> [wheezy] - python-imaging 1.1.7-4+deb7u2 NOTE: https://github.com/python-pillow/Pillow/pull/1706 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/02/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/02/5 NOTE: https://github.com/python-pillow/Pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4 CVE-2016-2221 (Open redirect vulnerability in the wp_validate_redirect function in wp ...) {DSA-3472-1 DLA-418-1} - wordpress 4.4.2+dfsg-1 (bug #813697) NOTE: https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/ NOTE: https://core.trac.wordpress.org/changeset/36444 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/04/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/04/4 CVE-2016-2222 (The wp_http_validate_url function in wp-includes/http.php in WordPress ...) {DSA-3472-1 DLA-418-1} - wordpress 4.4.2+dfsg-1 (bug #813697) NOTE: https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/ NOTE: https://core.trac.wordpress.org/changeset/36435 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/04/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/04/4 CVE-2016-2217 (The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does ...) - socat 1.7.3.1-1 (bug #813536) [jessie] - socat <not-affected> (Broken 1024bit DH parameter generated in 1.7.3.0) @@ -26961,7 +26961,7 @@ CVE-2016-2217 (The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 NOTE: The issues is about "In the OpenSSL address implementation the hard coded 1024 bit DH NOTE: p parameter was not prime.". Upstream has generated new parametes (and made it 2048 NOTE: bit long. - NOTE: http://www.openwall.com/lists/oss-security/2016/02/01/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/01/4 NOTE: http://www.dest-unreach.org/socat/contrib/socat-secadv7.html CVE-2016-5114 (sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and ...) {DLA-628-1} @@ -26971,7 +26971,7 @@ CVE-2016-5114 (sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, NOTE: https://bugs.php.net/bug.php?id=70755 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=2721a0148649e07ed74468f097a28899741eb58f NOTE: http://seclists.org/bugtraq/2016/Jan/117 - NOTE: http://www.openwall.com/lists/oss-security/2016/02/02/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/02/02/4 CVE-2016-3197 REJECTED CVE-2016-2092 @@ -26992,7 +26992,7 @@ CVE-2016-2197 (QEMU (aka Quick Emulator) built with an IDE AHCI emulation suppor - qemu-kvm <not-affected> (Vulnerable code introduced later) NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=99b4cb71069f109b79b27bc629fc0cf0886dbc4b (v2.6.0-rc0) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1302057 - NOTE: http://www.openwall.com/lists/oss-security/2016/01/29/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/29/2 NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=fc3d8e1138cd0c843d6fd75272633a31be6554ef (v2.3.0-rc2) CVE-2016-2088 (resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS cook ...) - bind9 <not-affected> (Introduced in Bind 9.10) @@ -27018,7 +27018,7 @@ CVE-2016-2091 (The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdw {DLA-669-1} - dwarfutils 20160507-1 (bug #813148) [jessie] - dwarfutils 20120410-2+deb8u1 - NOTE: http://www.openwall.com/lists/oss-security/2016/01/19/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/19/3 NOTE: Fixed by http://sourceforge.net/p/libdwarf/code/ci/9565964f26966d8391fe2cfa8e6e8e59278c5f91 CVE-2016-2090 (Off-by-one vulnerability in the fgetwln function in libbsd before 0.8. ...) {DLA-2052-1} @@ -27076,13 +27076,13 @@ CVE-2016-XXXX [out of bound read and write issues] [wheezy] - giflib <no-dsa> (Minor issue) [squeeze] - giflib <no-dsa> (Minor issue) NOTE: http://sourceforge.net/p/giflib/bugs/82/ - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/26/5 + NOTE: CVE Request: https://www.openwall.com/lists/oss-security/2016/01/26/5 NOTE: http://sourceforge.net/p/giflib/code/ci/4cc68b315ff9a378aef6664e1be6b2144ad4a5e6/ CVE-2016-2073 (The htmlParseNameComplex function in HTMLparser.c in libxml2 allows at ...) {DSA-3593-1 DLA-503-1} - libxml2 2.9.3+dfsg1-1.1 (bug #812807) - NOTE: http://www.openwall.com/lists/oss-security/2016/01/25/6 - NOTE: http://www.openwall.com/lists/oss-security/2016/01/26/8 has details + NOTE: https://www.openwall.com/lists/oss-security/2016/01/25/6 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/26/8 has details NOTE: Same fix as CVE-2016-1839 and CVE-2015-8806 CVE-2016-2070 (The tcp_cwnd_reduction function in net/ipv4/tcp_input.c in the Linux k ...) - linux 4.3.5-1 @@ -27207,7 +27207,7 @@ CVE-2016-2069 (Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4. {DSA-3503-1 DLA-412-1} - linux 4.3.5-1 - linux-2.6 <removed> - NOTE: http://www.openwall.com/lists/oss-security/2016/01/25/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/25/1 NOTE: https://git.kernel.org/linus/71b3c126e61177eb693423f2e18a1914205b165e (v4.5-rc1) NOTE: https://git.kernel.org/linus/4eaffdd5a5fe6ff9f95e1ab4de1ac904d5e0fa8b (v4.5-rc1) CVE-2016-2053 (The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kerne ...) @@ -27221,7 +27221,7 @@ CVE-2016-2053 (The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux CVE-2016-2049 (examples/consumer/common.php in JanRain PHP OpenID library (aka php-op ...) - php-openid <unfixed> (unimportant) NOTE: sample code only, actual vulnerable code not shipped in package - NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/24/2 NOTE: https://github.com/openid/php-openid/issues/128 CVE-2016-2047 (The ssl_verify_server_cert function in sql-common/client.c in MariaDB ...) {DSA-3557-1 DSA-3453-1 DLA-447-1} @@ -27660,12 +27660,12 @@ CVE-2016-1983 (The client_host function in parsers.c in Privoxy before 3.0.24 al {DSA-3460-1 DLA-398-1} - privoxy 3.0.24-1 NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.302&r2=1.303 - NOTE: http://www.openwall.com/lists/oss-security/2016/01/21/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/21/4 CVE-2016-1982 (The remove_chunked_transfer_coding function in filters.c in Privoxy be ...) {DSA-3460-1 DLA-398-1} - privoxy 3.0.24-1 NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/filters.c?r1=1.196&r2=1.197 - NOTE: http://www.openwall.com/lists/oss-security/2016/01/21/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/21/4 CVE-2016-1926 (Cross-site scripting (XSS) vulnerability in the charts module in Green ...) NOT-FOR-US: Greenbone Security Assistant CVE-2016-1921 @@ -27701,11 +27701,11 @@ CVE-2016-1981 (QEMU (aka Quick Emulator) built with the e1000 NIC emulation supp NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg03454.html NOTE: Introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=7c23b8920329180f48b8a147b629d8837709d201 (v0.10.0) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1298570 - NOTE: http://www.openwall.com/lists/oss-security/2016/01/19/10 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/19/10 CVE-2016-2037 (The cpio_safer_name_suffix function in util.c in cpio 2.11 allows remo ...) {DSA-3483-1 DLA-415-1} - cpio 2.11+dfsg-5 (bug #812401) - NOTE: http://www.openwall.com/lists/oss-security/2016/01/19/4 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/19/4 NOTE: To reproduce and uncover the issue with unstable version compile with ASAN NOTE: Patch: https://lists.gnu.org/archive/html/bug-cpio/2016-01/msg00005.html NOTE: https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=d36ec5f4e93130efb24fb9678aafd88e8070095b @@ -27713,7 +27713,7 @@ CVE-2016-2050 (The get_abbrev_array_info function in libdwarf-20151114 allows re {DLA-669-1} - dwarfutils 20160507+git20160523.9086738-1 (unimportant) [jessie] - dwarfutils 20120410-2+deb8u1 - NOTE: http://www.openwall.com/lists/oss-security/2016/01/19/9 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/19/9 NOTE: Fixed by http://sourceforge.net/p/libdwarf/code/ci/a05f5e2ae6a5f34daa566975894fc2803d6ec684 NOTE: Reasoning for "unimportant" severity: The affected source code is present NOTE: in dwarfdump/, but in the binary package is installed dwarfdump2/ . @@ -27723,7 +27723,7 @@ CVE-2016-XXXX [Multiple minor security issues] - imagemagick 8:6.8.9.9-7 (bug #811308) [jessie] - imagemagick 8:6.8.9.9-5+deb8u1 [wheezy] - imagemagick 8:6.7.7.10-5+deb7u4 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/22/4 + NOTE: CVE Request: https://www.openwall.com/lists/oss-security/2016/02/22/4 CVE-2016-1925 (Integer underflow in header.c in lha allows remote attackers to have u ...) - lha <removed> (unimportant) NOTE: Non-free not supported @@ -28798,7 +28798,7 @@ CVE-2016-1578 (Use-after-free vulnerability in Oxide allows remote attackers to CVE-2016-1577 (Double free vulnerability in the jas_iccattrval_destroy function in Ja ...) {DSA-3508-1} - jasper <removed> (bug #816625) - NOTE: http://www.openwall.com/lists/oss-security/2016/03/03/12 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/03/12 CVE-2016-1576 (The overlayfs implementation in the Linux kernel through 4.5.2 does no ...) - linux 4.5.1-1 [jessie] - linux <not-affected> (Vulnerable code not present) @@ -28858,7 +28858,7 @@ CVE-2016-1714 (The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw [squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1296060 NOTE: Upstream fix: https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg00428.html - NOTE: http://www.openwall.com/lists/oss-security/2016/01/11/7 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/11/7 NOTE: fw_cfg support for guest-side data writes removed in 2.4 (1:2.4+dfsg-1a) NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=023e3148567ac898c7258138f8e86c3c2bb40d07 (v2.4.0-rc0) NOTE: fw_cfg_read removed in: http://git.qemu.org/?p=qemu.git;a=commit;h=6c8d56a2e95712a6206a2671d2b04b2e59cabc0b @@ -28868,7 +28868,7 @@ CVE-2016-1569 (FireBird 2.5.5 allows remote authenticated users to cause a denia [wheezy] - firebird2.5 <not-affected> (Issue introduced in 2.5.5) [squeeze] - firebird2.5 <not-affected> (Issue introduced in 2.5.5) NOTE: http://tracker.firebirdsql.org/browse/CORE-5068 - NOTE: http://www.openwall.com/lists/oss-security/2016/01/10/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/10/2 CVE-2016-1568 (Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with ...) {DSA-3471-1 DSA-3470-1 DSA-3469-1} - qemu 1:2.5+dfsg-2 (bug #810527) @@ -28878,7 +28878,7 @@ CVE-2016-1568 (Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built NOTE: Fixed by: https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg01184.html NOTE: ahci emulation added in: http://git.qemu.org/?p=qemu.git;a=commit;h=f6ad2e32f8d833c7f1c75dc084a84a8f02704d64 (v0.14.0-rc0) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1288532 - NOTE: http://www.openwall.com/lists/oss-security/2016/01/09/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/09/1 CVE-2016-1563 (NetApp Clustered Data ONTAP 8.3.1 does not properly verify X.509 certi ...) NOT-FOR-US: NetApp CVE-2016-1562 (The REST API in the DTE Energy Insight application before 1.7.8 for An ...) @@ -29088,14 +29088,14 @@ CVE-2016-1564 (Multiple cross-site scripting (XSS) vulnerabilities in wp-include NOTE: https://core.trac.wordpress.org/changeset/36185 NOTE: https://wpvulndb.com/vulnerabilities/8358 NOTE: https://twitter.com/brutelogic/status/685105483397619713 - NOTE: http://www.openwall.com/lists/oss-security/2016/01/08/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/08/3 CVE-2016-1503 (dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x befor ...) - dhcpcd5 6.10.1-1 (bug #810621) [jessie] - dhcpcd5 <not-affected> (Vulnerable code not present) [wheezy] - dhcpcd5 <not-affected> (Vulnerable code not present) - dhcpcd <not-affected> (Vulnerable code not present) NOTE: https://dev.marples.name/rDHC1475a702df74b120db847991bc011e3441a045b8 - NOTE: http://www.openwall.com/lists/oss-security/2016/01/07/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/07/3 NOTE: dhcpcd 3.2.3-<rev> in squeeze and wheezy differ very much from dhcpcd5 in later Debian versions. CVE-2016-1504 (dhcpcd before 6.10.0 allows remote attackers to cause a denial of serv ...) - dhcpcd5 6.10.1-1 (bug #810620) @@ -29104,12 +29104,12 @@ CVE-2016-1504 (dhcpcd before 6.10.0 allows remote attackers to cause a denial of - dhcpcd <not-affected> (Vulnerable code not present) [squeeze] - dhcpcd <not-affected> (Vulnerable code not present) NOTE: https://dev.marples.name/rDHC33c03b26c01201152774ef92e7b773281b8d8443 - NOTE: http://www.openwall.com/lists/oss-security/2016/01/07/3 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/07/3 NOTE: dhcpcd 3.2.3-<rev> in squeeze and wheezy differ very much from dhcpcd5 in later Debian versions. CVE-2016-XXXX [Missing normalization] - ruby-rack-attack 4.3.1-1 NOTE: https://github.com/kickstarter/rack-attack/commit/76c2e3143099d938883ae5654527b47e9e6a8977 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/07/1 + NOTE: CVE Request: https://www.openwall.com/lists/oss-security/2016/01/07/1 CVE-2016-1501 (ownCloud Server before 8.0.9 and 8.1.x before 8.1.4 allow remote authe ...) - owncloud 7.0.12~dfsg-2 [jessie] - owncloud 7.0.4+dfsg-4~deb8u4 @@ -29665,7 +29665,7 @@ CVE-2016-1249 (The DBD::mysql module before 4.039 for Perl, when using server-si [jessie] - libdbd-mysql-perl <no-dsa> (Minor issue) [wheezy] - libdbd-mysql-perl <no-dsa> (Minor issue) NOTE: https://github.com/perl5-dbi/DBD-mysql/commit/793b72b1a0baa5070adacaac0e12fd995a6fbabe (4.039) - NOTE: http://www.openwall.com/lists/oss-security/2016/11/16/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/11/16/1 CVE-2016-1248 (vim before patch 8.0.0056 does not properly validate values for the 'f ...) {DSA-3722-1 DLA-718-1} - vim 2:8.0.0095-1 @@ -29730,7 +29730,7 @@ CVE-2016-1237 (nfsd in the Linux kernel through 4.6.3 allows local users to bypa CVE-2016-1236 (Multiple cross-site scripting (XSS) vulnerabilities in (1) revision.ph ...) {DSA-3572-1 DLA-462-1} - websvn <removed> - NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/22 + NOTE: https://www.openwall.com/lists/oss-security/2016/05/05/22 CVE-2016-1235 (The oarsh script in OAR before 2.5.7 allows remote authenticated users ...) {DSA-3543-1} - oar 2.5.7-1 (bug #819952) @@ -30381,7 +30381,7 @@ CVE-2016-1922 (QEMU (aka Quick Emulator) built with the TPR optimization for 32- [squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg02812.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283934 - NOTE: http://www.openwall.com/lists/oss-security/2016/01/16/1 + NOTE: https://www.openwall.com/lists/oss-security/2016/01/16/1 NOTE: Possibly introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=4917cf44326a1bda2fd7f27303aff7a25ad86518 (v1.6.0-rc0) NOTE: kvmapic introduced after 1.0.50 (http://git.qemu.org/?p=qemu.git;a=commit;h=e5ad936b0fd7dfd7fd7908be6f9f1ca88f63b96b) CVE-2016-0930 (Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.19 and 1.7.x before ...) @@ -31328,7 +31328,7 @@ CVE-2016-0635 (Unspecified vulnerability in the Enterprise Manager Ops Center co CVE-2016-0634 (The expansion of '\h' in the prompt string in bash 4.3 allows remote a ...) - bash 4.4-1 (unimportant) [jessie] - bash 4.3-11+deb8u1 - NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/8 + NOTE: https://www.openwall.com/lists/oss-security/2016/09/16/8 NOTE: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1507025 NOTE: Fixed bin Bash upstream bash-4.4 NOTE: This doesn't cross any reasonable security boundaries, an attacker with the @@ -32713,39 +32713,39 @@ CVE-2016-1000033 (Shotwell version 0.22.0 (and possibly other versions) is vulne [jessie] - shotwell <no-dsa> (Minor issue) [wheezy] - shotwell <no-dsa> (Minor issue) [squeeze] - shotwell <no-dsa> (Minor issue) - NOTE: http://www.openwall.com/lists/oss-security/2015/12/04/4 + NOTE: https://www.openwall.com/lists/oss-security/2015/12/04/4 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=754488 CVE-2016-4353 (ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder ...) - libksba 1.3.3-1 (low) [jessie] - libksba 1.3.2-1+deb8u1 [wheezy] - libksba <no-dsa> (Minor issue) [squeeze] - libksba <no-dsa> (Minor issue) - NOTE: http://www.openwall.com/lists/oss-security/2015/04/13/5 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/5 + NOTE: https://www.openwall.com/lists/oss-security/2015/04/13/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/29/5 NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=07116a314f4dcd4d96990bbd74db95a03a9f650a CVE-2016-4355 (Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 al ...) - libksba 1.3.3-1 (low) [jessie] - libksba 1.3.2-1+deb8u1 [wheezy] - libksba <no-dsa> (Minor issue) [squeeze] - libksba <no-dsa> (Minor issue) - NOTE: http://www.openwall.com/lists/oss-security/2015/04/13/5 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/5 + NOTE: https://www.openwall.com/lists/oss-security/2015/04/13/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/29/5 NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=aea7b6032865740478ca4b706850a5217f1c3887 CVE-2016-4354 (ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data t ...) - libksba 1.3.3-1 (low) [jessie] - libksba 1.3.2-1+deb8u1 [wheezy] - libksba <no-dsa> (Minor issue) [squeeze] - libksba <no-dsa> (Minor issue) - NOTE: http://www.openwall.com/lists/oss-security/2015/04/13/5 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/5 + NOTE: https://www.openwall.com/lists/oss-security/2015/04/13/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/29/5 NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=aea7b6032865740478ca4b706850a5217f1c3887 CVE-2016-4356 (The append_utf8_value function in the DN decoder (dn.c) in Libksba bef ...) - libksba 1.3.3-1 (low) [jessie] - libksba 1.3.2-1+deb8u1 [wheezy] - libksba <no-dsa> (Minor issue) [squeeze] - libksba <no-dsa> (Minor issue) - NOTE: http://www.openwall.com/lists/oss-security/2015/04/13/5 - NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/5 + NOTE: https://www.openwall.com/lists/oss-security/2015/04/13/5 + NOTE: https://www.openwall.com/lists/oss-security/2016/04/29/5 NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=243d12fdec66a4360fbb3e307a046b39b5b4ffc3 CVE-2016-9675 (openjpeg: A heap-based buffer overflow flaw was found in the patch for ...) - openjpeg 1.5.2-1 @@ -32764,4 +32764,4 @@ CVE-2016-2856 (pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jes [jessie] - glibc 2.19-18+deb8u4 NOTE: http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie&id=09f7764882a81e13e7b5d87d715412283a6ce403 NOTE: http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie&id=11475c083282c1582c4dd72eecfcb2b7d308c958 - NOTE: http://www.openwall.com/lists/oss-security/2016/03/07/2 + NOTE: https://www.openwall.com/lists/oss-security/2016/03/07/2 |