diff options
author | security tracker role <sectracker@debian.org> | 2017-08-16 21:11:01 +0000 |
---|---|---|
committer | security tracker role <sectracker@debian.org> | 2017-08-16 21:11:01 +0000 |
commit | 3486b6b532bb585e000aebf45e70037dcb2a00ff (patch) | |
tree | d6b2fe6871694343b8c716f7cb20a3196c6c94f1 /data | |
parent | c03489acad0d8994fbc17d387c28982fe2e3b2f7 (diff) |
automatic update
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@54785 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/2007.list | 8 | ||||
-rw-r--r-- | data/CVE/2014.list | 72 | ||||
-rw-r--r-- | data/CVE/2015.list | 236 | ||||
-rw-r--r-- | data/CVE/2016.list | 233 | ||||
-rw-r--r-- | data/CVE/2017.list | 55 |
5 files changed, 562 insertions, 42 deletions
diff --git a/data/CVE/2007.list b/data/CVE/2007.list index c3a713178f..e49cd99e55 100644 --- a/data/CVE/2007.list +++ b/data/CVE/2007.list @@ -1473,7 +1473,7 @@ CVE-2007-6138 (SQL injection vulnerability in redir.asp in VU Mass Mailer allows NOT-FOR-US: VU Mass Mailer CVE-2007-6137 (SQL injection vulnerability in news.php in Content Injector 1.52 ...) NOT-FOR-US: Content Injector -CVE-2007-6136 (Multiplce cross-site scripting (XSS) vulnerabilities in index.php in ...) +CVE-2007-6136 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) NOT-FOR-US: M2Scripts MySpace Scripts CVE-2007-6135 (Cross-site scripting (XSS) vulnerability in phpslideshow.php in ...) NOT-FOR-US: PHPSlideShow @@ -2837,7 +2837,7 @@ CVE-2007-5581 (Multiple cross-site scripting (XSS) vulnerabilities in ...) NOT-FOR-US: Cisco Unified MeetingPlace CVE-2007-5580 (Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 ...) NOT-FOR-US: Cisco -CVE-2007-5589 (Muliple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...) +CVE-2007-5589 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...) {DSA-1403-1} - phpmyadmin 4:2.11.1.2-1 CVE-2007-5579 (login.php in Pligg CMS 9.5 uses a guessable confirmation code when ...) @@ -8458,7 +8458,7 @@ CVE-2007-3207 (Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetW NOT-FOR-US: Novell NetWare CVE-2007-3206 RESERVED -CVE-2007-3205 (The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Subhosin, ...) +CVE-2007-3205 (The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, ...) - php4 <removed> (unimportant) - php5 <removed> (unimportant) NOTE: That's by design @@ -12488,7 +12488,7 @@ CVE-2007-1507 (The default configuration in OpenAFS 1.4.x before 1.4.4 and 1.5.x - openafs 1.4.2-6 (medium) CVE-2007-1506 (Cross-site scripting (XSS) vulnerability in ...) NOT-FOR-US: Oracle Portal -CVE-2007-1505 (Fujistu FENCE-Pro before V5L01, and Systemwalker Desktop Encryption ...) +CVE-2007-1505 (Fujitsu FENCE-Pro before V5L01, and Systemwalker Desktop Encryption ...) NOT-FOR-US: Fujistu FENCE-Pro CVE-2007-1504 (Cross-site scripting (XSS) vulnerability in the Servlet Service in ...) NOT-FOR-US: Fujitsu Interstage Application Server diff --git a/data/CVE/2014.list b/data/CVE/2014.list index 101961a85c..e2eb34c7d8 100644 --- a/data/CVE/2014.list +++ b/data/CVE/2014.list @@ -1,3 +1,75 @@ +CVE-2014-9998 + RESERVED +CVE-2014-9997 + RESERVED +CVE-2014-9996 + RESERVED +CVE-2014-9995 + RESERVED +CVE-2014-9994 + RESERVED +CVE-2014-9993 + RESERVED +CVE-2014-9992 + RESERVED +CVE-2014-9991 + RESERVED +CVE-2014-9990 + RESERVED +CVE-2014-9989 + RESERVED +CVE-2014-9988 + RESERVED +CVE-2014-9987 + RESERVED +CVE-2014-9986 + RESERVED +CVE-2014-9985 + RESERVED +CVE-2014-10063 + RESERVED +CVE-2014-10062 + RESERVED +CVE-2014-10061 + RESERVED +CVE-2014-10060 + RESERVED +CVE-2014-10059 + RESERVED +CVE-2014-10058 + RESERVED +CVE-2014-10057 + RESERVED +CVE-2014-10056 + RESERVED +CVE-2014-10055 + RESERVED +CVE-2014-10054 + RESERVED +CVE-2014-10053 + RESERVED +CVE-2014-10052 + RESERVED +CVE-2014-10051 + RESERVED +CVE-2014-10050 + RESERVED +CVE-2014-10049 + RESERVED +CVE-2014-10048 + RESERVED +CVE-2014-10047 + RESERVED +CVE-2014-10046 + RESERVED +CVE-2014-10045 + RESERVED +CVE-2014-10044 + RESERVED +CVE-2014-10043 + RESERVED +CVE-2014-10039 + RESERVED CVE-2014-9984 (nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does ...) - glibc 2.19-14 - eglibc <removed> diff --git a/data/CVE/2015.list b/data/CVE/2015.list index 582ce8cf67..9d62a98ece 100644 --- a/data/CVE/2015.list +++ b/data/CVE/2015.list @@ -1,3 +1,239 @@ +CVE-2015-9225 + RESERVED +CVE-2015-9224 + RESERVED +CVE-2015-9223 + RESERVED +CVE-2015-9222 + RESERVED +CVE-2015-9221 + RESERVED +CVE-2015-9220 + RESERVED +CVE-2015-9219 + RESERVED +CVE-2015-9218 + RESERVED +CVE-2015-9217 + RESERVED +CVE-2015-9216 + RESERVED +CVE-2015-9215 + RESERVED +CVE-2015-9214 + RESERVED +CVE-2015-9213 + RESERVED +CVE-2015-9212 + RESERVED +CVE-2015-9211 + RESERVED +CVE-2015-9210 + RESERVED +CVE-2015-9209 + RESERVED +CVE-2015-9208 + RESERVED +CVE-2015-9207 + RESERVED +CVE-2015-9206 + RESERVED +CVE-2015-9205 + RESERVED +CVE-2015-9204 + RESERVED +CVE-2015-9203 + RESERVED +CVE-2015-9202 + RESERVED +CVE-2015-9201 + RESERVED +CVE-2015-9200 + RESERVED +CVE-2015-9199 + RESERVED +CVE-2015-9198 + RESERVED +CVE-2015-9197 + RESERVED +CVE-2015-9196 + RESERVED +CVE-2015-9195 + RESERVED +CVE-2015-9194 + RESERVED +CVE-2015-9193 + RESERVED +CVE-2015-9192 + RESERVED +CVE-2015-9191 + RESERVED +CVE-2015-9190 + RESERVED +CVE-2015-9189 + RESERVED +CVE-2015-9188 + RESERVED +CVE-2015-9187 + RESERVED +CVE-2015-9186 + RESERVED +CVE-2015-9185 + RESERVED +CVE-2015-9184 + RESERVED +CVE-2015-9183 + RESERVED +CVE-2015-9182 + RESERVED +CVE-2015-9181 + RESERVED +CVE-2015-9180 + RESERVED +CVE-2015-9179 + RESERVED +CVE-2015-9178 + RESERVED +CVE-2015-9177 + RESERVED +CVE-2015-9176 + RESERVED +CVE-2015-9175 + RESERVED +CVE-2015-9174 + RESERVED +CVE-2015-9173 + RESERVED +CVE-2015-9172 + RESERVED +CVE-2015-9171 + RESERVED +CVE-2015-9170 + RESERVED +CVE-2015-9169 + RESERVED +CVE-2015-9168 + RESERVED +CVE-2015-9167 + RESERVED +CVE-2015-9166 + RESERVED +CVE-2015-9165 + RESERVED +CVE-2015-9164 + RESERVED +CVE-2015-9163 + RESERVED +CVE-2015-9162 + RESERVED +CVE-2015-9161 + RESERVED +CVE-2015-9160 + RESERVED +CVE-2015-9159 + RESERVED +CVE-2015-9158 + RESERVED +CVE-2015-9157 + RESERVED +CVE-2015-9156 + RESERVED +CVE-2015-9155 + RESERVED +CVE-2015-9154 + RESERVED +CVE-2015-9153 + RESERVED +CVE-2015-9152 + RESERVED +CVE-2015-9151 + RESERVED +CVE-2015-9150 + RESERVED +CVE-2015-9149 + RESERVED +CVE-2015-9148 + RESERVED +CVE-2015-9147 + RESERVED +CVE-2015-9146 + RESERVED +CVE-2015-9145 + RESERVED +CVE-2015-9144 + RESERVED +CVE-2015-9143 + RESERVED +CVE-2015-9142 + RESERVED +CVE-2015-9141 + RESERVED +CVE-2015-9140 + RESERVED +CVE-2015-9139 + RESERVED +CVE-2015-9138 + RESERVED +CVE-2015-9137 + RESERVED +CVE-2015-9136 + RESERVED +CVE-2015-9135 + RESERVED +CVE-2015-9134 + RESERVED +CVE-2015-9133 + RESERVED +CVE-2015-9132 + RESERVED +CVE-2015-9131 + RESERVED +CVE-2015-9130 + RESERVED +CVE-2015-9129 + RESERVED +CVE-2015-9128 + RESERVED +CVE-2015-9127 + RESERVED +CVE-2015-9126 + RESERVED +CVE-2015-9125 + RESERVED +CVE-2015-9124 + RESERVED +CVE-2015-9123 + RESERVED +CVE-2015-9122 + RESERVED +CVE-2015-9121 + RESERVED +CVE-2015-9120 + RESERVED +CVE-2015-9119 + RESERVED +CVE-2015-9118 + RESERVED +CVE-2015-9117 + RESERVED +CVE-2015-9116 + RESERVED +CVE-2015-9115 + RESERVED +CVE-2015-9114 + RESERVED +CVE-2015-9113 + RESERVED +CVE-2015-9112 + RESERVED +CVE-2015-9111 + RESERVED +CVE-2015-9110 + RESERVED +CVE-2015-9109 + RESERVED +CVE-2015-9108 + RESERVED CVE-2015-9107 (Zoho ManageEngine OpManager 11 through 12.2 uses a custom encryption ...) NOT-FOR-US: Zoho ManageEngine OpManager CVE-2015-9106 diff --git a/data/CVE/2016.list b/data/CVE/2016.list index d0f20f11c4..b16e862675 100644 --- a/data/CVE/2016.list +++ b/data/CVE/2016.list @@ -1,3 +1,197 @@ +CVE-2016-10502 + RESERVED +CVE-2016-10501 + RESERVED +CVE-2016-10500 + RESERVED +CVE-2016-10499 + RESERVED +CVE-2016-10498 + RESERVED +CVE-2016-10497 + RESERVED +CVE-2016-10496 + RESERVED +CVE-2016-10495 + RESERVED +CVE-2016-10494 + RESERVED +CVE-2016-10493 + RESERVED +CVE-2016-10492 + RESERVED +CVE-2016-10491 + RESERVED +CVE-2016-10490 + RESERVED +CVE-2016-10489 + RESERVED +CVE-2016-10488 + RESERVED +CVE-2016-10487 + RESERVED +CVE-2016-10486 + RESERVED +CVE-2016-10485 + RESERVED +CVE-2016-10484 + RESERVED +CVE-2016-10483 + RESERVED +CVE-2016-10482 + RESERVED +CVE-2016-10481 + RESERVED +CVE-2016-10480 + RESERVED +CVE-2016-10479 + RESERVED +CVE-2016-10478 + RESERVED +CVE-2016-10477 + RESERVED +CVE-2016-10476 + RESERVED +CVE-2016-10475 + RESERVED +CVE-2016-10474 + RESERVED +CVE-2016-10473 + RESERVED +CVE-2016-10472 + RESERVED +CVE-2016-10471 + RESERVED +CVE-2016-10470 + RESERVED +CVE-2016-10469 + RESERVED +CVE-2016-10468 + RESERVED +CVE-2016-10467 + RESERVED +CVE-2016-10466 + RESERVED +CVE-2016-10465 + RESERVED +CVE-2016-10464 + RESERVED +CVE-2016-10463 + RESERVED +CVE-2016-10462 + RESERVED +CVE-2016-10461 + RESERVED +CVE-2016-10460 + RESERVED +CVE-2016-10459 + RESERVED +CVE-2016-10458 + RESERVED +CVE-2016-10457 + RESERVED +CVE-2016-10456 + RESERVED +CVE-2016-10455 + RESERVED +CVE-2016-10454 + RESERVED +CVE-2016-10453 + RESERVED +CVE-2016-10452 + RESERVED +CVE-2016-10451 + RESERVED +CVE-2016-10450 + RESERVED +CVE-2016-10449 + RESERVED +CVE-2016-10448 + RESERVED +CVE-2016-10447 + RESERVED +CVE-2016-10446 + RESERVED +CVE-2016-10445 + RESERVED +CVE-2016-10444 + RESERVED +CVE-2016-10443 + RESERVED +CVE-2016-10442 + RESERVED +CVE-2016-10441 + RESERVED +CVE-2016-10440 + RESERVED +CVE-2016-10439 + RESERVED +CVE-2016-10438 + RESERVED +CVE-2016-10437 + RESERVED +CVE-2016-10436 + RESERVED +CVE-2016-10435 + RESERVED +CVE-2016-10434 + RESERVED +CVE-2016-10433 + RESERVED +CVE-2016-10432 + RESERVED +CVE-2016-10431 + RESERVED +CVE-2016-10430 + RESERVED +CVE-2016-10429 + RESERVED +CVE-2016-10428 + RESERVED +CVE-2016-10427 + RESERVED +CVE-2016-10426 + RESERVED +CVE-2016-10425 + RESERVED +CVE-2016-10424 + RESERVED +CVE-2016-10423 + RESERVED +CVE-2016-10422 + RESERVED +CVE-2016-10421 + RESERVED +CVE-2016-10420 + RESERVED +CVE-2016-10419 + RESERVED +CVE-2016-10418 + RESERVED +CVE-2016-10417 + RESERVED +CVE-2016-10416 + RESERVED +CVE-2016-10415 + RESERVED +CVE-2016-10414 + RESERVED +CVE-2016-10413 + RESERVED +CVE-2016-10412 + RESERVED +CVE-2016-10411 + RESERVED +CVE-2016-10410 + RESERVED +CVE-2016-10409 + RESERVED +CVE-2016-10408 + RESERVED +CVE-2016-10407 + RESERVED +CVE-2016-10406 + RESERVED CVE-2016-10405 RESERVED CVE-2016-10404 (XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted redirect ...) @@ -14252,43 +14446,35 @@ CVE-2016-5869 CVE-2016-5868 RESERVED NOT-FOR-US: Qualcomm driver for Android -CVE-2016-5867 - RESERVED +CVE-2016-5867 (In a sound driver in all Qualcomm products with Android releases from ...) NOT-FOR-US: Qualcomm driver for Android CVE-2016-5866 RESERVED CVE-2016-5865 RESERVED -CVE-2016-5864 - RESERVED -CVE-2016-5863 - RESERVED -CVE-2016-5862 - RESERVED +CVE-2016-5864 (In an audio driver function in all Qualcomm products with Android ...) + TODO: check +CVE-2016-5863 (In an ioctl handler in all Qualcomm products with Android releases ...) + TODO: check +CVE-2016-5862 (When a control related to codec is issued from userspace in all ...) NOT-FOR-US: Qualcomm driver for Android -CVE-2016-5861 - RESERVED -CVE-2016-5860 - RESERVED +CVE-2016-5861 (In a display driver in all Qualcomm products with Android releases ...) + TODO: check +CVE-2016-5860 (In an audio driver in all Qualcomm products with Android releases from ...) NOT-FOR-US: Qualcomm driver for Android -CVE-2016-5859 - RESERVED +CVE-2016-5859 (In a sound driver in all Qualcomm products in all Android releases ...) NOT-FOR-US: Qualcomm driver for Android -CVE-2016-5858 - RESERVED +CVE-2016-5858 (In an ioctl handler in all Qualcomm products with Android releases ...) NOT-FOR-US: Qualcomm driver for Android CVE-2016-5857 (The Qualcomm SPCom driver in Android before 7.0 allows local users to ...) NOTE: Red Hat seem to have typoed the CVE, which should be CVE-2016-5875, asked to confirm CVE-2016-5856 (Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android ...) NOT-FOR-US: Qualcomm driver for Android -CVE-2016-5855 - RESERVED +CVE-2016-5855 (In a driver, in all Qualcomm product with Android releases from CAF ...) NOT-FOR-US: Qualcomm driver for Android -CVE-2016-5854 - RESERVED +CVE-2016-5854 (In a driver in all Qualcomm products with Android releases from CAF ...) NOT-FOR-US: Qualcomm driver for Android -CVE-2016-5853 - RESERVED +CVE-2016-5853 (In an audio driver in all Qualcomm products with Android releases from ...) NOT-FOR-US: Qualcomm driver for Android CVE-2016-5852 (For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and ...) NOT-FOR-US: NVIDIA drivers for Windows @@ -15785,8 +15971,7 @@ CVE-2016-5349 (The high level operating systems (HLOS) was not providing suffici NOT-FOR-US: Qualcomm driver for Android CVE-2016-5348 (The GPS component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, ...) NOT-FOR-US: Android -CVE-2016-5347 - RESERVED +CVE-2016-5347 (In all Qualcomm products with Android releases from CAF using the ...) NOT-FOR-US: Qualcomm driver for Android CVE-2016-5346 RESERVED diff --git a/data/CVE/2017.list b/data/CVE/2017.list index 22de91f65a..069ba9d7b7 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -1,3 +1,34 @@ +CVE-2017-12892 + RESERVED +CVE-2017-12891 + RESERVED +CVE-2017-12890 + RESERVED +CVE-2017-12889 + RESERVED +CVE-2017-12888 + RESERVED +CVE-2017-12887 + RESERVED +CVE-2017-12886 + RESERVED +CVE-2017-12885 + RESERVED +CVE-2017-12884 + RESERVED +CVE-2017-12883 + RESERVED +CVE-2017-12882 + RESERVED +CVE-2017-12881 + RESERVED +CVE-2017-12880 + REJECTED + TODO: check +CVE-2017-12879 + RESERVED +CVE-2017-12878 + RESERVED CVE-2017-12877 [use-after-free in DestroyImage (image.c)] RESERVED - imagemagick <unfixed> @@ -12219,8 +12250,8 @@ CVE-2017-8250 RESERVED CVE-2017-8249 RESERVED -CVE-2017-8248 - RESERVED +CVE-2017-8248 (A buffer overflow may occur in the processing of a downlink NAS ...) + TODO: check CVE-2017-8247 RESERVED CVE-2017-8246 (In function msm_pcm_playback_close() in all Android releases from CAF ...) @@ -12229,8 +12260,8 @@ CVE-2017-8245 (In all Android releases from CAF using the Linux kernel, while .. - linux <not-affected> (Android-specific patch) CVE-2017-8244 (In core_info_read and inst_info_read in all Android releases from CAF ...) - linux <not-affected> (Android-specific patch) -CVE-2017-8243 - RESERVED +CVE-2017-8243 (A buffer overflow can occur when processing a firmware image file in ...) + TODO: check CVE-2017-8242 (In all Android releases from CAF using the Linux kernel, a race ...) - linux <not-affected> (Android-specific patch) CVE-2017-8241 (In all Android releases from CAF using the Linux kernel, a buffer ...) @@ -14282,8 +14313,7 @@ CVE-2017-7553 RESERVED CVE-2017-7552 RESERVED -CVE-2017-7551 [Password brute-force possible for locked account due to different return codes] - RESERVED +CVE-2017-7551 (389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to ...) - 389-ds-base <unfixed> (bug #870752) NOTE: https://pagure.io/389-ds-base/issue/49336 CVE-2017-7550 @@ -14291,8 +14321,7 @@ CVE-2017-7550 CVE-2017-7549 RESERVED NOT-FOR-US: instack-undercloud -CVE-2017-7548 [lo_put() function ignores ACLs] - RESERVED +CVE-2017-7548 (PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to ...) {DSA-3936-1 DSA-3935-1} - postgresql-9.6 9.6.4-1 - postgresql-9.4 <removed> @@ -14300,8 +14329,7 @@ CVE-2017-7548 [lo_put() function ignores ACLs] [jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl) - postgresql-8.4 <removed> NOTE: https://www.postgresql.org/about/news/1772/ -CVE-2017-7547 [The "pg_user_mappings" catalog view discloses passwords to users lacking server privileges] - RESERVED +CVE-2017-7547 (PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are ...) {DSA-3936-1 DSA-3935-1 DLA-1051-1} - postgresql-9.6 9.6.4-1 - postgresql-9.4 <removed> @@ -14309,8 +14337,7 @@ CVE-2017-7547 [The "pg_user_mappings" catalog view discloses passwords to users [jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl) - postgresql-8.4 <removed> NOTE: https://www.postgresql.org/about/news/1772/ -CVE-2017-7546 [Empty password accepted in some authentication methods] - RESERVED +CVE-2017-7546 (PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are ...) {DSA-3936-1 DSA-3935-1 DLA-1051-1} - postgresql-9.6 9.6.4-1 - postgresql-9.4 <removed> @@ -17509,8 +17536,8 @@ CVE-2017-6423 NOT-FOR-US: Qualcomm driver for Android CVE-2017-6422 RESERVED -CVE-2017-6421 - RESERVED +CVE-2017-6421 (In the touch controller function in all Qualcomm products in all ...) + TODO: check CVE-2017-6420 (The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows ...) - clamav 0.99.3~beta1+dfsg-1 [stretch] - clamav <no-dsa> (Gets updated via -updates) |