Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cc21234f by security tracker role at 2018-11-29T20:10:19Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,65 @@
+CVE-2018-19697
+ RESERVED
+CVE-2018-19696
+ RESERVED
+CVE-2018-19695
+ RESERVED
+CVE-2018-19694
+ RESERVED
+CVE-2018-19693 (An issue was discovered in tp5cms through 2017-05-25. ...)
+ TODO: check
+CVE-2018-19692 (An issue was discovered in tp5cms through 2017-05-25. ...)
+ TODO: check
+CVE-2018-19691
+ RESERVED
+CVE-2018-19690
+ RESERVED
+CVE-2018-19689
+ RESERVED
+CVE-2018-19688
+ RESERVED
+CVE-2018-19687
+ RESERVED
+CVE-2018-19686
+ RESERVED
+CVE-2018-19685
+ RESERVED
+CVE-2018-19684
+ RESERVED
+CVE-2018-19683
+ RESERVED
+CVE-2018-19682
+ RESERVED
+CVE-2018-19681
+ RESERVED
+CVE-2018-19680
+ RESERVED
+CVE-2018-19679
+ RESERVED
+CVE-2018-19678
+ RESERVED
+CVE-2018-19677
+ RESERVED
+CVE-2018-19676
+ RESERVED
+CVE-2018-19675
+ RESERVED
+CVE-2018-19674
+ RESERVED
+CVE-2018-19673
+ RESERVED
+CVE-2018-19672
+ RESERVED
+CVE-2018-19671
+ RESERVED
+CVE-2018-19670
+ RESERVED
+CVE-2018-19669
+ RESERVED
+CVE-2018-19668
+ RESERVED
+CVE-2018-19667
+ RESERVED
CVE-2018-19666 (The agent in OSSEC through 3.1.0 on Windows allows local users
to gain ...)
- ossec-hids <itp> (bug #361954)
CVE-2018-19665
@@ -5421,8 +5483,7 @@ CVE-2018-18651 (An issue was discovered in Xpdf 4.00.
catalog->getNumPages()
- xpdf <not-affected> (xpdf in Debian uses poppler, which is not
affected or fixed)
CVE-2018-18650 (An issue was discovered in Xpdf 4.00. XRef::readXRefStream in
XRef.cc ...)
- xpdf <not-affected> (xpdf in Debian uses poppler, which is not
affected or fixed)
-CVE-2018-18649 [RCE in Gitlab Wiki API]
- RESERVED
+CVE-2018-18649 (An issue was discovered in the wiki API in GitLab Community
and ...)
- gitlab <not-affected> (Only affects 11.3 and later)
NOTE:
https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
CVE-2018-18648 [Information exposure through stack trace error message]
@@ -7281,14 +7342,14 @@ CVE-2018-17965 (ImageMagick 7.0.7-28 has a memory leak
vulnerability in WriteSGI
CVE-2018-17964 (Aryanic HighPortal 12.5 has XSS via an Add Tags action. ...)
NOT-FOR-US: Aryanic HighPortal
CVE-2018-17963 (qemu_deliver_packet_iov in net/net.c in Qemu accepts packet
sizes ...)
- {DSA-4338-1}
+ {DSA-4338-1 DLA-1599-1}
- qemu <unfixed> (bug #911469)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html
NOTE: https://www.openwall.com/lists/oss-security/2018/10/08/1
NOTE:
https://git.qemu.org/?p=qemu.git;a=commit;h=1592a9947036d60dde5404204a5d45975133caf5
CVE-2018-17962 (Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c
because ...)
- {DSA-4338-1}
+ {DSA-4338-1 DLA-1599-1}
- qemu <unfixed> (bug #911468)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03268.html
@@ -9855,8 +9916,7 @@ CVE-2018-16861
- foreman <itp> (bug #663101)
CVE-2018-16860
RESERVED
-CVE-2018-16859 [become password logged in plaintext when used with PowerShell
on Windows]
- RESERVED
+CVE-2018-16859 (Execution of Ansible playbooks on Windows platforms with
PowerShell ...)
- ansible <not-affected> (Only issue when executing Ansible playbooks
on Windows platforms)
CVE-2018-16858
RESERVED
@@ -10454,7 +10514,7 @@ CVE-2018-16647 (In Artifex MuPDF 1.13.0, the
pdf_get_xref_entry function in ...)
[jessie] - mupdf <ignored> (Minor issue)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699686
CVE-2018-16646 (In Poppler 0.68.0, the Parser::getObj() function in Parser.cc
may cause ...)
- {DLA-1562-1}
+ {DLA-1562-2 DLA-1562-1}
- poppler <unfixed> (low; bug #909802)
[stretch] - poppler <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1622951
@@ -15514,8 +15574,7 @@ CVE-2018-14627 (The IIOP OpenJDK Subsystem in WildFly
before version 14.0.0 does
- wildfly <itp> (bug #752018)
NOTE: https://issues.jboss.org/browse/WFLY-9107
NOTE: https://github.com/wildfly/wildfly/pull/10675
-CVE-2018-14626 [Packet cache pollution via crafted query]
- RESERVED
+CVE-2018-14626 (PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and
PowerDNS ...)
- pdns 4.1.5-1 (bug #913163)
[stretch] - pdns <not-affected> (Vulnerable code present only in >=
4.1.0)
[jessie] - pdns <not-affected> (Vulnerable code not present)
@@ -21786,8 +21845,8 @@ CVE-2018-12247 (An issue was discovered in mruby 1.4.1.
There is a NULL pointer
NOTE: https://github.com/mruby/mruby/issues/4036
CVE-2018-12246 (Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is
susceptible to a ...)
NOT-FOR-US: Symantec
-CVE-2018-12245
- RESERVED
+CVE-2018-12245 (Symantec Endpoint Protection prior to 14.2 MP1 may be
susceptible to a ...)
+ TODO: check
CVE-2018-12244
RESERVED
CVE-2018-12243 (The Symantec Messaging Gateway product prior to 10.6.6 may be
...)
@@ -21798,10 +21857,10 @@ CVE-2018-12241 (The Symantec Security Analytics (SA)
7.x prior to 7.3.4 Web UI i
NOT-FOR-US: Symantec
CVE-2018-12240 (The Norton Identity Safe product prior to 5.3.0.976 may be
susceptible ...)
NOT-FOR-US: Norton
-CVE-2018-12239
- RESERVED
-CVE-2018-12238
- RESERVED
+CVE-2018-12239 (Norton prior to 22.15; Symantec Endpoint Protection (SEP)
prior to ...)
+ TODO: check
+CVE-2018-12238 (Norton prior to 22.15; Symantec Endpoint Protection (SEP)
prior to ...)
+ TODO: check
CVE-2018-12237
RESERVED
CVE-2018-12236
@@ -25055,8 +25114,8 @@ CVE-2018-11004 (An issue was discovered in SDcms v1.5.
Cross-site request forger
NOT-FOR-US: SDcms
CVE-2018-11003 (An issue was discovered in YXcms 1.4.7. Cross-site request
forgery ...)
NOT-FOR-US: YXcms
-CVE-2018-11002
- RESERVED
+CVE-2018-11002 (Pulse Secure Desktop Client 5.3 up to and including R6.0 build
1769 on ...)
+ TODO: check
CVE-2018-11001
RESERVED
CVE-2018-11000
@@ -25645,8 +25704,7 @@ CVE-2018-10852 (The UNIX pipe which sudo uses to
contact SSSD and read the avail
{DLA-1429-1}
- sssd <unfixed> (bug #902860)
NOTE: https://pagure.io/SSSD/sssd/issue/3766
-CVE-2018-10851 [Crafted answer can cause a denial of service]
- RESERVED
+CVE-2018-10851 (PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding
4.1.5 and ...)
- pdns 4.1.5-1 (bug #913163)
[stretch] - pdns <no-dsa> (Minor issue; will be fixed via point release)
[jessie] - pdns <ignored> (Minor issue)
@@ -25726,7 +25784,7 @@ CVE-2018-10840 (Linux kernel is vulnerable to a
heap-based buffer overflow in th
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199347
NOTE: Fixed by:
https://git.kernel.org/linus/8a2b307c21d4b290e3cbe33f768f194286d07c23
CVE-2018-10839 (Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation
support is ...)
- {DSA-4338-1}
+ {DSA-4338-1 DLA-1599-1}
- qemu <unfixed> (bug #910431)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03273.html
@@ -30949,18 +31007,18 @@ CVE-2018-8791
RESERVED
CVE-2018-8790
RESERVED
-CVE-2018-8789
- RESERVED
-CVE-2018-8788
- RESERVED
-CVE-2018-8787
- RESERVED
-CVE-2018-8786
- RESERVED
-CVE-2018-8785
- RESERVED
-CVE-2018-8784
- RESERVED
+CVE-2018-8789 (FreeRDP prior to version 2.0.0-rc4 contains several
Out-Of-Bounds ...)
+ TODO: check
+CVE-2018-8788 (FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds
Write of ...)
+ TODO: check
+CVE-2018-8787 (FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow
that ...)
+ TODO: check
+CVE-2018-8786 (FreeRDP prior to version 2.0.0-rc4 contains an Integer
Truncation that ...)
+ TODO: check
+CVE-2018-8785 (FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer
...)
+ TODO: check
+CVE-2018-8784 (FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer
...)
+ TODO: check
CVE-2018-8783
RESERVED
CVE-2018-8782
@@ -51182,8 +51240,8 @@ CVE-2018-1764
RESERVED
CVE-2018-1763
RESERVED
-CVE-2018-1762
- RESERVED
+CVE-2018-1762 (IBM Rational Collaborative Lifecycle Management 5.0 through
5.0.2 and ...)
+ TODO: check
CVE-2018-1761
RESERVED
CVE-2018-1760
@@ -64930,18 +64988,21 @@ CVE-2017-14504 (ReadPNMImage in coders/pnm.c in
GraphicsMagick 1.3.26 does not e
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/465/
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/466/
CVE-2017-14503 (libarchive 3.3.2 suffers from an out-of-bounds read within ...)
+ {DLA-1600-1}
- libarchive 3.2.2-4.1 (bug #875960)
[stretch] - libarchive <no-dsa> (Minor issue)
[wheezy] - libarchive <no-dsa> (Minor issue)
NOTE: https://github.com/libarchive/libarchive/issues/948
NOTE:
https://github.com/libarchive/libarchive/commit/2c8c83b9731ff822fad6cc8c670ea5519c366a14
CVE-2017-14502 (read_header in archive_read_support_format_rar.c in libarchive
3.3.2 ...)
+ {DLA-1600-1}
- libarchive 3.2.2-4.1 (bug #875974)
[stretch] - libarchive <no-dsa> (Minor issue)
[wheezy] - libarchive <no-dsa> (Minor issue)
NOTE:
https://github.com/libarchive/libarchive/commit/5562545b5562f6d12a4ef991fae158bf4ccf92b6
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=573
CVE-2017-14501 (An out-of-bounds read flaw exists in parse_file_info in ...)
+ {DLA-1600-1}
- libarchive 3.2.2-4.2 (bug #875966)
[stretch] - libarchive <no-dsa> (Minor issue)
[wheezy] - libarchive <no-dsa> (Minor issue)
@@ -65952,7 +66013,7 @@ CVE-2017-14162
CVE-2017-14161
RESERVED
CVE-2017-14166 (libarchive 3.3.2 allows remote attackers to cause a denial of
service ...)
- {DLA-1092-1}
+ {DLA-1600-1 DLA-1092-1}
- libarchive 3.2.2-3.1 (bug #874539)
[stretch] - libarchive <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2017/09/06/5
@@ -76527,7 +76588,7 @@ CVE-2017-9998 (The _dwarf_decode_s_leb128_chk function
in dwarf_leb.c in libdwar
CVE-2017-9997
RESERVED
CVE-2017-10664 (qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE,
which ...)
- {DSA-3920-1 DLA-1071-1 DLA-1070-1}
+ {DSA-3920-1 DLA-1599-1 DLA-1071-1 DLA-1070-1}
- qemu 1:2.8+dfsg-7 (bug #866674)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02693.html
@@ -83473,13 +83534,13 @@ CVE-2016-10351 (Telegram Desktop 0.10.19 uses 0755
permissions for ...)
- telegram-desktop 1.1.19-2
NOTE: https://github.com/telegramdesktop/tdesktop/issues/2666
CVE-2016-10350 (The archive_read_format_cab_read_header function in ...)
- {DLA-1006-1}
+ {DLA-1600-1 DLA-1006-1}
- libarchive 3.2.2-3.1 (bug #861609)
[stretch] - libarchive <no-dsa> (Minor issue)
NOTE: https://github.com/libarchive/libarchive/issues/835
NOTE: Fixed by:
https://github.com/libarchive/libarchive/commit/88eb9e1d73fef46f04677c25b1697b8e25777ed3
(v3.3.0)
CVE-2016-10349 (The archive_le32dec function in archive_endian.h in libarchive
3.2.2 ...)
- {DLA-1006-1}
+ {DLA-1600-1 DLA-1006-1}
- libarchive 3.2.2-3.1 (bug #861609)
[stretch] - libarchive <no-dsa> (Minor issue)
NOTE: https://github.com/libarchive/libarchive/issues/834
@@ -91379,7 +91440,7 @@ CVE-2016-10210 (libyara/lexer.l in YARA 3.5.0 allows
remote attackers to cause a
[jessie] - yara 3.1.0-2+deb8u1
NOTE: https://github.com/VirusTotal/yara/issues/576
CVE-2016-10209 (The archive_wstring_append_from_mbs function in
archive_string.c in ...)
- {DLA-1006-1}
+ {DLA-1600-1 DLA-1006-1}
- libarchive 3.2.2-3.1 (low; bug #859456)
[stretch] - libarchive <no-dsa> (Minor issue)
NOTE: https://github.com/libarchive/libarchive/issues/842
@@ -92431,7 +92492,7 @@ CVE-2017-5603 (An incorrect implementation of
"XEP-0280: Message Carbons&qu
CVE-2017-5602 (An incorrect implementation of "XEP-0280: Message
Carbons" in multiple ...)
- jappix <itp> (bug #619347)
CVE-2017-5601 (An error in the lha_read_file_header_1() function ...)
- {DLA-810-1}
+ {DLA-1600-1 DLA-810-1}
- libarchive 3.2.1-6 (bug #853278)
NOTE: Fixed by:
https://github.com/libarchive/libarchive/commit/98dcbbf0bf4854bf987557e55e55fff7abbf3ea9
NOTE: https://secunia.com/secunia_research/2017-3/
@@ -109040,34 +109101,34 @@ CVE-2014-9910 (An elevation of privilege
vulnerability in the Broadcom Wi-Fi dri
CVE-2014-9909 (An elevation of privilege vulnerability in the Broadcom Wi-Fi
driver ...)
NOT-FOR-US: Android Broadcom driver
CVE-2016-9106 (Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU
(aka ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #842463)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02623.html
NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/4
NOTE:
http://git.qemu.org/?p=qemu.git;a=commit;h=fdfcc9aeea1492f4b819a24c94dfb678145b1bf9
CVE-2016-9105 (Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU
(aka ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #842463)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02608.html
NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/3
NOTE:
http://git.qemu.org/?p=qemu.git;a=commit;h=4c1586787ff43c9acd18a56c12d720e3e6be9f7c
CVE-2016-9104 (Multiple integer overflows in the (1) v9fs_xattr_read and (2)
...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #842463)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02942.html
NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/2
CVE-2016-9103 (The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka
Quick ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #842463)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01790.html
NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/1
NOTE:
http://git.qemu.org/?p=qemu.git;a=commit;h=eb687602853b4ae656e9236ee4222609f3a6887d
CVE-2016-9102 (Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in
QEMU ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #842463)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01861.html
@@ -109075,7 +109136,7 @@ CVE-2016-9102 (Memory leak in the v9fs_xattrcreate
function in hw/9pfs/9p.c in Q
NOTE: http://www.openwall.com/lists/oss-security/2016/10/27/15
NOTE:
http://git.qemu.org/?p=qemu.git;a=commit;h=ff55e94d23ae94c8628b0115320157c763eb3e06
CVE-2016-9101 (Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator)
allows ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #842455)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg03024.html
@@ -110008,13 +110069,13 @@ CVE-2016-1000034
CVE-2016-1000032 (TGCaptcha2 version 0.3.0 is vulnerable to a replay attack
due to a ...)
NOT-FOR-US: TGCaptcha2
CVE-2016-8910 (The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU
(aka ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #841955)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html
NOTE: http://www.openwall.com/lists/oss-security/2016/10/24/2
CVE-2016-8909 (The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU
(aka Quick ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #841950)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg04717.html
@@ -110230,13 +110291,13 @@ CVE-2016-8690 (The bmp_getdata function in
libjasper/bmp/bmp_dec.c in JasPer bef
NOTE: The original fix is incomplete resulting in two follow ups
CVE-2016-8884 and
NOTE: CVE-2016-8885.
CVE-2016-8689 (The read_Header function in archive_read_support_format_7zip.c
in ...)
- {DLA-661-1}
+ {DLA-1600-1 DLA-661-1}
- libarchive 3.2.1-5 (bug #840934)
NOTE:
https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-read_header-archive_read_support_format_7zip-c/
NOTE: https://github.com/libarchive/libarchive/issues/761
NOTE: Fixed by:
https://github.com/libarchive/libarchive/commit/7f17c791dcfd8c0416e2cd2485b19410e47ef126
CVE-2016-8688 (The mtree bidder in libarchive 3.2.1 does not keep track of
line sizes ...)
- {DLA-661-1}
+ {DLA-1600-1 DLA-661-1}
- libarchive 3.2.1-5 (bug #840935)
NOTE:
https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-detect_form-archive_read_support_format_mtree-c/
NOTE:
https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-memory-corruptionunknown-crash-in-bid_entry-archive_read_support_format_mtree-c/
@@ -110245,7 +110306,7 @@ CVE-2016-8688 (The mtree bidder in libarchive 3.2.1
does not keep track of line
NOTE:
https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-use-after-free-in-detect_form-archive_read_support_format_mtree-c/
NOTE: Fixed by:
https://github.com/libarchive/libarchive/commit/eec077f52bfa2d3f7103b4b74d52572ba8a15aca
CVE-2016-8687 (Stack-based buffer overflow in the safe_fprintf function in
tar/util.c ...)
- {DLA-661-1}
+ {DLA-1600-1 DLA-661-1}
- libarchive 3.2.1-5 (bug #840936)
NOTE:
https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-stack-based-buffer-overflow-in-bsdtar_expand_char-util-c/
NOTE: Fixed by:
https://github.com/libarchive/libarchive/commit/e37b620fe8f14535d737e89a4dcabaed4517bf1a
@@ -110884,13 +110945,13 @@ CVE-2016-8602 (The .sethalftone5 function in
psi/zht2.c in Ghostscript before 9.
CVE-2016-8601
REJECTED
CVE-2016-8578 (The v9fs_iov_vunmarshal function in fsdev/9p-iov-marshal.c in
QEMU ...)
- {DLA-679-1 DLA-678-1}
+ {DLA-1599-1 DLA-679-1 DLA-678-1}
- qemu 1:2.8+dfsg-1 (bug #840340)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07143.html
NOTE:
http://git.qemu.org/?p=qemu.git;a=commit;h=ba42ebb863ab7d40adc79298422ed9596df8f73a
CVE-2016-8577 (Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU
(aka ...)
- {DLA-679-1 DLA-678-1}
+ {DLA-1599-1 DLA-679-1 DLA-678-1}
- qemu 1:2.8+dfsg-1 (bug #840341)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07127.html
@@ -111665,6 +111726,7 @@ CVE-2016-7422 (The virtqueue_map_desc function in
hw/virtio/virtio.c in QEMU (ak
NOTE: Introduced by:
http://git.qemu.org/?p=qemu.git;a=commit;h=3b3b0628217e2726069990ff9942a5d6d9816bd7
(v2.6.0-rc0)
NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/4
CVE-2016-7421 (The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c
in QEMU ...)
+ {DLA-1599-1}
- qemu 1:2.7+dfsg-1 (bug #838147)
[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced
after 1.5)
- qemu-kvm <not-affected> (Vulnerable code not present, introduced
after 1.5)
@@ -113098,12 +113160,12 @@ CVE-2016-7910 (Use-after-free vulnerability in the
disk_seqf_stop function in ..
[jessie] - linux 3.16.39-1
NOTE: Fixed by:
https://git.kernel.org/linus/77da160530dd1dc94f6ae15a981f24e5f0021e84 (v4.8-rc1)
CVE-2016-7909 (The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka
Quick ...)
- {DLA-698-1 DLA-689-1}
+ {DLA-1599-1 DLA-698-1 DLA-689-1}
- qemu 1:2.8+dfsg-1 (bug #839834)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07942.html
CVE-2016-7908 (The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka
Quick ...)
- {DLA-653-1 DLA-652-1}
+ {DLA-1599-1 DLA-653-1 DLA-652-1}
- qemu 1:2.8+dfsg-1 (bug #839835)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05557.html
@@ -114915,7 +114977,7 @@ CVE-2016-7172 (NetApp Snap Creator Framework before
4.3.1 discloses sensitive ..
CVE-2016-7171 (NetApp Plug-in for Symantec NetBackup prior to version 2.0.1
makes use ...)
NOT-FOR-US: NetApp
CVE-2016-7170 (The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU
(aka ...)
- {DLA-653-1 DLA-652-1}
+ {DLA-1599-1 DLA-653-1 DLA-652-1}
- qemu 1:2.8+dfsg-1 (bug #837316)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01764.html
@@ -114950,7 +115012,7 @@ CVE-2016-7162 (The _g_file_remove_directory function
in file-utils.c in File Rol
NOTE: Introduced by:
https://git.gnome.org/browse/file-roller/commit/?id=34b64f3a897c4b4e8e180c028f326bc921eb08ec
(3.5.4)
NOTE: Fixed by:
https://git.gnome.org/browse/file-roller/commit/?id=f70be1f41688859ec8dbe266df35a1839ceb96c5
(3.20.3)
CVE-2016-7161 (Heap-based buffer overflow in the .receive callback of ...)
- {DLA-653-1 DLA-652-1}
+ {DLA-1599-1 DLA-653-1 DLA-652-1}
- qemu 1:2.7+dfsg-1 (bug #838850)
- qemu-kvm <removed>
NOTE:
http://git.qemu.org/?p=qemu.git;a=commit;h=a0d1cbdacff5df4ded16b753b38fdd9da6092968
(2.7.0-rc3)
@@ -115026,6 +115088,7 @@ CVE-2016-7122 (The avi_read_nikon function in
libavformat/avidec.c in FFmpeg bef
CVE-2016-7121
RESERVED
CVE-2016-7155 (hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local
guest ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-3.1 (bug #837174)
[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced
after v1.5)
- qemu-kvm <removed>
@@ -115035,6 +115098,7 @@ CVE-2016-7155 (hw/scsi/vmw_pvscsi.c in QEMU (aka
Quick Emulator) allows local gu
NOTE: http://www.openwall.com/lists/oss-security/2016/09/06/2
NOTE: Vulnerable code introduced after version 1.5:
http://wiki.qemu.org/ChangeLog/1.5
CVE-2016-7156 (The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in
QEMU ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-3.1 (bug #837339)
[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced
after v1.5)
- qemu-kvm <removed>
@@ -115253,7 +115317,7 @@ CVE-2016-7118 (fs/fcntl.c in the "aufs
3.2.x+setfl-debian" patch in th
NOTE: released version, thus should be n/a. wheezy OTOH, has already
the issue in a released version. Issue then was fixed in 3.2.81-2 in DLA-609-1
NOTE: http://www.openwall.com/lists/oss-security/2016/08/31/1
CVE-2016-7116 (Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka
Quick ...)
- {DLA-619-1 DLA-618-1}
+ {DLA-1599-1 DLA-619-1 DLA-618-1}
- qemu 1:2.6+dfsg-3.1 (bug #836502)
- qemu-kvm <removed>
NOTE: Fixed by:
http://git.qemu.org/?p=qemu.git;a=commit;h=56f101ecce0eafd09e2daf1c4eeb1377d6959261
@@ -115960,6 +116024,7 @@ CVE-2016-6825 (Huawei XH620 V3, XH622 V3, and XH628
V3 servers with software bef
CVE-2016-6824 (Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with
...)
NOT-FOR-US: Huawei Campus Switch
CVE-2016-6888 (Integer overflow in the net_tx_pkt_init function in ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-3.1 (bug #834902)
[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3
introduced in 1.5)
- qemu-kvm <removed>
@@ -116446,6 +116511,7 @@ CVE-2016-6833 (Use-after-free vulnerability in the
vmxnet3_io_bar0_write functio
NOTE: Upstream patch:
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01602.html
NOTE: http://www.openwall.com/lists/oss-security/2016/08/12/1
CVE-2016-6834 (The net_tx_pkt_do_sw_fragmentation function in
hw/net/net_tx_pkt.c in ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-3.1 (bug #834905)
[wheezy] - qemu <not-affected> (Vulnerable code not present, packet
abstraction introduced in 1.5)
- qemu-kvm <removed>
@@ -116462,6 +116528,7 @@ CVE-2016-6835 (The vmxnet_tx_pkt_parse_headers
function in hw/net/vmxnet_tx_pkt.
NOTE: Upstream patch:
https://lists.gnu.org/archive/html/qemu-stable/2016-08/msg00077.html
NOTE: http://www.openwall.com/lists/oss-security/2016/08/11/7
CVE-2016-6836 (The vmxnet3_complete_packet function in hw/net/vmxnet3.c in
QEMU (aka ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-3.1 (bug #834944)
[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3
introduced in 1.5)
- qemu-kvm <removed>
@@ -117862,7 +117929,7 @@ CVE-2016-6354 (Heap-based buffer overflow in the
yy_get_next_buffer function in
NOTE: Intorduced by:
https://github.com/westes/flex/commit/9ba3187a537d6a58d345f2874d06087fd4050399
(flex-2-5-36)
NOTE: Fixed by:
https://github.com/westes/flex/commit/a5cbe929ac3255d371e698f62dc256afe7006466
(v2.6.1)
CVE-2016-6351 (The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick
Emulator), ...)
- {DLA-574-1 DLA-573-1}
+ {DLA-1599-1 DLA-574-1 DLA-573-1}
- qemu 1:2.6+dfsg-3.1 (bug #832621)
- qemu-kvm <removed>
NOTE: Fixed by:
http://git.qemu.org/?p=qemu.git;a=commit;h=926cde5f3e4d2504ed161ed0cb771ac7cad6fd11
(v2.7.0-rc0)
@@ -121085,6 +121152,7 @@ CVE-2016-5360 (HAproxy 1.6.x before 1.6.6, when a
deny comes from a reqdeny rule
[jessie] - haproxy <not-affected> (Issue introduced in 1.6.0)
NOTE: Fixed by:
http://git.haproxy.org/?p=haproxy-1.6.git;a=commit;h=60f01f8c89e4fb2723d5a9f2046286e699567e0b
CVE-2016-5338 (The (1) esp_reg_read and (2) esp_reg_write functions in
hw/scsi/esp.c ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-2 (bug #827024)
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -121093,6 +121161,7 @@ CVE-2016-5338 (The (1) esp_reg_read and (2)
esp_reg_write functions in hw/scsi/e
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01507.html
NOTE:
http://git.qemu.org/?p=qemu.git;a=commit;h=ff589551c8e8e9e95e211b9d8daafb4ed39f1aec
CVE-2016-5337 (The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU
allows ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-2 (bug #827026)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <not-affected> (Vulnerable code not present)
@@ -121386,7 +121455,7 @@ CVE-2015-8916 (bsdtar in libarchive before 3.2.0
returns a success code without
NOTE: https://github.com/libarchive/libarchive/issues/504
NOTE: Fixed by https://github.com/libarchive/libarchive/commit/b2e2abb
CVE-2015-8915 (bsdcpio in libarchive before 3.2.0 allows remote attackers to
cause a ...)
- {DLA-617-1}
+ {DLA-1600-1 DLA-617-1}
- libarchive 3.2.0-2 (low; bug #784213)
[squeeze] - libarchive <no-dsa> (Minor issue)
NOTE: https://github.com/libarchive/libarchive/issues/503
@@ -121951,6 +122020,7 @@ CVE-2016-5239 (The gnuplot delegate functionality in
ImageMagick before 6.9.4-0
NOTE:
http://git.imagemagick.org/repos/ImageMagick/commit/70a2cf326ed32bedee144b961005c63846541a16
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/e38b4f74ca19
CVE-2016-5238 (The get_cmd function in hw/scsi/esp.c in QEMU might allow local
guest ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-3 (bug #826152)
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -122939,6 +123009,7 @@ CVE-2016-XXXX [AST-2016-005]
[wheezy] - asterisk <not-affected> (Only affects 13.x)
NOTE: http://downloads.asterisk.org/pub/security/AST-2016-005.html
CVE-2016-5107 (The megasas_lookup_frame function in QEMU, when built with
MegaRAID ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-2 (bug #825616)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <not-affected> (Vulnerable code not present)
@@ -122946,12 +123017,14 @@ CVE-2016-5107 (The megasas_lookup_frame function in
QEMU, when built with MegaRA
NOTE: Introduced after:
http://git.qemu.org/?p=qemu.git;a=commit;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09
(v1.2.0-rc0)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1336461
CVE-2016-5106 (The megasas_dcmd_set_properties function in hw/scsi/megasas.c
in QEMU, ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-2 (bug #825615)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <not-affected> (Vulnerable code not present)
NOTE: Introduced after:
http://git.qemu.org/?p=qemu.git;a=commit;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09
(v1.2.0-rc0)
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04340.html
CVE-2016-5105 (The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in
QEMU, when ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-2 (bug #825614)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <not-affected> (Vulnerable code not present)
@@ -123219,6 +123292,7 @@ CVE-2016-XXXX [mediawiki issues from 1.26.3, 1.25.6
and 1.23.14]
[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
NOTE:
https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-May/000188.html
CVE-2016-4952 (QEMU (aka Quick Emulator), when built with VMWARE PVSCSI
paravirtual ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-2 (bug #825210)
[wheezy] - qemu <not-affected> (VMWare PVSCSI paravirtual device
implementation introduced later)
- qemu-kvm <not-affected> (VMWare PVSCSI paravirtual device
implementation introduced later)
@@ -124549,6 +124623,7 @@ CVE-2016-4457 (CloudForms Management Engine before
5.8 includes a default SSL/TL
CVE-2016-4455 (The Subscription Manager package (aka subscription-manager)
before ...)
NOT-FOR-US: Red Hat Subscription Manager
CVE-2016-4454 (The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in
QEMU ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-3
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -124556,6 +124631,7 @@ CVE-2016-4454 (The vmsvga_fifo_read_raw function in
hw/display/vmware_vga.c in Q
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg05271.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1336429
CVE-2016-4453 (The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU
allows ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-3
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -124598,6 +124674,7 @@ CVE-2016-4443 (Red Hat Enterprise Virtualization
(RHEV) Manager 3.6 allows local
CVE-2016-4442 (The rack-mini-profiler gem before 0.10.1 for Ruby allows remote
...)
NOT-FOR-US: rack-mini-profiler gem
CVE-2016-4441 (The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI
...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-2 (bug #824856)
[wheezy] - qemu <no-dsa> (Minor issue; can be fixed along with a future
DSA)
- qemu-kvm <removed>
@@ -124612,7 +124689,7 @@ CVE-2016-4440 (arch/x86/kvm/vmx.c in the Linux kernel
through 4.6.3 mishandles t
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1337806
NOTE: http://comments.gmane.org/gmane.comp.emulators.kvm.devel/152100
CVE-2016-4439 (The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast
SCSI ...)
- {DLA-574-1 DLA-573-1}
+ {DLA-1599-1 DLA-574-1 DLA-573-1}
- qemu 1:2.6+dfsg-2 (bug #824856)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03273.html
@@ -125706,6 +125783,7 @@ CVE-2016-4032 (Samsung SM-G920F build G920FXXU2COH2
(Galaxy S6), SM-N9005 build
CVE-2016-4031 (Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005
build ...)
NOT-FOR-US: Samsung
CVE-2016-4037 (The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU
allows ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-1 (bug #822344)
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -125795,7 +125873,7 @@ CVE-2016-4003 (Cross-site scripting (XSS)
vulnerability in the URLDecoder functi
- libstruts1.2-java <not-affected> (Only affects 2.x)
NOTE: http://struts.apache.org/docs/s2-028.html
CVE-2016-4020 (The patch_instruction function in hw/i386/kvmvapic.c in QEMU
does not ...)
- {DLA-574-1 DLA-573-1}
+ {DLA-1599-1 DLA-574-1 DLA-573-1}
- qemu 1:2.6+dfsg-2 (bug #821062)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01118.html
@@ -125884,6 +125962,7 @@ CVE-2016-3978 (The Web User Interface (WebUI) in
FortiOS 5.0.x before 5.0.13, 5.
CVE-2015-8841 (Heap-based buffer overflow in the Archive support module in
ESET NOD32 ...)
NOT-FOR-US: ESET NOD32
CVE-2016-4002 (Buffer overflow in the mipsnet_receive function in
hw/net/mipsnet.c in ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-2 (bug #821061)
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -125892,6 +125971,7 @@ CVE-2016-4002 (Buffer overflow in the mipsnet_receive
function in hw/net/mipsnet
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01131.html
NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/6
CVE-2016-4001 (Buffer overflow in the stellaris_enet_receive function in ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-1 (bug #821038)
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -128977,6 +129057,7 @@ CVE-2016-3141 (Use-after-free vulnerability in wddx.c
in the WDDX extension in P
NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/5
NOTE: http://www.openwall.com/lists/oss-security/2016/03/13/1
CVE-2016-2858 (QEMU, when built with the Pseudo Random Number Generator (PRNG)
...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-1 (bug #817183)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
[squeeze] - qemu <not-affected> (Vulnerable code not present)
@@ -129002,7 +129083,7 @@ CVE-2016-8000
CVE-2016-2840 (An issue was discovered in Open-Xchange Server 6 / OX AppSuite
before ...)
NOT-FOR-US: Open-Xchange
CVE-2016-2857 (The net_checksum_calculate function in net/checksum.c in QEMU
allows ...)
- {DLA-574-1 DLA-573-1}
+ {DLA-1599-1 DLA-574-1 DLA-573-1}
- qemu 1:2.6+dfsg-1 (bug #817182)
- qemu-kvm <removed>
NOTE:
http://git.qemu.org/?p=qemu.git;a=commit;h=362786f14a753d8a5256ef97d7c10ed576d6572b
(v2.6.0-rc0)
@@ -129327,6 +129408,7 @@ CVE-2015-8820 (Adobe Flash Player before 18.0.0.268
and 19.x and 20.x before ...
CVE-2015-8819
RESERVED
CVE-2016-2841 (The ne2000_receive function in the NE2000 NIC emulation support
...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-1 (bug #817181)
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -130243,6 +130325,7 @@ CVE-2016-2512 (The utils.http.is_safe_url function in
Django before 1.8.10 and 1
- python-django 1.9.4-1 (bug #816434)
NOTE:
https://www.djangoproject.com/weblog/2016/mar/01/security-releases/
CVE-2016-2538 (Multiple integer overflows in the USB Net device emulator ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-1 (bug #815680)
[wheezy] - qemu <no-dsa> (Minor issue)
[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -130574,6 +130657,7 @@ CVE-2015-8815 (Multiple cross-site scripting (XSS)
vulnerabilities in Umbraco be
CVE-2015-8814 (Umbraco before 7.4.0 allows remote attackers to bypass
anti-forgery ...)
NOT-FOR-US: Umbraco
CVE-2016-2392 (The is_rndis function in the USB Net device emulator ...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-1 (bug #815008)
[wheezy] - qemu <no-dsa> (Minor issue)
[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -130583,6 +130667,7 @@ CVE-2016-2392 (The is_rndis function in the USB Net
device emulator ...)
NOTE:
http://git.qemu.org/?p=qemu.git;a=commit;h=80eecda8e5d09c442c24307f340840a5b70ea3b9
(v2.6.0-rc0)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1302299
CVE-2016-2391 (The ohci_bus_start function in the USB OHCI emulation support
...)
+ {DLA-1599-1}
- qemu 1:2.6+dfsg-1 (bug #815009)
[wheezy] - qemu <no-dsa> (Minor issue)
[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc21234fba1dcd3b95f7fbdcbb5e21b8af416419
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc21234fba1dcd3b95f7fbdcbb5e21b8af416419
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
