Author: sectracker
Date: 2017-03-20 09:10:13 +0000 (Mon, 20 Mar 2017)
New Revision: 49831
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-20 07:16:50 UTC (rev 49830)
+++ data/CVE/list 2017-03-20 09:10:13 UTC (rev 49831)
@@ -1,7 +1,21 @@
-CVE-2017-7184
+CVE-2017-7185
+ RESERVED
+CVE-2017-7183
+ RESERVED
+CVE-2017-7182
+ RESERVED
+CVE-2017-7181
+ RESERVED
+CVE-2017-7180
+ RESERVED
+CVE-2017-7179
+ RESERVED
+CVE-2016-10253 (An issue was discovered in Erlang/OTP 18.x. Erlang's
generation of ...)
+ TODO: check
+CVE-2017-7184 (The linux-image-* package 4.8.0.41.52 for the Linux kernel on
Ubuntu ...)
- linux <undetermined>
TODO: check as soon more details are available to see if this is
specific to Ubuntu
-CVE-2017-7186
+CVE-2017-7186 (libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote
...)
- pcre3 <unfixed> (bug #858230)
- pcre2 <unfixed> (bug #858233)
NOTE: https://bugs.exim.org/show_bug.cgi?id=2052
@@ -9,7 +23,7 @@
NOTE:
https://vcs.pcre.org/pcre/code/trunk/pcre_ucd.c?r1=1490&r2=1688&sortby=date
(for pcre3)
NOTE:
https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_ucd.c?r1=316&r2=670&sortby=date
(for pcre2)
NOTE:
https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_internal.h?r1=600&r2=670&sortby=date
(for pcre2)
-CVE-2017-7178 [WebUI Cross-site request forgery vulnerability]
+CVE-2017-7178 (CSRF was discovered in the web UI in Deluge before 1.3.14. The
...)
{DLA-863-1}
- deluge 1.3.13+git20161130.48cedf63-2 (bug #857903)
[jessie] - deluge <no-dsa> (Minor issue)
@@ -1702,7 +1716,7 @@
[wheezy] - suricata <not-affected> (vulnerable code not present)
NOTE: https://redmine.openinfosecfoundation.org/issues/2022
NOTE: Fixed by:
https://github.com/inliniac/suricata/commit/20990f7a7eb7939946a275dfc9a95426b0080a19
(3.2.1)
-CVE-2017-7177 [IPv4 defrag evasion issue]
+CVE-2017-7177 (Suricata before 3.2.1 has an IPv4 defragmentation evasion issue
caused ...)
- suricata 3.2.1-1 (bug #856649)
NOTE: https://redmine.openinfosecfoundation.org/issues/2019
NOTE: Fixed by:
https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8
(3.2.1)
@@ -1852,7 +1866,7 @@
RESERVED
CVE-2015-8995
RESERVED
-CVE-2014-9938 [git-prompt.sh: don't put unsanitized branch names in $PS1]
+CVE-2014-9938 (contrib/completion/git-prompt.sh in Git before 1.9.3 does not
sanitize ...)
- git 1:2.0.0~rc2-1
NOTE:
https://github.com/git/git/commit/8976500cbbb13270398d3b3e07a17b8cc7bff43f
NOTE: https://github.com/njhartwell/pw3nage
@@ -4064,8 +4078,8 @@
RESERVED
CVE-2017-5624 (An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3
and 3T. ...)
NOT-FOR-US: OxygenOS
-CVE-2017-5623
- RESERVED
+CVE-2017-5623 (An issue was discovered in OxygenOS before 4.1.0 on OnePlus 3
and 3T ...)
+ TODO: check
CVE-2017-5622
RESERVED
CVE-2017-5621 (An issue was discovered in Zammad before 1.0.4, 1.1.x before
1.1.3, and ...)
@@ -20309,8 +20323,8 @@
RESERVED
CVE-2016-8856 (Foxit Reader for Mac 2.1.0.0804 and earlier and Foxit Reader
for Linux ...)
NOT-FOR-US: Foxit
-CVE-2016-8855
- RESERVED
+CVE-2016-8855 (Cross-Site Scripting (XSS) in
"/sitecore/client/Applications/List ...)
+ TODO: check
CVE-2016-8854
REJECTED
CVE-2016-8853
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
