Author: sectracker
Date: 2015-10-22 21:10:12 +0000 (Thu, 22 Oct 2015)
New Revision: 37258
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-10-22 20:38:29 UTC (rev 37257)
+++ data/CVE/list 2015-10-22 21:10:12 UTC (rev 37258)
@@ -1,3 +1,25 @@
+CVE-2015-7883
+ RESERVED
+CVE-2015-7882
+ RESERVED
+CVE-2015-7881
+ RESERVED
+CVE-2015-7880
+ RESERVED
+CVE-2015-7879
+ RESERVED
+CVE-2015-7878
+ RESERVED
+CVE-2015-7877
+ RESERVED
+CVE-2015-7876 (The escapeLike function in sqlsrv/database.inc in the Drupal 7
driver ...)
+ TODO: check
+CVE-2015-7875
+ RESERVED
+CVE-2015-7874
+ RESERVED
+CVE-2015-7873
+ RESERVED
CVE-2015-XXXX [Open Redirect - SA-CORE-2015-004]
- drupal7 7.41-1
NOTE: https://www.drupal.org/SA-CORE-2015-004
@@ -3,9 +25,11 @@
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2015/10/21/6
CVE-2015-7885
+ RESERVED
- linux <unfixed>
- linux-2.6 <removed>
NOTE:
http://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/?id=4b6184336ebb5c8dc1eae7f7ab46ee608a748b05
TODO: check
CVE-2015-7884
+ RESERVED
- linux <unfixed>
- linux-2.6 <removed>
@@ -93,6 +117,7 @@
CVE-2015-7841
RESERVED
CVE-2015-7872 [Keyrings crash triggerable by unprivileged user]
+ RESERVED
- linux <unfixed>
- linux-2.6 <removed>
[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
@@ -138,10 +163,10 @@
RESERVED
CVE-2015-7824
RESERVED
-CVE-2015-7823
- RESERVED
-CVE-2015-7822
- RESERVED
+CVE-2015-7823 (Open redirect vulnerability in CMSPages/GetDocLink.ashx in
Kentico CMS ...)
+ TODO: check
+CVE-2015-7822 (Multiple cross-site scripting (XSS) vulnerabilities in Kentico
CMS 8.2 ...)
+ TODO: check
CVE-2015-7821
RESERVED
CVE-2015-7820
@@ -208,6 +233,7 @@
NOTE: Not a security flaw as the under-read does not depend on input
CVE-2015-7801 [Use after free]
RESERVED
+ {DLA-332-1}
- optipng 0.7.5-1
CVE-2015-7800
RESERVED
@@ -499,9 +525,11 @@
RESERVED
CVE-2015-7697 [Infinite loop when extracting password-protected archive]
RESERVED
+ {DLA-330-1}
- unzip 6.0-19 (bug #802160)
CVE-2015-7696 [Heap buffer overflow when extracting password-protected archive]
RESERVED
+ {DLA-330-1}
- unzip 6.0-19 (bug #802162)
CVE-2015-7695 [ZF2015-08: Potential SQL injection vector using null byte for
PDO (MsSql, SQLite)]
RESERVED
@@ -745,8 +773,7 @@
CVE-2015-XXXX [trivial hash complexity DoS attack]
- php5 <unfixed> (bug #800564)
NOTE: https://bugs.php.net/bug.php?id=70644
-CVE-2015-7698 [oc-sa-2015-017]
- RESERVED
+CVE-2015-7698 (icewind1991 SMB before 1.0.3 allows remote authenticated users
to ...)
- php-smb 1.0.3a-1
NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-017
CVE-2015-7699 [oc-sa-2015-018]
@@ -1385,8 +1412,8 @@
RESERVED
CVE-2015-7300
RESERVED
-CVE-2015-7299
- RESERVED
+CVE-2015-7299 (SQL injection vulnerability in Runtime/Runtime/AjaxCall.ashx in
K2 ...)
+ TODO: check
CVE-2015-7298 [Improper validation of certificates when using self-signed
certificates]
RESERVED
- owncloud-client <unfixed>
@@ -4615,13 +4642,11 @@
NOTE:
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/
CVE-2015-5955
RESERVED
-CVE-2015-5954 [Disclosure of users files when deleting parent folders of
shared files]
- RESERVED
+CVE-2015-5954 (The virtual filesystem in ownCloud Server before 6.0.9, 7.0.x
before ...)
{DSA-3373-1}
- owncloud 7.0.7~dfsg-1
NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-011
-CVE-2015-5953 [Stored XSS in "activity" application]
- RESERVED
+CVE-2015-5953 (Cross-site scripting (XSS) vulnerability in the activity
application ...)
{DSA-3373-1}
- owncloud 7.0.6+dfsg-1
NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-010
@@ -6137,6 +6162,7 @@
CVE-2012-6693 (GE Healthcare Centricity PACS 4.0 Server has a default password
of (1) ...)
NOT-FOR-US: GE Healthcare Centricity PACS
CVE-2011-5325 [Directory traversal via crafted tar file which contains a
symlink pointing outside of the current directory]
+ RESERVED
- busybox <unfixed> (bug #802702)
CVE-2011-5324 (The TeraRecon server, as used in GE Healthcare Centricity
PACS-IW ...)
NOT-FOR-US: GE Healthcare Centricity PACS-IW
@@ -6361,6 +6387,7 @@
NOTE:
https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch
CVE-2015-5291 [Remote attack on clients using session tickets or SNI]
RESERVED
+ {DLA-331-1}
- polarssl <unfixed> (bug #801413)
NOTE:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5291
@@ -7451,411 +7478,359 @@
RESERVED
CVE-2015-4918
RESERVED
-CVE-2015-4917
- RESERVED
-CVE-2015-4916
- RESERVED
+CVE-2015-4917 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
+ TODO: check
+CVE-2015-4916 (Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX
2.2.85 ...)
- openjfx <unfixed>
-CVE-2015-4915
- RESERVED
-CVE-2015-4914
- RESERVED
-CVE-2015-4913
- RESERVED
+CVE-2015-4915 (Unspecified vulnerability in the Integrated Lights Out Manager
(ILOM) ...)
+ TODO: check
+CVE-2015-4914 (Unspecified vulnerability in the Oracle HTTP Server component
in ...)
+ TODO: check
+CVE-2015-4913 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and
earlier ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <unfixed> (bug #802564)
- mariadb-10.0 <undetermined>
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4912
- RESERVED
-CVE-2015-4911
- RESERVED
+CVE-2015-4912 (Unspecified vulnerability in the Oracle Access Manager
component in ...)
+ TODO: check
+CVE-2015-4911 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and
8u60; ...)
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
-CVE-2015-4910
- RESERVED
+CVE-2015-4910 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and
earlier ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4909
- RESERVED
-CVE-2015-4908
- RESERVED
+CVE-2015-4909 (Unspecified vulnerability in the Oracle JDeveloper component in
Oracle ...)
+ TODO: check
+CVE-2015-4908 (Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX
2.2.85 ...)
- openjfx <unfixed>
-CVE-2015-4907
- RESERVED
-CVE-2015-4906
- RESERVED
+CVE-2015-4907 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows
local ...)
+ TODO: check
+CVE-2015-4906 (Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX
2.2.85 ...)
- openjfx <unfixed>
-CVE-2015-4905
- RESERVED
+CVE-2015-4905 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and
earlier ...)
- mysql-5.6 5.6.25-2
- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4904
- RESERVED
+CVE-2015-4904 (Unspecified vulnerability in Oracle MySQL Server 5.6.25 and
earlier ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4903
- RESERVED
+CVE-2015-4903 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and
8u60, and ...)
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
-CVE-2015-4902
- RESERVED
+CVE-2015-4902 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and
8u60 ...)
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK,
only present in Oracle Java)
- openjdk-8 <not-affected> (Deployment components not part of OpenJDK,
only present in Oracle Java)
-CVE-2015-4901
- RESERVED
+CVE-2015-4901 (Unspecified vulnerability in Oracle Java SE 8u60 allows remote
...)
- openjfx <unfixed>
-CVE-2015-4900
- RESERVED
-CVE-2015-4899
- RESERVED
-CVE-2015-4898
- RESERVED
+CVE-2015-4900 (Unspecified vulnerability in the XDB - XML Database component
in ...)
+ TODO: check
+CVE-2015-4899 (Unspecified vulnerability in the Oracle GlassFish Server
component in ...)
+ TODO: check
+CVE-2015-4898 (Unspecified vulnerability in the Oracle Applications Framework
...)
+ TODO: check
CVE-2015-4897
RESERVED
-CVE-2015-4896
- RESERVED
+CVE-2015-4896 (Unspecified vulnerability in the Oracle VM VirtualBox component
in ...)
- virtualbox <unfixed>
- virtualbox-ose <removed>
-CVE-2015-4895
- RESERVED
+CVE-2015-4895 (Unspecified vulnerability in Oracle MySQL Server 5.6.25 and
earlier ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4894
- RESERVED
-CVE-2015-4893
- RESERVED
+CVE-2015-4894 (Unspecified vulnerability in the Mobile Server component in
Oracle ...)
+ TODO: check
+CVE-2015-4893 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and
8u60; ...)
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
-CVE-2015-4892
- RESERVED
-CVE-2015-4891
- RESERVED
-CVE-2015-4890
- RESERVED
+CVE-2015-4892 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
+ TODO: check
+CVE-2015-4891 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows
local ...)
+ TODO: check
+CVE-2015-4890 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and
earlier ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
CVE-2015-4889
RESERVED
-CVE-2015-4888
- RESERVED
-CVE-2015-4887
- RESERVED
-CVE-2015-4886
- RESERVED
+CVE-2015-4888 (Unspecified vulnerability in the Java VM component in Oracle
Database ...)
+ TODO: check
+CVE-2015-4887 (Unspecified vulnerability in the PeopleSoft Enterprise HCM
component ...)
+ TODO: check
+CVE-2015-4886 (Unspecified vulnerability in the Oracle Report Manager
component in ...)
+ TODO: check
CVE-2015-4885
RESERVED
-CVE-2015-4884
- RESERVED
-CVE-2015-4883
- RESERVED
+CVE-2015-4884 (Unspecified vulnerability in the Oracle Application Object
Library ...)
+ TODO: check
+CVE-2015-4883 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and
8u60, and ...)
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
-CVE-2015-4882
- RESERVED
+CVE-2015-4882 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and
8u60, and ...)
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
-CVE-2015-4881
- RESERVED
+CVE-2015-4881 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and
8u60, and ...)
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
-CVE-2015-4880
- RESERVED
-CVE-2015-4879
- RESERVED
+CVE-2015-4880 (Unspecified vulnerability in the Oracle WebCenter Content
component in ...)
+ TODO: check
+CVE-2015-4879 (Unspecified vulnerability in Oracle MySQL Server 5.5.44 and
earlier, ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <unfixed> (bug #802564)
- mariadb-10.0 <undetermined>
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4878
- RESERVED
-CVE-2015-4877
- RESERVED
-CVE-2015-4876
- RESERVED
-CVE-2015-4875
- RESERVED
-CVE-2015-4874
- RESERVED
-CVE-2015-4873
- RESERVED
-CVE-2015-4872
- RESERVED
+CVE-2015-4878 (Unspecified vulnerability in the Oracle Outside In Technology
...)
+ TODO: check
+CVE-2015-4877 (Unspecified vulnerability in the Oracle Outside In Technology
...)
+ TODO: check
+CVE-2015-4876 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
+ TODO: check
+CVE-2015-4875 (Unspecified vulnerability in the Enterprise Manager Base
Platform ...)
+ TODO: check
+CVE-2015-4874 (Unspecified vulnerability in the Enterprise Manager Base
Platform ...)
+ TODO: check
+CVE-2015-4873 (Unspecified vulnerability in the Database Scheduler component
in ...)
+ TODO: check
+CVE-2015-4872 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and
8u60; ...)
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
-CVE-2015-4871
- RESERVED
+CVE-2015-4871 (Unspecified vulnerability in Oracle Java SE 7u85 allows remote
...)
- openjdk-7 <unfixed>
-CVE-2015-4870
- RESERVED
+CVE-2015-4870 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and
earlier, ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <unfixed> (bug #802564)
- mariadb-10.0 <undetermined>
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4869
- RESERVED
-CVE-2015-4868
- RESERVED
+CVE-2015-4869 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2
allows ...)
+ TODO: check
+CVE-2015-4868 (Unspecified vulnerability in Oracle Java SE 8u60 and Java SE
Embedded ...)
- openjdk-8 8u66-b17-1
-CVE-2015-4867
- RESERVED
-CVE-2015-4866
- RESERVED
+CVE-2015-4867 (Unspecified vulnerability in the Oracle WebCenter Content
component in ...)
+ TODO: check
+CVE-2015-4866 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and
earlier ...)
- mysql-5.6 5.6.25-2
- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4865
- RESERVED
-CVE-2015-4864
- RESERVED
+CVE-2015-4865 (Unspecified vulnerability in the Oracle Applications Framework
...)
+ TODO: check
+CVE-2015-4864 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and
earlier ...)
- mysql-5.6 5.6.25-2
- mysql-5.5 <unfixed>
[jessie] - mysql-5.5 5.5.44-0+deb8u1
[wheezy] - mysql-5.5 5.5.44-0+deb7u1
-CVE-2015-4863
- RESERVED
-CVE-2015-4862
- RESERVED
+CVE-2015-4863 (Unspecified vulnerability in the Portable Clusterware component
in ...)
+ TODO: check
+CVE-2015-4862 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and
earlier ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4861
- RESERVED
+CVE-2015-4861 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and
earlier, ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <unfixed> (bug #802564)
- mariadb-10.0 <undetermined>
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4860
- RESERVED
+CVE-2015-4860 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and
8u60, and ...)
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
-CVE-2015-4859
- RESERVED
-CVE-2015-4858
- RESERVED
+CVE-2015-4859 (Unspecified vulnerability in the Enterprise Manager Base
Platform ...)
+ TODO: check
+CVE-2015-4858 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and
earlier, ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <unfixed> (bug #802564)
- mariadb-10.0 <undetermined>
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4857
- RESERVED
-CVE-2015-4856
- RESERVED
+CVE-2015-4857 (Unspecified vulnerability in the RDBMS component in Oracle
Database ...)
+ TODO: check
+CVE-2015-4856 (Unspecified vulnerability in the Oracle VM VirtualBox component
in ...)
- virtualbox 5.0.0-dfsg-1
[jessie] - virtualbox 4.3.30-dfsg-1+deb8u1
[wheezy] - virtualbox 4.1.40-dfsg-1+deb7u1
- virtualbox-ose <removed>
CVE-2015-4855
RESERVED
-CVE-2015-4854
- RESERVED
+CVE-2015-4854 (Unspecified vulnerability in the Oracle Application Object
Library ...)
+ TODO: check
CVE-2015-4853
RESERVED
CVE-2015-4852
RESERVED
-CVE-2015-4851
- RESERVED
-CVE-2015-4850
- RESERVED
-CVE-2015-4849
- RESERVED
-CVE-2015-4848
- RESERVED
-CVE-2015-4847
- RESERVED
-CVE-2015-4846
- RESERVED
-CVE-2015-4845
- RESERVED
-CVE-2015-4844
- RESERVED
+CVE-2015-4851 (Unspecified vulnerability in the Oracle iSupplier Portal
component in ...)
+ TODO: check
+CVE-2015-4850 (Unspecified vulnerability in the PeopleSoft Enterprise HCM
component ...)
+ TODO: check
+CVE-2015-4849 (Unspecified vulnerability in the Oracle Payments component in
Oracle ...)
+ TODO: check
+CVE-2015-4848 (Unspecified vulnerability in the Oracle Configurator component
in ...)
+ TODO: check
+CVE-2015-4847 (Unspecified vulnerability in the Oracle Configurator component
in ...)
+ TODO: check
+CVE-2015-4846 (Unspecified vulnerability in the Oracle Applications Manager
component ...)
+ TODO: check
+CVE-2015-4845 (Unspecified vulnerability in the Oracle Application Object
Library ...)
+ TODO: check
+CVE-2015-4844 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and
8u60, and ...)
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
-CVE-2015-4843
- RESERVED
+CVE-2015-4843 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and
8u60, and ...)
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
-CVE-2015-4842
- RESERVED
+CVE-2015-4842 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and
8u60, and ...)
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
-CVE-2015-4841
- RESERVED
-CVE-2015-4840
- RESERVED
+CVE-2015-4841 (Unspecified vulnerability in the Siebel Core - Server Framework
...)
+ TODO: check
+CVE-2015-4840 (Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and
Java SE ...)
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
-CVE-2015-4839
- RESERVED
-CVE-2015-4838
- RESERVED
-CVE-2015-4837
- RESERVED
-CVE-2015-4836
- RESERVED
+CVE-2015-4839 (Unspecified vulnerability in the Oracle Applications Technology
Stack ...)
+ TODO: check
+CVE-2015-4838 (Unspecified vulnerability in the Oracle JDeveloper component in
Oracle ...)
+ TODO: check
+CVE-2015-4837 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows
local ...)
+ TODO: check
+CVE-2015-4836 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and
earlier, ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <unfixed> (bug #802564)
- mariadb-10.0 <undetermined>
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4835
- RESERVED
+CVE-2015-4835 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and
8u60, and ...)
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
-CVE-2015-4834
- RESERVED
-CVE-2015-4833
- RESERVED
+CVE-2015-4834 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows
local ...)
+ TODO: check
+CVE-2015-4833 (Unspecified vulnerability in Oracle MySQL Server 5.6.25 and
earlier ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4832
- RESERVED
-CVE-2015-4831
- RESERVED
-CVE-2015-4830
- RESERVED
+CVE-2015-4832 (Unspecified vulnerability in the Oracle Identity Manager
component in ...)
+ TODO: check
+CVE-2015-4831 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows
local ...)
+ TODO: check
+CVE-2015-4830 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and
earlier ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <unfixed> (bug #802564)
- mariadb-10.0 <undetermined>
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
CVE-2015-4829
RESERVED
-CVE-2015-4828
- RESERVED
-CVE-2015-4827
- RESERVED
-CVE-2015-4826
- RESERVED
+CVE-2015-4828 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM
component ...)
+ TODO: check
+CVE-2015-4827 (Unspecified vulnerability in the Oracle Retail Open Commerce
Platform ...)
+ TODO: check
+CVE-2015-4826 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and
earlier ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <unfixed> (bug #802564)
- mariadb-10.0 <undetermined>
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4825
- RESERVED
-CVE-2015-4824
- RESERVED
-CVE-2015-4823
- RESERVED
-CVE-2015-4822
- RESERVED
-CVE-2015-4821
- RESERVED
-CVE-2015-4820
- RESERVED
-CVE-2015-4819
- RESERVED
+CVE-2015-4825 (Unspecified vulnerability in the PeopleSoft Enterprise FIN
Expenses ...)
+ TODO: check
+CVE-2015-4824 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
+ TODO: check
+CVE-2015-4823 (Unspecified vulnerability in the Hyperion Installation
Technology ...)
+ TODO: check
+CVE-2015-4822 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows
local ...)
+ TODO: check
+CVE-2015-4821 (Unspecified vulnerability in the Integrated Lights Out Manager
(ILOM) ...)
+ TODO: check
+CVE-2015-4820 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows
local ...)
+ TODO: check
+CVE-2015-4819 (Unspecified vulnerability in Oracle MySQL Server 5.5.44 and
earlier, ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <unfixed> (bug #802564)
- mariadb-10.0 <undetermined>
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4818
- RESERVED
-CVE-2015-4817
- RESERVED
-CVE-2015-4816
- RESERVED
+CVE-2015-4818 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
+ TODO: check
+CVE-2015-4817 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows
local ...)
+ TODO: check
+CVE-2015-4816 (Unspecified vulnerability in Oracle MySQL Server 5.5.44 and
earlier ...)
- mysql-5.6 <not-affected> (Only affects MySQL 5.5)
- mysql-5.5 <unfixed> (bug #802564)
- mariadb-10.0 <undetermined>
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4815
- RESERVED
+CVE-2015-4815 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and
earlier ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <unfixed> (bug #802564)
- mariadb-10.0 <undetermined>
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
CVE-2015-4814
RESERVED
-CVE-2015-4813
- RESERVED
+CVE-2015-4813 (Unspecified vulnerability in the Oracle VM VirtualBox component
in ...)
- virtualbox <unfixed>
- virtualbox-ose <removed>
-CVE-2015-4812
- RESERVED
-CVE-2015-4811
- RESERVED
-CVE-2015-4810
- RESERVED
+CVE-2015-4812 (Unspecified vulnerability in the Oracle HTTP Server component
in ...)
+ TODO: check
+CVE-2015-4811 (Unspecified vulnerability in the Oracle Outside In Technology
...)
+ TODO: check
+CVE-2015-4810 (Unspecified vulnerability in Oracle Java SE 7u85 and 8u60
allows local ...)
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK,
only present in Oracle Java)
- openjdk-8 <not-affected> (Deployment components not part of OpenJDK,
only present in Oracle Java)
-CVE-2015-4809
- RESERVED
+CVE-2015-4809 (Unspecified vulnerability in the Oracle Outside In Technology
...)
+ TODO: check
CVE-2015-4808
RESERVED
-CVE-2015-4807
- RESERVED
+CVE-2015-4807 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and
earlier ...)
- mysql-5.6 <not-affected> (Only on Windows plattform)
- mysql-5.5 <not-affected> (Only on Windows plattform)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4806
- RESERVED
+CVE-2015-4806 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and
8u60, and ...)
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
-CVE-2015-4805
- RESERVED
+CVE-2015-4805 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and
8u60, and ...)
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
-CVE-2015-4804
- RESERVED
-CVE-2015-4803
- RESERVED
+CVE-2015-4804 (Unspecified vulnerability in the PeopleSoft Enterprise HCM
Talent ...)
+ TODO: check
+CVE-2015-4803 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and
8u60; ...)
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
-CVE-2015-4802
- RESERVED
+CVE-2015-4802 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and
earlier ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <unfixed> (bug #802564)
- mariadb-10.0 <undetermined>
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4801
- RESERVED
-CVE-2015-4800
- RESERVED
+CVE-2015-4801 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows
local ...)
+ TODO: check
+CVE-2015-4800 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and
earlier ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4799
- RESERVED
-CVE-2015-4798
- RESERVED
-CVE-2015-4797
- RESERVED
-CVE-2015-4796
- RESERVED
-CVE-2015-4795
- RESERVED
-CVE-2015-4794
- RESERVED
-CVE-2015-4793
- RESERVED
-CVE-2015-4792
- RESERVED
+CVE-2015-4799 (Unspecified vulnerability in the Oracle WebCenter Sites
component in ...)
+ TODO: check
+CVE-2015-4798 (Unspecified vulnerability in the Oracle Applications Technology
Stack ...)
+ TODO: check
+CVE-2015-4797 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
+ TODO: check
+CVE-2015-4796 (Unspecified vulnerability in the Java VM component in Oracle
Database ...)
+ TODO: check
+CVE-2015-4795 (Unspecified vulnerability in the Oracle Utilities Work and
Asset ...)
+ TODO: check
+CVE-2015-4794 (Unspecified vulnerability in the Java VM component in Oracle
Database ...)
+ TODO: check
+CVE-2015-4793 (Unspecified vulnerability in the Oracle Communications
Convergence ...)
+ TODO: check
+CVE-2015-4792 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and
earlier ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <unfixed> (bug #802564)
- mariadb-10.0 <undetermined>
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4791
- RESERVED
+CVE-2015-4791 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and
earlier ...)
- mysql-5.6 <not-affected> (Only on Windows plattform)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
@@ -7915,8 +7890,7 @@
- mysql-5.6 5.6.25-2
- mysql-5.5 <not-affected> (Only 5.6 series)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4766
- RESERVED
+CVE-2015-4766 (Unspecified vulnerability in Oracle MySQL Server 5.6.25 and
earlier ...)
- mysql-5.6 <unfixed> (bug #802563)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
@@ -7926,8 +7900,8 @@
NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
CVE-2015-4763 (Unspecified vulnerability in the Oracle Agile PLM component in
Oracle ...)
NOT-FOR-US: Oracle Supply Chain
-CVE-2015-4762
- RESERVED
+CVE-2015-4762 (Unspecified vulnerability in the Oracle Applications DBA
component in ...)
+ TODO: check
CVE-2015-4761 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and
earlier ...)
- mysql-5.6 5.6.25-2
- mysql-5.5 <not-affected> (Only 5.6 series)
@@ -8022,8 +7996,7 @@
- openjdk-8 <not-affected> (Deployment components not part of OpenJDK,
only present in Oracle Java)
CVE-2015-4735 (Unspecified vulnerability in the Enterprise Manager for Oracle
...)
NOT-FOR-US: Oracle Database
-CVE-2015-4734
- RESERVED
+CVE-2015-4734 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and
8u60, and ...)
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
@@ -8051,8 +8024,7 @@
- openjdk-8 8u66-b01-1
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
NOTE: "Applies to client deployment of Java only. This vulnerability
can be exploited only through sandboxed Java Web Start applications and
sandboxed Java applets."
-CVE-2015-4730
- RESERVED
+CVE-2015-4730 (Unspecified vulnerability in Oracle MySQL 5.6.20 and earlier
allows ...)
- mysql-5.6 5.6.25-2
- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
@@ -8079,20 +8051,17 @@
RESERVED
CVE-2015-4719
RESERVED
-CVE-2015-4718 [Command injection when using external SMB storage]
- RESERVED
+CVE-2015-4718 (The external SMB storage driver in ownCloud Server before
6.0.8, 7.0.x ...)
{DSA-3373-1}
- owncloud 7.0.6+dfsg-1
NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-008
NOTE:
https://github.com/owncloud/core/commit/200e9d949783efbd57f39acedebc03924c1dfff4
-CVE-2015-4717 [Resource Exthaustion when sanitizing filenames]
- RESERVED
+CVE-2015-4717 (The filename sanitization component in ownCloud Server before
6.0.8, ...)
{DSA-3373-1}
- owncloud 7.0.6+dfsg-1
NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-007
NOTE:
https://github.com/owncloud/core/commit/5fa749cd9656ca6eab30bac0ef4e7625b8a8be2e
-CVE-2015-4716 [Local file inclusion on MS Windows Platform]
- RESERVED
+CVE-2015-4716 (Directory traversal vulnerability in the routing component in
ownCloud ...)
{DSA-3373-1}
- owncloud 7.0.6+dfsg-1 (unimportant)
NOTE: Specific to installations on Windows
@@ -11941,6 +11910,7 @@
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756456#c0
TODO: check
CVE-2015-7941 [out-of-bounds memory access]
+ {DLA-266-1}
- libxml2 2.9.2+really2.9.1+dfsg1-0.1 (bug #783010)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=744980
NOTE: http://www.openwall.com/lists/oss-security/2015/04/19/5
@@ -14246,8 +14216,8 @@
- mysql-5.5 <unfixed> (bug #792445)
- mariadb-10.0 10.0.20-1
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2642
- RESERVED
+CVE-2015-2642 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2
allows ...)
+ TODO: check
CVE-2015-2641 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and
earlier ...)
- mysql-5.6 5.6.25-2
- mysql-5.5 <not-affected> (Only 5.6 series)
@@ -14274,8 +14244,8 @@
NOT-FOR-US: Oracle Fusion
CVE-2015-2634 (Unspecified vulnerability in the Oracle Data Integrator
component in ...)
NOT-FOR-US: Oracle Fusion
-CVE-2015-2633
- RESERVED
+CVE-2015-2633 (Unspecified vulnerability in the Enterprise Manager Ops Center
...)
+ TODO: check
CVE-2015-2632 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and
8u45 ...)
{DSA-3339-1 DSA-3316-1 DLA-303-1}
[experimental] - openjdk-6 6b36-1.13.8-1
@@ -14365,8 +14335,8 @@
NOT-FOR-US: Oracle E-Business
CVE-2015-2609 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows
local ...)
NOT-FOR-US: Solaris (performance counters)
-CVE-2015-2608
- RESERVED
+CVE-2015-2608 (Unspecified vulnerability in (1) the Oracle Communications
Diameter ...)
+ TODO: check
CVE-2015-2607 (Unspecified vulnerability in the Oracle Commerce Guided Search
/ ...)
NOT-FOR-US: Oracle Commerce
CVE-2015-2606 (Unspecified vulnerability in the Oracle Endeca Information
Discovery ...)
@@ -16632,8 +16602,8 @@
CVE-2015-1830 (Directory traversal vulnerability in the fileserver
upload/download ...)
- activemq <not-affected> (Only affects activemq on Windows)
NOTE:
http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt
-CVE-2015-1829
- RESERVED
+CVE-2015-1829 (Unspecified vulnerability in the Oracle HTTP Server component
in ...)
+ TODO: check
CVE-2015-1828
RESERVED
CVE-2015-1827 (The get_user_grouplist function in the extdom plug-in in
FreeIPA ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
