Author: sectracker
Date: 2015-12-26 21:10:12 +0000 (Sat, 26 Dec 2015)
New Revision: 38531
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-26 20:11:55 UTC (rev 38530)
+++ data/CVE/list 2015-12-26 21:10:12 UTC (rev 38531)
@@ -3023,6 +3023,7 @@
- shellinabox 2.19
NOTE: http://www.openwall.com/lists/oss-security/2015/12/02/6
CVE-2015-8377 (SQL injection vulnerability in the host_new_graphs_save
function in ...)
+ {DLA-374-1}
- cacti <unfixed>
NOTE:
http://seclists.org/fulldisclosure/2015/Dec/att-57/cacti_sqli%281%29.txt
TODO: check
@@ -3046,7 +3047,7 @@
NOTE: https://twitter.com/lostinsecurity/status/674925944524640257
NOTE:
http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html
CVE-2015-8369 (SQL injection vulnerability in include/top_graph_header.php in
Cacti ...)
- {DSA-3423-1}
+ {DSA-3423-1 DLA-374-1}
- cacti 0.8.8f+ds1-3 (bug #807599)
NOTE: http://bugs.cacti.net/view.php?id=2646
CVE-2015-8378 [canceling export operation creates cleartext copy of all of the
user's KeePassX password database entries]
@@ -5650,23 +5651,23 @@
CVE-2015-7501
RESERVED
CVE-2015-7500 (The xmlParseMisc function in parser.c in libxml2 before 2.9.3
allows ...)
- {DSA-3430-1}
+ {DSA-3430-1 DLA-373-1}
- libxml2 2.9.3+dfsg1-1
NOTE:
https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f
(v2.9.3)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756525 (upstream bug
not yet open)
CVE-2015-7499 (Heap-based buffer overflow in the xmlGROW function in parser.c
in ...)
- {DSA-3430-1}
+ {DSA-3430-1 DLA-373-1}
- libxml2 2.9.3+dfsg1-1
NOTE:
https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc
(v2.9.3)
NOTE:
https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da
(v2.9.3)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756479 (upstream bug
not yet open)
CVE-2015-7498 (Heap-based buffer overflow in the xmlParseXmlDecl function in
parser.c ...)
- {DSA-3430-1}
+ {DSA-3430-1 DLA-373-1}
- libxml2 2.9.3+dfsg1-1
NOTE:
https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43
(v2.9.3)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756527 (upstream bug
not yet open)
CVE-2015-7497 (Heap-based buffer overflow in the xmlDictComputeFastQKey
function in ...)
- {DSA-3430-1}
+ {DSA-3430-1 DLA-373-1}
- libxml2 2.9.3+dfsg1-1
NOTE:
https://git.gnome.org/browse/libxml2/commit/?id=6360a31a84efe69d155ed96306b9a931a40beab9
(v2.9.3)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756528 (upstream bug
not yet open)
@@ -11414,7 +11415,7 @@
NOTE: Broken by:
https://libvirt.org/git/?p=libvirt.git;a=commit;h=c930410bebae0a45889b992a7932c663b06cbbcd
(v1.1.0-rc1)
NOTE: http://security.libvirt.org/2015/0004.html
CVE-2015-5312 (The xmlStringLenDecodeEntities function in parser.c in libxml2
before ...)
- {DSA-3430-1}
+ {DSA-3430-1 DLA-373-1}
- libxml2 2.9.3+dfsg1-1
NOTE:
https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e
(v2.9.3)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756733 (upstream bug
not yet open)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
