Author: sectracker
Date: 2016-07-25 21:10:10 +0000 (Mon, 25 Jul 2016)
New Revision: 43468
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-25 21:03:45 UTC (rev 43467)
+++ data/CVE/list 2016-07-25 21:10:10 UTC (rev 43468)
@@ -1,3 +1,35 @@
+CVE-2016-6287
+ RESERVED
+CVE-2016-6286
+ RESERVED
+CVE-2016-6285
+ RESERVED
+CVE-2016-6284
+ RESERVED
+CVE-2016-6283
+ RESERVED
+CVE-2016-6282
+ RESERVED
+CVE-2016-6281
+ RESERVED
+CVE-2016-6280
+ RESERVED
+CVE-2016-6279
+ RESERVED
+CVE-2016-6278
+ RESERVED
+CVE-2016-6277
+ RESERVED
+CVE-2016-6276
+ RESERVED
+CVE-2016-6275
+ RESERVED
+CVE-2016-6274
+ RESERVED
+CVE-2016-6273
+ RESERVED
+CVE-2016-6272
+ RESERVED
CVE-2016-XXXX [tiffcrop overflow]
- tiff <unfixed>
- tiff3 <removed>
@@ -3,4 +35,5 @@
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2573
CVE-2016-6297 [Stack-based buffer overflow vulnerability in
php_stream_zip_opener]
+ RESERVED
- php7.0 <unfixed>
- php5 <unfixed>
@@ -9,6 +42,7 @@
NOTE:
http://git.php.net/?p=php-src.git;a=commit;h=81406c0c1d45f75fcc7972ed974d2597abb0b9e9
NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
CVE-2016-6296 [heap-buffer-overflow (write) simplestring_addn simplestring.c]
+ RESERVED
- php7.0 <unfixed>
- php5 <unfixed>
NOTE: PHP Bug: https://bugs.php.net/72606
@@ -16,38 +50,45 @@
NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
- xmlrpc-epi <unfixed>
CVE-2016-6295 [Use After Free Vulnerability in SNMP with GC and unserialize()]
+ RESERVED
- php7.0 <unfixed>
- php5 <unfixed>
NOTE: PHP Bug: https://bugs.php.net/72479
NOTE:
http://git.php.net/?p=php-src.git;a=commit;h=cab1c3b3708eead315e033359d07049b23b147a3
NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
CVE-2016-6294 [locale_accept_from_http out-of-bounds access]
+ RESERVED
- php7.0 <unfixed>
- php5 <unfixed>
NOTE: PHP Bug: https://bugs.php.net/72533
NOTE:
http://git.php.net/?p=php-src.git;a=commit;h=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4
NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
CVE-2016-6293 [locale_accept_from_http out-of-bounds access]
+ RESERVED
- icu <unfixed>
CVE-2016-6292 [NULL Pointer Dereference in exif_process_user_comment]
+ RESERVED
- php7.0 <unfixed>
- php5 <unfixed>
NOTE: PHP Bug: https://bugs.php.net/72618
NOTE:
http://git.php.net/?p=php-src.git;a=commit;h=41131cd41d2fd2e0c2f332a27988df75659c42e4
NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
CVE-2016-6291 [Out of bound read in exif_process_IFD_in_MAKERNOTE]
+ RESERVED
- php7.0 <unfixed>
- php5 <unfixed>
NOTE: PHP Bug: https://bugs.php.net/72603
NOTE:
http://git.php.net/?p=php-src.git;a=commit;h=eebcbd5de38a0f1c2876035402cb770e37476519
NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
CVE-2016-6290 [Use After Free in unserialize() with Unexpected Session
Deserialization]
+ RESERVED
- php7.0 <unfixed>
- php5 <unfixed>
NOTE: PHP Bug: https://bugs.php.net/72562
NOTE:
http://git.php.net/?p=php-src.git;a=commit;h=3798eb6fd5dddb211b01d41495072fd9858d4e32
NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
CVE-2016-6289 [Stack-based buffer overflow vulnerability in virtual_file_ex]
+ RESERVED
- php7.0 <unfixed>
- php5 <unfixed>
NOTE: PHP Bug: https://bugs.php.net/72513
@@ -513,8 +554,8 @@
RESERVED
CVE-2016-6205
RESERVED
-CVE-2016-6204
- RESERVED
+CVE-2016-6204 (Cross-site scripting (XSS) vulnerability in the integrated web
server ...)
+ TODO: check
CVE-2016-6203
RESERVED
CVE-2016-6202
@@ -593,8 +634,7 @@
CVE-2016-XXXX [Write out-of-bounds]
- gdk-pixbuf <unfixed>
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/07/13/11
-CVE-2016-6224 [ecryptfs-setup-swap improperly configures encrypted swap when
using GPT partitioning on a NVMe or MMC drive]
- RESERVED
+CVE-2016-6224 (ecryptfs-setup-swap in eCryptfs does not prevent the
unencrypted swap ...)
- ecryptfs-utils <not-affected> (Broken code not present; incomplete
fix for CVE-2015-8946 not applied)
NOTE: Actually due to an incomplete fix of LP#1447282
NOTE: https://launchpad.net/bugs/1597154
@@ -604,8 +644,7 @@
- harfbuzz 1.2.6-1
[jessie] - harfbuzz <no-dsa> (Minor issue, can be fixed via a DSA)
NOTE:
https://cgit.freedesktop.org/harfbuzz/commit/?id=f96664974774bfeb237a7274f512f64aaafb201e
(1.0.5)
-CVE-2015-8946 [ecryptfs-setup-swap improperly configures encrypted swap when
using GPT partitioning]
- RESERVED
+CVE-2015-8946 (ecryptfs-setup-swap in eCryptfs before 111 does not prevent the
...)
- ecryptfs-utils 111-1
[wheezy] - ecryptfs-utils <no-dsa> (Only happens if using systemd v207
onward)
NOTE: https://launchpad.net/bugs/1447282
@@ -721,6 +760,7 @@
[wheezy] - trn <no-dsa> (non-free not supported)
CVE-2016-6185
RESERVED
+ {DSA-3628-1}
- perl 5.22.2-2 (bug #829578)
CVE-2016-6175
RESERVED
@@ -1433,8 +1473,8 @@
NOTE: https://marc.info/?l=oss-security&m=146726894625359&w=2
NOTE: but is not yet REJECTED by MITRE.
NOTE: Reproducer http://bugs.fi/media/afl/libtiff/CVE-2016-5875.tif
-CVE-2016-5874
- RESERVED
+CVE-2016-5874 (Siemens SIMATIC NET PC-Software before 13 SP2 allows remote
attackers ...)
+ TODO: check
CVE-2016-5872
RESERVED
CVE-2016-5871
@@ -1816,10 +1856,10 @@
RESERVED
- libical <unfixed>
TODO: check
-CVE-2016-5744
- RESERVED
-CVE-2016-5743
- RESERVED
+CVE-2016-5744 (Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote
attackers ...)
+ TODO: check
+CVE-2016-5743 (Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before
Update 1, ...)
+ TODO: check
CVE-2016-5839 (WordPress before 4.5.3 allows remote attackers to bypass the
...)
- wordpress 4.5.3+dfsg-1
NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
@@ -3801,50 +3841,39 @@
RESERVED
CVE-2016-5138
RESERVED
-CVE-2016-5137
- RESERVED
+CVE-2016-5137 (The CSPSource::schemeMatches function in ...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5136
- RESERVED
+CVE-2016-5136 (Use-after-free vulnerability in ...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5135
- RESERVED
+CVE-2016-5135 (WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink,
as ...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5134
- RESERVED
+CVE-2016-5134 (net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC)
feature in ...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5133
- RESERVED
+CVE-2016-5133 (Google Chrome before 52.0.2743.82 mishandles origin information
during ...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5132
- RESERVED
+CVE-2016-5132 (The Service Workers subsystem in Google Chrome before
52.0.2743.82 ...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5131
- RESERVED
+CVE-2016-5131 (Use-after-free vulnerability in libxml2 through 2.9.4, as used
in ...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- libxml2 <undetermined>
TODO: check libxml2
-CVE-2016-5130
- RESERVED
+CVE-2016-5130 (content/renderer/history_controller.cc in Google Chrome before
...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5129
- RESERVED
+CVE-2016-5129 (Google V8 before 5.2.361.32, as used in Google Chrome before
...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5128
- RESERVED
+CVE-2016-5128 (objects.cc in Google V8 before 5.2.361.27, as used in Google
Chrome ...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5127
- RESERVED
+CVE-2016-5127 (Use-after-free vulnerability in ...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2015-8899 (Dnsmasq before 2.76 allows remote servers to cause a denial of
service ...)
@@ -7439,9 +7468,9 @@
NOT-FOR-US: McAfee
CVE-2016-3983 (McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might
allow ...)
NOT-FOR-US: McAfee
-CVE-2016-3980 (The Java Startup Framework (aka jstart) in SAP JAVA AS 7.4
allows ...)
+CVE-2016-3980 (The Java Startup Framework (aka jstart) in SAP JAVA AS 7.2
through 7.4 ...)
NOT-FOR-US: SAP
-CVE-2016-3979 (Internet Communication Manager (aka ICMAN or ICM) in SAP JAVA
AS 7.4 ...)
+CVE-2016-3979 (Internet Communication Manager (aka ICMAN or ICM) in SAP JAVA
AS 7.2 ...)
NOT-FOR-US: SAP
CVE-2016-3978 (The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13,
5.2.x ...)
NOT-FOR-US: FortiOS
@@ -7527,13 +7556,13 @@
NOTE: https://gist.github.com/smalyshev/d8355c96a657cc5dba70
NOTE:
https://git.php.net/?p=php-src.git;a=commit;h=64f42c73efc58e88671ad76b6b6bc8e2b62713e1
NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7
-CVE-2016-3976 (Directory traversal vulnerability in SAP NetWeaver AS Java 7.4
allows ...)
+CVE-2016-3976 (Directory traversal vulnerability in SAP NetWeaver AS Java 7.1
through ...)
NOT-FOR-US: SAP
-CVE-2016-3975 (Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS
Java 7.4 ...)
+CVE-2016-3975 (Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS
Java 7.1 ...)
NOT-FOR-US: SAP
CVE-2016-3974 (XML external entity (XXE) vulnerability in the Configuration
Wizard in ...)
NOT-FOR-US: SAP
-CVE-2016-3973 (The chat feature in the Real-Time Collaboration (RTC) services
in SAP ...)
+CVE-2016-3973 (The chat feature in the Real-Time Collaboration (RTC) services
7.3 and ...)
NOT-FOR-US: SAP
CVE-2016-3972 (Directory traversal vulnerability in the dotTailLogServlet in
dotCMS ...)
NOT-FOR-US: dotCMS
@@ -9577,6 +9606,7 @@
- hhvm 3.12.1+dfsg-1
NOTE:
https://github.com/facebook/hhvm/commit/fd456ffad5d164c1563dc8bd97bcc2f200ff6f69
CVE-2016-6288 [php_url_parse_ex() buffer overflow read]
+ RESERVED
{DLA-533-1}
- hhvm 3.12.1+dfsg-1
- php5 5.6.15+dfsg-1
@@ -11718,6 +11748,7 @@
NOTE:
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
CVE-2016-2518 [Crafted addpeer with hmode > 7 causes out-of-bounds reference]
RESERVED
+ {DSA-3629-1}
- ntp 1:4.2.8p7+dfsg-1
NOTE:
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
CVE-2016-2517 [Remote configuration trustedkey/requestkey/controlkey values
are not properly validated]
@@ -11728,6 +11759,7 @@
NOTE: cause trouble anyway
CVE-2016-2516 [Duplicate IPs on unconfig directives will cause an assertion
failure]
RESERVED
+ {DSA-3629-1}
- ntp 1:4.2.8p7+dfsg-1
NOTE:
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
CVE-2016-2514
@@ -14739,31 +14771,24 @@
NOTE:
https://github.com/roundcube/roundcubemail/commit/10e5192a2b1bc90ec137f5e69d0aa072c1210d6d
CVE-2015-8769 (SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows
...)
- joomla <itp> (bug #571794)
-CVE-2016-1711
- RESERVED
+CVE-2016-1711 (WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in
Google ...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1710
- RESERVED
+CVE-2016-1710 (The ChromeClientImpl::createWindow method in ...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1709
- RESERVED
+CVE-2016-1709 (Heap-based buffer overflow in the ByteArray::Get method in ...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1708
- RESERVED
+CVE-2016-1708 (The Chrome Web Store inline-installation implementation in the
...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1707
- RESERVED
+CVE-2016-1707 (ios/web/web_state/ui/crw_web_controller.mm in Google Chrome
before ...)
- chromium-browser <not-affected> (Only affects chromium-browser on iOS)
-CVE-2016-1706
- RESERVED
+CVE-2016-1706 (The PPAPI implementation in Google Chrome before 52.0.2743.82
does not ...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1705
- RESERVED
+CVE-2016-1705 (Multiple unspecified vulnerabilities in Google Chrome before
...)
- chromium-browser 52.0.2743.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2016-1704 (Multiple unspecified vulnerabilities in Google Chrome before
...)
@@ -15410,6 +15435,7 @@
NOTE:
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
CVE-2016-1550 [Timing attack for authenticated packets]
RESERVED
+ {DSA-3629-1}
- ntp 1:4.2.8p7+dfsg-1
NOTE:
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
TODO: check
@@ -15421,11 +15447,13 @@
NOTE:
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
CVE-2016-1548 [Change the time of an ntpd client or deny service to an ntpd
client by forcing it to change from basic client/server mode to interleaved
symmetric mode.]
RESERVED
+ {DSA-3629-1}
- ntp 1:4.2.8p7+dfsg-1
NOTE:
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
TODO: check
CVE-2016-1547 [Validate crypto-NAKs]
RESERVED
+ {DSA-3629-1}
- ntp 1:4.2.8p7+dfsg-1
NOTE:
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
TODO: check
@@ -16569,6 +16597,7 @@
NOTE:
https://anonscm.debian.org/cgit/collab-maint/duck.git/commit/?id=b43b5bbf07973c54b8f1c581a941f4facc97177a
(0.10)
CVE-2016-1238 [unsafe module load path flaw]
RESERVED
+ {DSA-3628-1}
- perl 5.22.2-3
- libsys-syslog-perl <removed>
[jessie] - libsys-syslog-perl 0.33-1+deb8u1
@@ -21279,6 +21308,7 @@
RESERVED
CVE-2015-8158 [Potential Infinite Loop in ntpq]
RESERVED
+ {DSA-3629-1}
- ntp 1:4.2.8p7+dfsg-1
NOTE:
http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
NOTE: http://support.ntp.org/bin/view/Main/NtpBug2948
@@ -21330,6 +21360,7 @@
NOTE: Mitigated in 4.2.8p6
CVE-2015-8138 [ntp: missing check for zero originate timestamp]
RESERVED
+ {DSA-3629-1}
- ntp 1:4.2.8p7+dfsg-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0077/
NOTE:
https://github.com/ntp-project/ntp/commit/880191b72409a1965712999d248d70e6f7163af8
@@ -21855,18 +21886,21 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/10/27/5
CVE-2015-7979 [Off-path Denial of Service (DoS) attack on authenticated
broadcast mode]
RESERVED
+ {DSA-3629-1}
- ntp 1:4.2.8p7+dfsg-1
NOTE:
http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
NOTE: http://support.ntp.org/bin/view/Main/NtpBug2942
NOTE:
https://github.com/ntp-project/ntp/commit/fe46889f7baa75fc8e6c0fcde87706d396ce1461
CVE-2015-7978 [Stack exhaustion in recursive traversal of restriction list]
RESERVED
+ {DSA-3629-1}
- ntp 1:4.2.8p7+dfsg-1
NOTE:
http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
NOTE: http://support.ntp.org/bin/view/Main/NtpBug2940
NOTE:
https://github.com/ntp-project/ntp/commit/8a0c765f3c47633fa262356b0818788d1cf249b1
CVE-2015-7977 [reslist NULL pointer dereference]
RESERVED
+ {DSA-3629-1}
- ntp 1:4.2.8p7+dfsg-1
NOTE:
http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
NOTE: http://support.ntp.org/bin/view/Main/NtpBug2939
@@ -21888,6 +21922,7 @@
NOTE:
http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
NOTE: http://support.ntp.org/bin/view/Main/NtpBug2937
CVE-2015-7974 (NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify
peer ...)
+ {DSA-3629-1}
- ntp 1:4.2.8p7+dfsg-1 (low)
NOTE:
http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
NOTE: http://support.ntp.org/bin/view/Main/NtpBug2936
@@ -39676,7 +39711,7 @@
NOT-FOR-US: abrt is Red Hat / Fedora specific
CVE-2015-1861
RESERVED
-CVE-2015-1860 (Multiple buffer overflows in the QtBase module in Qt before
4.8.7 and ...)
+CVE-2015-1860 (Multiple buffer overflows in gui/image/qgifhandler.cpp in the
QtBase ...)
{DLA-210-1}
- qt4-x11 4:4.8.6+git155-g716fbae+dfsg-2 (bug #783133)
[jessie] - qt4-x11 4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
@@ -39684,7 +39719,7 @@
- qtbase-opensource-src 5.3.2+dfsg-5 (bug #783134)
[jessie] - qtbase-opensource-src 5.3.2+dfsg-4+deb8u1
NOTE:
http://lists.qt-project.org/pipermail/announce/2015-April/000067.html
-CVE-2015-1859 (Multiple buffer overflows in the QtBase module in Qt before
4.8.7 and ...)
+CVE-2015-1859 (Multiple buffer overflows in
plugins/imageformats/ico/qicohandler.cpp ...)
{DLA-210-1}
- qt4-x11 4:4.8.6+git155-g716fbae+dfsg-2 (bug #783133)
[jessie] - qt4-x11 4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
@@ -39692,7 +39727,7 @@
- qtbase-opensource-src 5.3.2+dfsg-5 (bug #783134)
[jessie] - qtbase-opensource-src 5.3.2+dfsg-4+deb8u1
NOTE:
http://lists.qt-project.org/pipermail/announce/2015-April/000067.html
-CVE-2015-1858 (Multiple buffer overflows in the QtBase module in Qt before
4.8.7 and ...)
+CVE-2015-1858 (Multiple buffer overflows in gui/image/qbmphandler.cpp in the
QtBase ...)
{DLA-210-1}
- qt4-x11 4:4.8.6+git155-g716fbae+dfsg-2 (bug #783133)
[jessie] - qt4-x11 4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
