Author: sectracker
Date: 2016-09-08 21:10:12 +0000 (Thu, 08 Sep 2016)
New Revision: 44427
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-08 20:20:13 UTC (rev 44426)
+++ data/CVE/list 2016-09-08 21:10:12 UTC (rev 44427)
@@ -1,3 +1,31 @@
+CVE-2016-7174
+ RESERVED
+CVE-2016-7173
+ RESERVED
+CVE-2016-7172
+ RESERVED
+CVE-2016-7171
+ RESERVED
+CVE-2016-7170
+ RESERVED
+CVE-2016-7169
+ RESERVED
+CVE-2016-7168
+ RESERVED
+CVE-2016-7167
+ RESERVED
+CVE-2016-7165
+ RESERVED
+CVE-2016-7162
+ RESERVED
+CVE-2016-7161
+ RESERVED
+CVE-2016-7160
+ RESERVED
+CVE-2016-7159
+ RESERVED
+CVE-2016-7158
+ RESERVED
CVE-2016-XXXX [SGI security bug]
- imagemagick <unfixed> (bug #836776)
CVE-2016-XXXX [incorrect quoting may allow SQL injection]
@@ -6,23 +34,27 @@
NOTE: https://github.com/ADOdb/ADOdb/commit/bd9eca9
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/09/07/8
CVE-2016-7154 [use after free in FIFO event channel code]
+ RESERVED
- xen 4.6.0-1
[wheezy] - xen <not-affected> (Versions 4.3 and earlier are not
vulnerable)
NOTE: http://xenbits.xen.org/xsa/advisory-188.html
NOTE: Only affects Xen 4.4, as workaround it is marked as fixed in the
first xen version entering unstable
NOTE: after the 4.4 series.
CVE-2016-7166 [denial of service with gzip quine]
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/660
NOTE: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207362
NOTE: Fixed by:
https://github.com/libarchive/libarchive/commit/6e06b1c89dd0d16f74894eac4cfc1327a06ee4a0
CVE-2016-7164 [inflate_gzip denial of service]
+ RESERVED
- libtorrent-rasterbar <unfixed>
NOTE: https://github.com/arvidn/libtorrent/issues/1021
NOTE: https://github.com/arvidn/libtorrent/pull/1022
NOTE:
https://github.com/arvidn/libtorrent/commit/debf3c6e3688aab8394fe5c47737625faffe6f9e
NOTE: Fixed upstream in 1.1.1.
CVE-2016-7163
+ RESERVED
- openjpeg2 <unfixed>
NOTE:
https://github.com/uclouvain/openjpeg/commit/c16bc057ba3f125051c9966cf1f5b68a05681de4
NOTE:
https://github.com/uclouvain/openjpeg/commit/ef01f18dfc6780b776d0674ed3e7415c6ef54d24
@@ -47,18 +79,21 @@
CVE-2016-7121
RESERVED
CVE-2016-7155 [scsi: pvscsi: OOB read and infinite loop while setting
descriptor rings]
+ RESERVED
- qemu <unfixed>
- qemu-kvm <removed>
NOTE: Upstream patch:
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg00050.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373462
NOTE: http://www.openwall.com/lists/oss-security/2016/09/06/2
CVE-2016-7156 [scsi: pvscsi: infintie loop when building SG list]
+ RESERVED
- qemu <unfixed>
- qemu-kvm <removed>
NOTE: Upstream patch:
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg00772.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373478
NOTE: http://www.openwall.com/lists/oss-security/2016/09/06/3
CVE-2016-7157 [mptsas: invalid memory access while building configuration
pages]
+ RESERVED
- qemu <unfixed>
- qemu-kvm <removed>
NOTE: Upstream patches:
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg04295.html
@@ -106,6 +141,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/09/04/3
CVE-2016-7142 [certificate fingerprint spoofing through crafted SASL messages]
RESERVED
+ {DSA-3662-1}
- inspircd 2.0.23-1 (bug #836706)
NOTE: http://www.inspircd.org/2016/09/03/v2023-released.html
NOTE: http://www.openwall.com/lists/oss-security/2016/09/04/3
@@ -249,14 +285,14 @@
- qemu-kvm <removed>
NOTE: Fixed by:
http://git.qemu.org/?p=qemu.git;a=commit;h=56f101ecce0eafd09e2daf1c4eeb1377d6959261
NOTE: May as well need:
http://git.qemu.org/?p=qemu.git;a=commit;h=fff39a7ad09da07ef490de05c92c91f22f8002f2
-CVE-2016-7110
- RESERVED
-CVE-2016-7109
- RESERVED
-CVE-2016-7108
- RESERVED
-CVE-2016-7107
- RESERVED
+CVE-2016-7110 (Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200
allows ...)
+ TODO: check
+CVE-2016-7109 (Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200
allows ...)
+ TODO: check
+CVE-2016-7108 (Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200
SPH206 ...)
+ TODO: check
+CVE-2016-7107 (Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200
SPH206 ...)
+ TODO: check
CVE-2016-7106
RESERVED
CVE-2016-7105
@@ -294,6 +330,7 @@
NOTE: https://github.com/jquery/api.jqueryui.com/issues/281
CVE-2016-7094 [x86 HVM: Overflow of sh_ctxt->seg_reg[]]
RESERVED
+ {DLA-614-1}
- xen <unfixed>
NOTE: http://xenbits.xen.org/xsa/advisory-187.html
CVE-2016-7093 [x86: Mishandling of instruction pointer truncation during
emulation]
@@ -302,6 +339,7 @@
NOTE: http://xenbits.xen.org/xsa/advisory-186.html
CVE-2016-7092 [Disallow L3 recursive pagetable for 32-bit PV guests]
RESERVED
+ {DLA-614-1}
- xen <unfixed>
NOTE: http://xenbits.xen.org/xsa/advisory-185.html
CVE-2016-7090
@@ -438,11 +476,9 @@
RESERVED
CVE-2016-7035
RESERVED
-CVE-2016-7034
- RESERVED
+CVE-2016-7034 (The dashbuilder in Red Hat JBoss BPM Suite 6.3.2 does not
properly ...)
NOT-FOR-US: JBoss BPMS
-CVE-2016-7033
- RESERVED
+CVE-2016-7033 (Multiple cross-site scripting (XSS) vulnerabilities in the
admin pages ...)
NOT-FOR-US: JBoss BPMS
CVE-2016-7032
RESERVED
@@ -706,12 +742,12 @@
RESERVED
CVE-2016-6901
RESERVED
-CVE-2016-6900
- RESERVED
-CVE-2016-6899
- RESERVED
-CVE-2016-6898
- RESERVED
+CVE-2016-6900 (The Intelligent Baseboard Management Controller (iBMC) in
Huawei ...)
+ TODO: check
+CVE-2016-6899 (The Intelligent Baseboard Management Controller (iBMC) in
Huawei ...)
+ TODO: check
+CVE-2016-6898 (XML external entity (XXE) vulnerability in the Hyper Management
Module ...)
+ TODO: check
CVE-2016-6895
REJECTED
CVE-2016-6894
@@ -767,8 +803,8 @@
RESERVED
CVE-2016-6877
RESERVED
-CVE-2016-6876
- RESERVED
+CVE-2016-6876 (The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM,
and Link ...)
+ TODO: check
CVE-2016-6869
RESERVED
CVE-2016-6868
@@ -795,8 +831,7 @@
RESERVED
CVE-2016-6856
RESERVED
-CVE-2016-6855 [out-of-bounds write when passing invalid UTF-8 to GMarkup]
- RESERVED
+CVE-2016-6855 (Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3,
3.19.x, ...)
{DLA-605-1}
- eog 3.20.4-1
[jessie] - eog <no-dsa> (Minor issue)
@@ -832,18 +867,18 @@
RESERVED
CVE-2016-6840
RESERVED
-CVE-2016-6839
- RESERVED
-CVE-2016-6838
- RESERVED
+CVE-2016-6839 (CRLF injection vulnerability in Huawei FusionAccess before
V100R006C00 ...)
+ TODO: check
+CVE-2016-6838 (Huawei X6800 and XH620 V3 servers with software before ...)
+ TODO: check
CVE-2016-6829
RESERVED
CVE-2016-6827
RESERVED
CVE-2016-6826
RESERVED
-CVE-2016-6825
- RESERVED
+CVE-2016-6825 (Huawei XH620 V3, XH622 V3, and XH628 V3 servers with software
before ...)
+ TODO: check
CVE-2016-6824
RESERVED
CVE-2016-6823
@@ -1296,8 +1331,8 @@
CVE-2016-6671 [buffer overflow when decoding swf]
RESERVED
- ffmpeg 7:3.1.2-1
-CVE-2016-6670
- RESERVED
+CVE-2016-6670 (Huawei S7700, S9300, S9700, and S12700 devices with software
before ...)
+ TODO: check
CVE-2016-6669
RESERVED
CVE-2016-6668
@@ -2386,16 +2421,13 @@
RESERVED
- resteasy <unfixed>
TODO: check
-CVE-2016-6346
- RESERVED
+CVE-2016-6346 (RESTEasy enables GZIPInterceptor, which allows remote attackers
to ...)
- resteasy <unfixed>
TODO: check
-CVE-2016-6345
- RESERVED
+CVE-2016-6345 (RESTEasy allows remote authenticated users to obtain sensitive
...)
- resteasy <unfixed>
TODO: check
-CVE-2016-6344
- RESERVED
+CVE-2016-6344 (Red Hat JBoss BPM Suite 6.3.x does not include the HTTPOnly
flag in a ...)
NOT-FOR-US: Red Hat JBoss bpm Suite
CVE-2016-6343
RESERVED
@@ -2488,20 +2520,17 @@
[wheezy] - cracklib2 <no-dsa> (Minor issue)
NOTE: SuSE patch (not a complete fix):
https://build.opensuse.org/package/view_file/Base:System/cracklib/0004-overflow-processing-long-words.patch
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/08/23/8
-CVE-2016-6318 [Stack-based buffer overflow when parsing large GECOS field]
- RESERVED
+CVE-2016-6318 (Stack-based buffer overflow in the FascistGecosUser function in
...)
{DLA-599-1}
- cracklib2 2.9.2-2 (bug #834502)
[jessie] - cracklib2 <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/attachment.cgi?id=1188599
NOTE: In Debian compiled with CPPFLAGS="-D_FORTIFY_SOURCE=2" so, at
most application crash
-CVE-2016-6317 [unsafe query generation in Active Record]
- RESERVED
+CVE-2016-6317 (Action Record in Ruby on Rails 4.2.x before 4.2.7.1 does not
properly ...)
- rails 2:4.2.7.1-1 (bug #834154)
[jessie] - rails <not-affected> (Vulnerable code not present,
introduced in 4.2)
[wheezy] - rails <not-affected> (Vulnerable code not present, is only a
transitional package and introduced in 4.2 anyway)
-CVE-2016-6316 [Possible XSS Vulnerability in Action View]
- RESERVED
+CVE-2016-6316 (Cross-site scripting (XSS) vulnerability in Action View in Ruby
on ...)
{DSA-3651-1 DLA-604-1}
- rails 2:4.2.7.1-1 (low; bug #834155)
[wheezy] - rails <not-affected> (Vulnerable code not present, is only a
transitional package)
@@ -2583,8 +2612,7 @@
NOTE: Intorduced by:
https://github.com/westes/flex/commit/9ba3187a537d6a58d345f2874d06087fd4050399
(flex-2-5-36)
NOTE: Fixed by:
https://github.com/westes/flex/commit/a5cbe929ac3255d371e698f62dc256afe7006466
(v2.6.1)
TODO: It needs to be evaluated which reverse reverse build-dependencies
or sources using the generated code needs fixing/rebuild
-CVE-2016-6351 [scsi: esp: oob write access while reading ESP command]
- RESERVED
+CVE-2016-6351 (The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick
Emulator), ...)
{DLA-574-1 DLA-573-1}
- qemu <unfixed> (bug #832621)
- qemu-kvm <removed>
@@ -2668,6 +2696,7 @@
NOTE:
http://git.php.net/?p=php-src.git;a=commit;h=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4
NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
CVE-2016-6293 (The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in
...)
+ {DLA-615-1}
- icu 57.1-4
NOTE: http://bugs.icu-project.org/trac/changeset/39109
NOTE: And possibly needs some more follow-up fixes, cf. with upstream
changes
@@ -2961,8 +2990,7 @@
NOTE:
http://repo.or.cz/uclibc-ng.git/commit/e3848e3dd64a8d6437531488fe341354bc02eaed
NOTE: http://mailman.uclibc-ng.org/pipermail/devel/2016-July/001067.html
NOTE: Fixed in 1.0.16 of uClibc-ng
-CVE-2016-6263 [stringprep_utf8_nfkc_normalize reject invalid UTF-8]
- RESERVED
+CVE-2016-6263 (The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in
libidn ...)
{DSA-3658-1 DLA-582-1}
- libidn 1.33-1
NOTE:
https://lists.gnu.org/archive/html/help-libidn/2016-07/msg00009.html
@@ -2973,21 +3001,18 @@
- libdbd-mysql-perl 4.035-1
NOTE: https://github.com/perl5-dbi/DBD-mysql/pull/45
NOTE:
https://github.com/perl5-dbi/DBD-mysql/commit/cf0aa7751f6ef8445e9310a64b14dc81460ca156
-CVE-2015-8948 [Solve out-of-bounds-read when reading one zero byte as input]
- RESERVED
+CVE-2015-8948 (idn in GNU libidn before 1.33 might allow remote attackers to
obtain ...)
{DSA-3658-1 DLA-582-1}
- libidn 1.33-1
NOTE: Fix:
http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=570e68886c41c2e765e6218cb317d9a9a447a041
(libidn-1-33)
NOTE: When fixing this issue, the followup fix
http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=5e3cb9c7b5bf0ce665b9d68f5ddf095af5c9ba60
NOTE: is required to fix the problem. (Resultet in followup CVE,
CVE-2016-6262
NOTE: if not applied completely).
-CVE-2016-6262 [Solve out-of-bounds-read when reading one zero byte as input]
- RESERVED
+CVE-2016-6262 (idn in libidn before 1.33 might allow remote attackers to
obtain ...)
- libidn <not-affected> (Incomplete fix for CVE-2015-8948 not applied)
NOTE: Follow-up fix for CVE-2015-8948:
http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=5e3cb9c7b5bf0ce665b9d68f5ddf095af5c9ba60
(libidn-1-33)
NOTE: http://www.openwall.com/lists/oss-security/2016/07/20/6
-CVE-2016-6261 [out-of-bounds stack read in idna_to_ascii_4i]
- RESERVED
+CVE-2016-6261 (The idna_to_ascii_4i function in lib/idna.c in libidn before
1.33 ...)
{DSA-3658-1 DLA-582-1}
- libidn 1.33-1
NOTE:
https://lists.gnu.org/archive/html/help-libidn/2016-07/msg00009.html
@@ -3398,18 +3423,18 @@
NOTE: Unimportant since Debian's binary packages are not built
NOTE: with --with-default-trust-store-pkcs11=
TODO: check CVE request
-CVE-2016-6184
- RESERVED
-CVE-2016-6183
- RESERVED
-CVE-2016-6182
- RESERVED
-CVE-2016-6181
- RESERVED
-CVE-2016-6180
- RESERVED
-CVE-2016-6179
- RESERVED
+CVE-2016-6184 (The Camera driver in Huawei Honor 4C smartphones with software
...)
+ TODO: check
+CVE-2016-6183 (The Camera driver in Huawei Honor 4C smartphones with software
...)
+ TODO: check
+CVE-2016-6182 (The Camera driver in Huawei Honor 4C smartphones with software
...)
+ TODO: check
+CVE-2016-6181 (The Camera driver in Huawei Honor 4C smartphones with software
...)
+ TODO: check
+CVE-2016-6180 (The Camera driver in Huawei Honor 4C smartphones with software
...)
+ TODO: check
+CVE-2016-6179 (The WiFi driver in Huawei Honor6 smartphones with software
H60-L01 ...)
+ TODO: check
CVE-2016-6178 (Huawei NE40E and CX600 devices with software before
V800R007SPH017; ...)
NOT-FOR-US: Huawei
CVE-2016-6177
@@ -5407,8 +5432,7 @@
- postgresql-9.1 <removed>
[jessie] - postgresql-9.1 <no-dsa> (postgresql-9.1 in jessie only
provides PL/Perl)
NOTE:
https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=f0c7b789ab12fbc8248b671c7882dd96ac932ef4
-CVE-2016-5422
- RESERVED
+CVE-2016-5422 (The web console in Red Hat JBoss Operations Network (JON)
before 3.3.7 ...)
NOT-FOR-US: Red Hat JBoss Operations Network
CVE-2016-5421 (Use-after-free vulnerability in libcurl before 7.50.1 allows
attackers ...)
{DSA-3638-1}
@@ -5479,8 +5503,7 @@
NOT-FOR-US: JBoss EAP
CVE-2016-5405
RESERVED
-CVE-2016-5404 [insufficient permission check]
- RESERVED
+CVE-2016-5404 (The cert_revoke command in FreeIPA does not check for the
"revoke ...)
- freeipa <removed> (bug #835131)
NOTE:
https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=cf74584d0f772f3f5eccc1d30c001e4212a104fd
(master)
NOTE: https://fedorahosted.org/freeipa/ticket/6232
@@ -7126,8 +7149,8 @@
RESERVED
CVE-2016-5023 (Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15,
11.4.1 ...)
NOT-FOR-US: BIG-IP
-CVE-2016-5022
- RESERVED
+CVE-2016-5022 (F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x
before ...)
+ TODO: check
CVE-2016-5021 (The iControl REST service in F5 BIG-IP LTM, AAM, AFM,
Analytics, APM, ...)
NOT-FOR-US: BIG-IP
CVE-2016-5020 (F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users
to ...)
@@ -9977,6 +10000,7 @@
NOTE: https://github.com/stedolan/jq/issues/1136
NOTE: http://www.openwall.com/lists/oss-security/2016/04/24/3
CVE-2016-4069 (Cross-site request forgery (CSRF) vulnerability in Roundcube
Webmail ...)
+ {DLA-613-1}
- roundcube 1.1.5+dfsg.1-1 (bug #822333)
NOTE: https://github.com/roundcube/roundcubemail/issues/4957
NOTE:
https://github.com/roundcube/roundcubemail/wiki/Changelog#release-115
@@ -19595,12 +19619,10 @@
RESERVED
CVE-2016-1243
RESERVED
-CVE-2016-1242
- RESERVED
+CVE-2016-1242 (file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x
before ...)
{DSA-3656-1 DLA-607-1}
- tryton-server 4.0.4-1
-CVE-2016-1241
- RESERVED
+CVE-2016-1241 (Tryton 3.x before 3.2.17, 3.4.x before 3.4.14, 3.6.x before
3.6.12, ...)
{DSA-3656-1}
- tryton-server 4.0.4-1
[wheezy] - tryton-server <not-affected> (password_hash field introduced
in 3.2 series)
@@ -44271,6 +44293,7 @@
NOTE: Request to mark the package as unsupported in #779104
NOTE: http://piwigo.org/releases/2.7.3
CVE-2015-1433 (program/lib/Roundcube/rcube_washtml.php in Roundcube before
1.0.5 does ...)
+ {DLA-613-1}
- roundcube 0.9.5+dfsg1-4.2 (low; bug #776700)
[wheezy] - roundcube <no-dsa> (Minor issue)
[squeeze] - roundcube <no-dsa> (Minor issue)
@@ -47445,6 +47468,7 @@
[wheezy] - lftp <no-dsa> (Minor issue)
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2015/03/12/10
CVE-2014-9587 (Multiple cross-site request forgery (CSRF) vulnerabilities in
...)
+ {DLA-613-1}
- roundcube 1.1.1+dfsg.1-2 (bug #775576)
[squeeze] - roundcube <no-dsa> (Minor issue)
[wheezy] - roundcube <no-dsa> (Minor issue)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
