Author: sectracker
Date: 2017-02-17 09:10:24 +0000 (Fri, 17 Feb 2017)
New Revision: 49018
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-16 23:53:25 UTC (rev 49017)
+++ data/CVE/list 2017-02-17 09:10:24 UTC (rev 49018)
@@ -1,3 +1,7 @@
+CVE-2017-6058
+ RESERVED
+CVE-2017-6057
+ RESERVED
CVE-2017-6055
RESERVED
CVE-2017-6054
@@ -80,8 +84,8 @@
RESERVED
CVE-2017-6015
RESERVED
-CVE-2017-6014
- RESERVED
+CVE-2017-6014 (In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG
4607 ...)
+ TODO: check
CVE-2017-6013
RESERVED
CVE-2017-6012
@@ -124,8 +128,8 @@
REJECTED
CVE-2017-5999
RESERVED
-CVE-2017-5998
- RESERVED
+CVE-2017-5998 (Cross-site scripting (XSS) vulnerability in InterSect Alliance
SNARE ...)
+ TODO: check
CVE-2017-5997 (The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49
allows ...)
NOT-FOR-US: SAP Message Server
CVE-2017-5996
@@ -183,7 +187,7 @@
NOTE: http://trac.kodi.tv/ticket/17314
CVE-2017-5681
RESERVED
-CVE-2017-6056 [tomcat DoS via infinite loop in HTTPS request processing]
+CVE-2017-6056 (It was discovered that a programming error in the processing of
HTTPS ...)
{DSA-3788-1 DSA-3787-1 DLA-823-1}
- tomcat8 <unfixed> (bug #851304)
- tomcat7 7.0.72-3
@@ -2452,8 +2456,8 @@
NOT-FOR-US: GeniXMS
CVE-2017-5345 (SQL injection vulnerability in ...)
NOT-FOR-US: GeniXMS
-CVE-2017-5344
- RESERVED
+CVE-2017-5344 (An issue was discovered in dotCMS through 3.6.1. The ...)
+ TODO: check
CVE-2017-5343
RESERVED
CVE-2017-5342 (In tcpdump before 4.9.0, a bug in multiple protocol parsers
(Geneve, ...)
@@ -3270,114 +3274,93 @@
RESERVED
CVE-2017-5028
RESERVED
-CVE-2017-5027
- RESERVED
-CVE-2017-5026
- RESERVED
+CVE-2017-5027 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows
and ...)
+ TODO: check
+CVE-2017-5026 (Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac,
failed ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5025
- RESERVED
+CVE-2017-5025 (FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux,
Windows and ...)
{DSA-3776-1}
- chromium-browser 44.0.2403.157-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- ffmpeg 7:3.2.4-1
-CVE-2017-5024
- RESERVED
+CVE-2017-5024 (FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux,
Windows and ...)
{DSA-3776-1}
- chromium-browser 44.0.2403.157-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- ffmpeg 7:3.2.4-1
-CVE-2017-5023
- RESERVED
+CVE-2017-5023 (Type confusion in Histogram in Google Chrome prior to
56.0.2924.76 for ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5022
- RESERVED
+CVE-2017-5022 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows
and ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5021
- RESERVED
+CVE-2017-5021 (A use after free in Google Chrome prior to 56.0.2924.76 for
Linux, ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5020
- RESERVED
+CVE-2017-5020 (Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac,
and ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5019
- RESERVED
+CVE-2017-5019 (A use after free in Google Chrome prior to 56.0.2924.76 for
Linux, ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5018
- RESERVED
+CVE-2017-5018 (Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac,
and ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5017
- RESERVED
+CVE-2017-5017 (Interactions with the OS in Google Chrome prior to 56.0.2924.76
for Mac ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5016
- RESERVED
+CVE-2017-5016 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows
and ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5015
- RESERVED
+CVE-2017-5015 (Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac,
and ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5014
- RESERVED
+CVE-2017-5014 (Heap buffer overflow during image processing in Skia in Google
Chrome ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5013
- RESERVED
+CVE-2017-5013 (Google Chrome prior to 56.0.2924.76 for Linux incorrectly
handled new ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5012
- RESERVED
+CVE-2017-5012 (A heap buffer overflow in V8 in Google Chrome prior to
56.0.2924.76 for ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- libv8 <unfixed> (unimportant)
NOTE: libv8 not covered by security support
-CVE-2017-5011
- RESERVED
+CVE-2017-5011 (Google Chrome prior to 56.0.2924.76 for Windows insufficiently
...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5010
- RESERVED
+CVE-2017-5010 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows
and ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5009
- RESERVED
+CVE-2017-5009 (WebRTC in Google Chrome prior to 56.0.2924.76 for Linux,
Windows and ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5008
- RESERVED
+CVE-2017-5008 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows
and ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5007
- RESERVED
+CVE-2017-5007 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows
and ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5006
- RESERVED
+CVE-2017-5006 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows
and ...)
{DSA-3776-1}
- chromium-browser 56.0.2924.76-3
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -14746,13 +14729,13 @@
NOTE: http://tracker.ceph.com/issues/18187
CVE-2016-9578
RESERVED
- {DSA-3790-1}
+ {DSA-3790-1 DLA-825-1}
- spice 0.12.8-2.1 (bug #854336)
NOTE: Fixed by:
https://cgit.freedesktop.org/spice/spice/commit/?h=0.12&id=1c6517973095a67c8cb57f3550fc1298404ab556
(0.12.x)
NOTE: Fixed by:
https://cgit.freedesktop.org/spice/spice/commit/?h=0.12&id=f66dc643635518e53dfbe5262f814a64eec54e4a
(0.12.x)
CVE-2016-9577
RESERVED
- {DSA-3790-1}
+ {DSA-3790-1 DLA-825-1}
- spice 0.12.8-2.1 (bug #854336)
NOTE: Fixed by:
https://cgit.freedesktop.org/spice/spice/commit/?h=0.12&id=5f96b596353d73bdf4bb3cd2de61e48a7fd5b4c3
(0.12.x)
CVE-2016-10088 (The sg implementation in the Linux kernel through 4.9 does not
...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
