automatic update

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@44661 e39458fd-73e7-0310-bf30-c45bca0a0e42

6 files changed, 33 insertions, 36 deletions

diff --git a/data/CVE/1999.list b/data/CVE/1999.list
index a9537f9688..430656ea1e 100644
--- a/data/CVE/1999.list
+++ b/data/CVE/1999.list
@@ -835,7 +835,7 @@ CVE-1999-0734 (A default configuration of CiscoSecure Access Control Server (ACS
 	NOT-FOR-US: Cisco
 CVE-1999-0733 (Buffer overflow in VMWare 1.0.1 for Linux via a long HOME ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0732 (The logging facilitity of the Debian smtp-refuser package allows local ...)
+CVE-1999-0732 (The logging facility of the Debian smtp-refuser package allows local ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0731 (The KDE klock program allows local users to unlock a session using ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
diff --git a/data/CVE/2000.list b/data/CVE/2000.list
index 908780e126..6be4aed838 100644
--- a/data/CVE/2000.list
+++ b/data/CVE/2000.list
@@ -1438,7 +1438,7 @@ CVE-2000-0217 (The default configuration of SSH allows X forwarding, which could
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2000-0215 (Vulnerability in SCO cu program in UnixWare 7.x allows local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0212 (InterAccess TelnetID Server 4.0 allows remote attackers to conduct a ...)
+CVE-2000-0212 (InterAccess TelnetD Server 4.0 allows remote attackers to conduct a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2000-0211 (The Windows Media server allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
diff --git a/data/CVE/2001.list b/data/CVE/2001.list
index 22b030ba71..f429579bd1 100644
--- a/data/CVE/2001.list
+++ b/data/CVE/2001.list
@@ -578,7 +578,7 @@ CVE-2001-1098 (Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password
 	NOT-FOR-US: Cisco
 CVE-2001-1096 (Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a ...)
 	NOT-FOR-US: AIX
-CVE-2001-1095 (Buffer overflow in uuq in AIX 4 could alllow local users to execute ...)
+CVE-2001-1095 (Buffer overflow in uuq in AIX 4 could allow local users to execute ...)
 	NOT-FOR-US: AIX
 CVE-2001-1089 (libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
diff --git a/data/CVE/2002.list b/data/CVE/2002.list
index 71d09e280a..f71a3834b2 100644
--- a/data/CVE/2002.list
+++ b/data/CVE/2002.list
@@ -3976,7 +3976,7 @@ CVE-2002-0488 (Linux Directory Penguin traceroute.pl CGI script 1.0 allows remot
 	NOT-FOR-US: Linux Directory Penguin
 CVE-2002-0484 (move_uploaded_file in PHP does not does not check for the base ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0473 (db.php in phBB 2.0 (aka phBB2) RC-3 and earlier allows remote ...)
+CVE-2002-0473 (db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-0464 (Directory traversal vulnerability in Hosting Controller 1.4.1 and ...)
 	NOT-FOR-US: Hosting Controller
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index ba4d3a8722..0a3332fa31 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -11872,7 +11872,7 @@ CVE-2014-5335 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...
 	NOT-FOR-US: innovaphone PBX
 CVE-2014-5334
 	RESERVED
-CVE-2014-5332 (Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 alllows ...)
+CVE-2014-5332 (Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local ...)
 	- linux <not-affected> (drivers/video/tegra not present)
 	NOTE: http://googleprojectzero.blogspot.de/2015/01/exploiting-nvmap-to-escape-chrome.html
 CVE-2014-5331 (Cross-site scripting (XSS) vulnerability in Aflax allows remote ...)
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index 62bcc4488d..cef88748b1 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -1,4 +1,5 @@
 CVE-2016-7423 [scsi: mptsas: OOB access when freeing MPTSASRequest object]
+	RESERVED
 	- qemu <unfixed>
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -10,6 +11,7 @@ CVE-2016-7423 [scsi: mptsas: OOB access when freeing MPTSASRequest object]
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=e351b82611293683c4cabe4b69b7552bde5d4e2a (v2.6.0-rc0)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=670e56d3ed2918b3861d9216f2c0540d9e9ae0d5
 CVE-2016-7422 [virtio: null pointer dereference in virtqueue_map_desc]
+	RESERVED
 	- qemu <unfixed>
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -19,6 +21,7 @@ CVE-2016-7422 [virtio: null pointer dereference in virtqueue_map_desc]
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=3b3b0628217e2726069990ff9942a5d6d9816bd7 (v2.6.0-rc0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/4
 CVE-2016-7421 [scsi: pvscsi: infinite loop when processing IO requests]
+	RESERVED
 	- qemu <unfixed>
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after 1.5)
 	- qemu-kvm <not-affected> (Vulnerable code not present, introduced after 1.5)
@@ -1619,8 +1622,7 @@ CVE-2016-7425
 	RESERVED
 CVE-2016-7424
 	RESERVED
-CVE-2016-7420 [Library documentation lacks treatment of -DNDEBUG and Static Initialization]
-	RESERVED
+CVE-2016-7420 (Crypto++ (aka cryptopp) through 5.6.4 does not document the ...)
 	- libcrypto++ <unfixed>
 	NOTE: https://github.com/weidai11/cryptopp/issues/277
 CVE-2016-7419
@@ -2949,8 +2951,8 @@ CVE-2016-6938
 	RESERVED
 CVE-2016-6937
 	RESERVED
-CVE-2016-6936
-	RESERVED
+CVE-2016-6936 (Adobe AIR SDK &amp; Compiler before 23.0.0.257 on Windows does not support ...)
+	TODO: check
 CVE-2016-6935
 	RESERVED
 CVE-2016-6934
@@ -3613,7 +3615,7 @@ CVE-2016-6663
 	RESERVED
 CVE-2016-6662 [privilege escalation through ld_preload hijacking and my.cnf rewrite]
 	RESERVED
-	{DSA-3666-1}
+	{DSA-3666-1 DLA-624-1}
 	- mariadb-10.0 10.0.27-1
 	- mysql-5.6 <unfixed>
 	- mysql-5.5 <removed>
@@ -4866,13 +4868,11 @@ CVE-2016-6305
 	RESERVED
 CVE-2016-6304
 	RESERVED
-CVE-2016-6303
-	RESERVED
+CVE-2016-6303 (Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c ...)
 	- openssl <unfixed>
 	[jessie] - openssl <no-dsa> (Wait until next openssl update round)
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=55d83bf7c10c7b205fffa23fa7c3977491e56c07
-CVE-2016-6302
-	RESERVED
+CVE-2016-6302 (The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before ...)
 	- openssl <unfixed>
 	[jessie] - openssl <no-dsa> (Wait until next openssl update round)
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=e97763c92c655dcf4af2860b3abd2bc4c8a267f9
@@ -11189,22 +11189,22 @@ CVE-2016-4265 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Read
 	NOT-FOR-US: Adobe
 CVE-2016-4264 (The Office Open XML (OOXML) feature in Adobe ColdFusion 10 before ...)
 	TODO: check
-CVE-2016-4263
-	RESERVED
-CVE-2016-4262
-	RESERVED
-CVE-2016-4261
-	RESERVED
-CVE-2016-4260
-	RESERVED
-CVE-2016-4259
-	RESERVED
-CVE-2016-4258
-	RESERVED
-CVE-2016-4257
-	RESERVED
-CVE-2016-4256
-	RESERVED
+CVE-2016-4263 (Use-after-free vulnerability in Adobe Digital Editions before 4.5.2 ...)
+	TODO: check
+CVE-2016-4262 (Adobe Digital Editions before 4.5.2 allows attackers to execute ...)
+	TODO: check
+CVE-2016-4261 (Adobe Digital Editions before 4.5.2 allows attackers to execute ...)
+	TODO: check
+CVE-2016-4260 (Adobe Digital Editions before 4.5.2 allows attackers to execute ...)
+	TODO: check
+CVE-2016-4259 (Adobe Digital Editions before 4.5.2 allows attackers to execute ...)
+	TODO: check
+CVE-2016-4258 (Adobe Digital Editions before 4.5.2 allows attackers to execute ...)
+	TODO: check
+CVE-2016-4257 (Adobe Digital Editions before 4.5.2 allows attackers to execute ...)
+	TODO: check
+CVE-2016-4256 (Adobe Digital Editions before 4.5.2 allows attackers to execute ...)
+	TODO: check
 CVE-2016-4255 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
 	NOT-FOR-US: Adobe
 CVE-2016-4254 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
@@ -17176,13 +17176,11 @@ CVE-2016-2183 (The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSe
 	NOTE: What was done in OpenSSL: https://www.openssl.org/blog/blog/2016/08/24/sweet32/
 	NOTE: Python issue: https://bugs.python.org/issue27850
 	TODO: not clear if this should be assigned to individual source, like openssl and nss (openpvn got a own CVE)
-CVE-2016-2182
-	RESERVED
+CVE-2016-2182 (The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 ...)
 	- openssl <unfixed>
 	[jessie] - openssl <no-dsa> (Wait until next openssl update round)
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=07bed46f332fce8c1d157689a2cdf915a982ae34
-CVE-2016-2181
-	RESERVED
+CVE-2016-2181 (The Anti-Replay feature in the DTLS implementation in OpenSSL before ...)
 	- openssl <unfixed>
 	[jessie] - openssl <no-dsa> (Wait until next openssl update round)
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=1fb9fdc3027b27d8eb6a1e6a846435b070980770
@@ -17190,8 +17188,7 @@ CVE-2016-2180 (The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509
 	- openssl <unfixed>
 	[jessie] - openssl <no-dsa> (Wait until next openssl update round)
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=0ed26acce328ec16a3aa635f1ca37365e8c7403a
-CVE-2016-2179
-	RESERVED
+CVE-2016-2179 (The DTLS implementation in OpenSSL before 1.1.0 does not properly ...)
 	- openssl <unfixed>
 	[jessie] - openssl <no-dsa> (Wait until next openssl update round)
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=f5c7f5dfbaf0d2f7d946d0fe86f08e6bcb36ed0d