diff options
Diffstat (limited to 'data/CVE/2016.list')
-rw-r--r-- | data/CVE/2016.list | 607 |
1 files changed, 343 insertions, 264 deletions
diff --git a/data/CVE/2016.list b/data/CVE/2016.list index 556f1cb8a5..d7e669870d 100644 --- a/data/CVE/2016.list +++ b/data/CVE/2016.list @@ -1,51 +1,99 @@ +CVE-2016-20013 (sha256crypt and sha512crypt through 0.6 allow attackers to cause a den ...) + NOTE: https://akkadia.org/drepper/SHA-crypt.txt + NOTE: https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/ + NOTE: https://twitter.com/solardiz/status/795601240151457793 + TODO: check, several sources (busybox, sssd, dietlibc, php*, ...) do embed an implentation of the code, but only track those with security impact +CVE-2016-20012 (OpenSSH through 8.7 allows remote attackers, who have a suspicion that ...) + - openssh <unfixed> (unimportant) + NOTE: https://github.com/openssh/openssh-portable/pull/270 + NOTE: Negligible impact, not treated as a security issue by upstream +CVE-2016-20011 (libgrss through 0.7.0 fails to perform TLS certificate verification wh ...) + - libgrss <unfixed> (bug #989149) + [bullseye] - libgrss <ignored> (Minor issue) + [buster] - libgrss <ignored> (Minor issue) + [stretch] - libgrss <ignored> (Minor issue) + NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=772647 + NOTE: https://gitlab.gnome.org/GNOME/libgrss/-/issues/4 +CVE-2016-20010 (EWWW Image Optimizer before 2.8.5 allows remote command execution beca ...) + NOT-FOR-US: EWWW Image Optimizer +CVE-2016-20009 (** UNSUPPORTED WHEN ASSIGNED ** A DNS client stack-based buffer overfl ...) + NOT-FOR-US: Wind River VxWorks +CVE-2016-20008 (The REST/JSON project 7.x-1.x for Drupal allows session enumeration, a ...) + NOT-FOR-US: REST/JSON project for Drupal +CVE-2016-20007 (The REST/JSON project 7.x-1.x for Drupal allows session name guessing, ...) + NOT-FOR-US: REST/JSON project for Drupal +CVE-2016-20006 (The REST/JSON project 7.x-1.x for Drupal allows blockage of user login ...) + NOT-FOR-US: REST/JSON project for Drupal +CVE-2016-20005 (The REST/JSON project 7.x-1.x for Drupal allows user registration bypa ...) + NOT-FOR-US: REST/JSON project for Drupal +CVE-2016-20004 (The REST/JSON project 7.x-1.x for Drupal allows field access bypass, a ...) + NOT-FOR-US: REST/JSON project for Drupal +CVE-2016-20003 (The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka ...) + NOT-FOR-US: REST/JSON project for Drupal +CVE-2016-20002 (The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, ...) + NOT-FOR-US: REST/JSON project for Drupal +CVE-2016-20001 (The REST/JSON project 7.x-1.x for Drupal allows node access bypass, ak ...) + NOT-FOR-US: REST/JSON project for Drupal +CVE-2016-15001 + REJECTED +CVE-2016-11086 (lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby doe ...) + [experimental] - ruby-oauth 0.5.6-1 + - ruby-oauth <unfixed> (unimportant; bug #970932) + NOTE: https://github.com/oauth-xx/oauth-ruby/issues/137 + NOTE: Likely minor issue since the package that exist is generated by ca-certificates + NOTE: package and ca-certificates in the package dependency list. Hence even though the + NOTE: package is vulnerable the problem do not exist in Debian unless the admin has + NOTE: explicitly removed the file from the filesystem. + NOTE: Fixing this vulnerability can cause a regression in the case the + NOTE: admin has intentionally removed this file to not check certificates. CVE-2016-11085 (php/qmn_options_questions_tab.php in the quiz-master-next plugin befor ...) NOT-FOR-US: Wordpress plugin CVE-2016-11084 (An issue was discovered in Mattermost Server before 2.1.0. It allows X ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11083 (An issue was discovered in Mattermost Server before 2.2.0. It allows X ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11082 (An issue was discovered in Mattermost Server before 2.2.0. It allows X ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11081 (An issue was discovered in Mattermost Server before 2.2.0. It allows u ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11080 (An issue was discovered in Mattermost Server before 3.0.0. It offers s ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11079 (An issue was discovered in Mattermost Server before 3.0.0. It allows X ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11078 (An issue was discovered in Mattermost Server before 3.0.0. It potentia ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11077 (An issue was discovered in Mattermost Server before 3.0.0. It has a su ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11076 (An issue was discovered in Mattermost Server before 3.0.0. It does not ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11075 (An issue was discovered in Mattermost Server before 3.0.0. It allows a ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11074 (An issue was discovered in Mattermost Server before 3.0.0. A password- ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11073 (An issue was discovered in Mattermost Server before 3.0.0. It allows X ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11072 (An issue was discovered in Mattermost Server before 3.0.2. The purpose ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11071 (An issue was discovered in Mattermost Server before 3.1.0. It allows X ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11070 (An issue was discovered in Mattermost Server before 3.1.0. It allows X ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11069 (An issue was discovered in Mattermost Server before 3.2.0. It mishandl ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11068 (An issue was discovered in Mattermost Server before 3.2.0. Attackers c ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11067 (An issue was discovered in Mattermost Server before 3.2.0. It allowed ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11066 (An issue was discovered in Mattermost Server before 3.2.0. The initial ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11065 (An issue was discovered in Mattermost Server before 3.3.0. An attacker ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11064 (An issue was discovered in Mattermost Desktop App before 3.4.0. String ...) - NOT-FOR-US: Mattermost + - mattermost-desktop <itp> (bug #831861) CVE-2016-11063 (An issue was discovered in Mattermost Server before 3.5.1. XSS can occ ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11062 (An issue was discovered in Mattermost Server before 3.5.1. E-mail addr ...) - NOT-FOR-US: Mattermost + - mattermost-server <itp> (bug #823556) CVE-2016-11061 (Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 7 ...) NOT-FOR-US: Xerox CVE-2016-11060 (Certain NETGEAR devices are affected by insecure renegotiation. This a ...) @@ -300,7 +348,7 @@ CVE-2016-10937 (IMAPFilter through 2.6.12 does not validate the hostname in an S [buster] - imapfilter <no-dsa> (Minor issue) [stretch] - imapfilter <no-dsa> (Minor issue) NOTE: https://github.com/lefcha/imapfilter/issues/142 - NOTE: Patch for support for hostname validation (requrires OpenSSL 1.1.0 and later): + NOTE: Patch for support for hostname validation (requrires OpenSSL 1.1.0 and later): NOTE: https://github.com/lefcha/imapfilter/commit/bf2515da752eddd54973adb0853c6aa289e921b6 NOTE: Patch for support for hostname validation (for OpenSSL 1.0.2 and later): NOTE: https://github.com/lefcha/imapfilter/commit/3daa2692e37fc52ce630e39a3fb6faf270c054b1 @@ -713,11 +761,11 @@ CVE-2016-10743 (hostapd before 2.6 does not prevent use of the low-quality PRNG NOTE: There was already a 2.6 upload late in 2016 but then reverted to a 2.4 based NOTE: version and only reuploaded as 2:2.6-7 to unstable. CVE-2016-10742 (Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before ...) - {DLA-1708-1} + {DLA-2461-1 DLA-1708-1} - zabbix 1:3.0.17+dfsg-1 (low) - [stretch] - zabbix <no-dsa> (Minor issue) NOTE: https://support.zabbix.com/browse/ZBX-10272 NOTE: https://support.zabbix.com/browse/ZBX-13133 + NOTE: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/2b340b8128af6c00469ef4066de16d4b1e81c841 (3.0.13rc1) CVE-2016-1000282 (Haraka version 2.8.8 and earlier comes with a plugin for processing at ...) NOT-FOR-US: Haraka CVE-2016-1000276 @@ -1311,7 +1359,7 @@ CVE-2016-10517 (networking.c in Redis before 3.2.7 allows "Cross Protocol Script CVE-2016-10516 (Cross-site scripting (XSS) vulnerability in the render_full function i ...) {DLA-1191-1} - python-werkzeug 0.11.11+dfsg1-1 - [jessie] - python-werkzeug <no-dsa> (Minor issue) + [jessie] - python-werkzeug 0.9.6+dfsg-1+deb8u1 NOTE: http://blog.neargle.com/2016/09/21/flask-src-review-get-a-xss-from-debuger/ NOTE: https://github.com/pallets/werkzeug/pull/1001 NOTE: https://github.com/pallets/werkzeug/commit/1034edc7f901dd645ec6e462754111b39002bd65 @@ -1766,7 +1814,7 @@ CVE-2016-10347 (In all Qualcomm products with Android releases from CAF using th CVE-2016-10346 (In all Qualcomm products with Android releases from CAF using the Linu ...) NOT-FOR-US: Qualcomm driver for Android CVE-2016-10345 (In Phusion Passenger before 5.1.0, a known /tmp filename was used duri ...) - - passenger <unfixed> (unimportant) + - passenger 6.0.10-1 (unimportant) NOTE: https://github.com/phusion/passenger/commit/e5b4b0824d6b648525b4bf63d9fa37e5beeae441 NOTE: Source present, but passenger-install-nginx-module not installed CVE-2016-10344 (In all Qualcomm products with Android releases from CAF using the Linu ...) @@ -1986,7 +2034,7 @@ CVE-2016-10270 (LibTIFF 4.0.7 allows remote attackers to cause a denial of servi NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/ NOTE: https://github.com/vadz/libtiff/commit/9a72a69e035ee70ff5c41541c8c61cd97990d018 NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2608 -CVE-2016-10269 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service (he ...) +CVE-2016-10269 (LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0. ...) {DSA-3844-1 DLA-877-1} - tiff 4.0.7-2 - tiff3 <removed> @@ -2075,13 +2123,15 @@ CVE-2016-10248 (The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before NOTE: Not suitable for code injection, hardly denial of service NOTE: https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd CVE-2016-10247 (Buffer overflow in the my_getline function in jstest_main.c in Mujstes ...) - - mupdf <unfixed> (unimportant) + {DLA-2765-1} + - mupdf 1.11+ds1-1 (unimportant) [wheezy] - mupdf <not-affected> (Vulnerable code not present) NOTE: Although jstest_main.c compiled during build and mujstest is created NOTE: it is not included in the produced binary packages NOTE: https://www.openwall.com/lists/oss-security/2016/10/16/19 CVE-2016-10246 (Buffer overflow in the main function in jstest_main.c in Mujstest in A ...) - - mupdf <unfixed> (unimportant) + {DLA-2765-1} + - mupdf 1.11+ds1-1 (unimportant) [wheezy] - mupdf <not-affected> (Vulnerable code not present) NOTE: Although jstest_main.c compiled during build and mujstest is created NOTE: it is not included in the produced binary packages @@ -2137,7 +2187,7 @@ CVE-2016-10229 (udp.c in the Linux kernel before 4.5 allows remote attackers to [jessie] - linux 3.16.7-ckt20-1+deb8u2 [wheezy] - linux 3.2.73-2+deb7u2 NOTE: Fixed by: https://git.kernel.org/linus/197c949e7798fbf28cfadc69d9ca0c2abbf93191 (v4.5-rc1) -CVE-2016-10228 (The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and e ...) +CVE-2016-10228 (The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and e ...) - glibc 2.31-3 (low; bug #856503) [buster] - glibc <no-dsa> (Minor issue) [stretch] - glibc <no-dsa> (Minor issue) @@ -2373,7 +2423,6 @@ CVE-2016-10170 (The WriteCaffHeader function in cli/caff.c in Wavpack before 5.1 NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0) CVE-2016-10169 (The read_code function in read_words.c in Wavpack before 5.1.0 allows ...) - wavpack 5.0.0-2 (bug #853076) - [jessie] - wavpack <no-dsa> (Minor issue) [wheezy] - wavpack <no-dsa> (Minor issue) NOTE: https://sourceforge.net/p/wavpack/mailman/message/35557889/ NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0) @@ -2548,11 +2597,17 @@ CVE-2016-10145 (Off-by-one error in coders/wpg.c in ImageMagick allows remote at NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/d23beebe7b1179fb75db1e85fbca3100e49593d9 NOTE: https://www.openwall.com/lists/oss-security/2017/01/16/6 CVE-2016-10141 (An integer overflow vulnerability was observed in the regemit function ...) - NOT-FOR-US: MuJS + - mujs <not-affected> (Fixed before initial upload to Debian) + NOTE: http://git.ghostscript.com/?p=mujs.git;h=fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045 + NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697448 CVE-2016-10133 (Heap-based buffer overflow in the js_stackoverflow function in jsrun.c ...) - NOT-FOR-US: MuJS + - mujs <not-affected> (Fixed before initial upload to Debian) + NOTE: http://git.ghostscript.com/?p=mujs.git;a=commit;h=77ab465f1c394bb77f00966cd950650f3f53cb24 + NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697401 CVE-2016-10132 (regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a de ...) - NOT-FOR-US: MuJS + - mujs <not-affected> (Fixed before initial upload to Debian) + NOTE: http://git.ghostscript.com/?p=mujs.git;h=fd003eceda531e13fbdd1aeb6e9c73156496e569 + NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697381 CVE-2016-10131 (system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote a ...) - codeigniter <itp> (bug #471583) CVE-2016-10130 (The http_connect function in transports/http.c in libgit2 before 0.24. ...) @@ -2582,6 +2637,7 @@ CVE-2016-10125 (D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hard NOT-FOR-US: D-Link CVE-2016-10127 (PySAML2 allows remote attackers to conduct XML external entity (XXE) a ...) - python-pysaml2 <unfixed> (low; bug #859135) + [bullseye] - python-pysaml2 <no-dsa> (Minor issue) [buster] - python-pysaml2 <no-dsa> (Minor issue) [stretch] - python-pysaml2 <no-dsa> (Minor issue) [jessie] - python-pysaml2 <no-dsa> (Minor issue) @@ -2707,7 +2763,7 @@ CVE-2016-10094 (Off-by-one error in the t2p_readwrite_pdf_image_tile function in - tiff3 <not-affected> (vulnerable code introduced later) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2640 NOTE: Fixed by: https://github.com/vadz/libtiff/commit/c7153361a4041260719b340f73f2f76b0969235c -CVE-2016-10093 (Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7 allows remote atta ...) +CVE-2016-10093 (Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9 ...) {DSA-3762-1 DLA-795-1} - tiff 4.0.7-2 - tiff3 <removed> @@ -3339,7 +3395,7 @@ CVE-2016-9891 (Cross-site scripting (XSS) vulnerability in admin/media.php and a CVE-2016-9890 RESERVED CVE-2016-9889 (Some forms with the parameter geo_zoomlevel_to_found_location in Tiki ...) - NOT-FOR-US: Tiki Wiki + - tikiwiki <removed> CVE-2016-9888 (An error within the "tar_directory_for_file()" function (gsf-infile-ta ...) {DLA-2183-1 DLA-740-1} - libgsf 1.14.41-1 @@ -4730,7 +4786,7 @@ CVE-2016-9480 (libdwarf 2016-10-21 allows context-dependent attackers to obtain NOTE: https://sourceforge.net/p/libdwarf/bugs/5/ NOTE: https://sourceforge.net/p/libdwarf/code/ci/5dd64de047cd5ec479fb11fe7ff2692fd819e5e5/ NOTE: The code has substantially changed in libdwarf/dwarf_util.c from older - NOTE: versions, but there seem to be still back then an unchecked dereference + NOTE: versions, but there seem to be still back then an unchecked dereference NOTE: of val_ptr. CVE-2016-9479 (The "lost password" functionality in b2evolution before 6.7.9 allows r ...) - b2evolution <removed> @@ -5587,7 +5643,9 @@ CVE-2016-9296 (A null pointer dereference bug affects the 16.02 and many old ver NOTE: https://sourceforge.net/p/p7zip/bugs/185/ NOTE: no security impact CVE-2016-9294 (Artifex Software, Inc. MuJS before 5008105780c0b0182ea6eda83ad5598f225 ...) - NOT-FOR-US: MuJS + - mujs <not-affected> (Fixed before initial upload to Debian) + NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697172 + NOTE: http://git.ghostscript.com/?p=mujs.git;a=commit;h=5008105780c0b0182ea6eda83ad5598f225be3ee CVE-2016-9279 (Use-after-free vulnerability in the Samsung Exynos fimg2d driver for A ...) NOT-FOR-US: Samsung Exynos fimg2d driver for Android CVE-2016-9278 (The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, o ...) @@ -5949,7 +6007,8 @@ CVE-2016-9180 (perl-XML-Twig: The option to `expand_external_ents`, documented a NOTE: Release 3.50 adds a no_xxe flag which will fail to parse files with external entities. NOTE: 2016-12-13: The corresponding changes is not in the public git repository yet: https://github.com/mirod/xmltwig/commits/master CVE-2016-9136 (Artifex Software, Inc. MuJS before a0ceaf5050faf419401fe1b83acfa950ec8 ...) - NOT-FOR-US: MuJS + - mujs <not-affected> (Fixed before initial upload to Debian) + NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697244 CVE-2016-9135 (Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/fra ...) NOT-FOR-US: Exponent CMS CVE-2016-9134 (Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/exp ...) @@ -6064,9 +6123,9 @@ CVE-2016-9090 CVE-2016-9089 RESERVED CVE-2016-9109 (Artifex Software MuJS allows attackers to cause a denial of service (c ...) - NOT-FOR-US: MuJS + - mujs <not-affected> (Fixed before initial upload to Debian) CVE-2016-9108 (Integer overflow in the js_regcomp function in regexp.c in Artifex Sof ...) - NOT-FOR-US: MuJS + - mujs <not-affected> (Fixed before initial upload to Debian) CVE-2016-9107 (The OTR plugin for Gajim sends information in cleartext when using XHT ...) - gajim-otr <itp> (bug #722130) NOTE: Upstream bug: https://trac-plugins.gajim.org/ticket/145 @@ -6311,18 +6370,18 @@ CVE-2016-9028 (Unauthorized redirect vulnerability in Citrix NetScaler ADC befor NOT-FOR-US: Citrix CVE-2016-9027 RESERVED -CVE-2016-9026 - RESERVED -CVE-2016-9025 - RESERVED +CVE-2016-9026 (Exponent CMS before 2.6.0 has improper input validation in fileControl ...) + NOT-FOR-US: Exponent CMS +CVE-2016-9025 (Exponent CMS before 2.6.0 has improper input validation in purchaseOrd ...) + NOT-FOR-US: Exponent CMS CVE-2016-9024 RESERVED -CVE-2016-9023 - RESERVED -CVE-2016-9022 - RESERVED -CVE-2016-9021 - RESERVED +CVE-2016-9023 (Exponent CMS before 2.6.0 has improper input validation in cron/find_h ...) + NOT-FOR-US: Exponent CMS +CVE-2016-9022 (Exponent CMS before 2.6.0 has improper input validation in usersContro ...) + NOT-FOR-US: Exponent CMS +CVE-2016-9021 (Exponent CMS before 2.6.0 has improper input validation in storeContro ...) + NOT-FOR-US: Exponent CMS CVE-2016-9020 (SQL injection vulnerability in framework/modules/help/controllers/help ...) NOT-FOR-US: Exponent CMS CVE-2016-9019 (SQL injection vulnerability in the activate_address function in framew ...) @@ -6330,7 +6389,8 @@ CVE-2016-9019 (SQL injection vulnerability in the activate_address function in f CVE-2016-9018 (Improper handling of a repeating VRAT chunk in qcpfformat.dll allows a ...) NOT-FOR-US: RealPlayer CVE-2016-9017 (Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf ...) - NOT-FOR-US: MuJS + - mujs <not-affected> (Fixed before initial upload to Debian) + NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697171 CVE-2016-9015 (Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vul ...) - python-urllib3 <not-affected> (Issue only present in 1.17 and 1.18 releases) CVE-2016-9014 (Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x bef ...) @@ -7116,8 +7176,7 @@ CVE-2016-8880 REJECTED CVE-2016-8866 (The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick ...) {DLA-756-1} - - imagemagick <not-affected> - NOTE: For incomplete fix of CVE-2016-8862 + - imagemagick <not-affected> (Incomplete fix for CVE-2016-8862 not applied) NOTE: https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/ NOTE: This is not a real problem in imagemagick but caused by the "observer" (the address sanitizer), cf. NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30908#p140255 . @@ -8317,8 +8376,8 @@ CVE-2016-8332 (A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code executi CVE-2016-8331 (An exploitable remote code execution vulnerability exists in the handl ...) {DLA-693-1} - tiff 4.0.6-3 - - tiff3 <removed> [jessie] - tiff 4.0.3-12.3+deb8u2 + - tiff3 <removed> [wheezy] - tiff3 <not-affected> (Does not ship libtiff tools) NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0190/ NOTE: thumbnail(1) was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package @@ -8468,7 +8527,7 @@ CVE-2016-1000239 CVE-2016-1000238 RESERVED CVE-2016-1000237 (sanitize-html before 1.4.3 has XSS. ...) - NOT-FOR-US: sanitize-html + - node-sanitize-html <not-affected> (Fixed before initial upload) CVE-2016-1000236 (Node-cookie-signature before 1.0.6 is affected by a timing attack due ...) - node-cookie-signature 1.1.0-1 (unimportant; bug #838618) NOTE: https://nodesecurity.io/advisories/134 @@ -8718,193 +8777,193 @@ CVE-2016-7444 (The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in Gnu NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1374266 NOTE: https://www.openwall.com/lists/oss-security/2016/09/18/3 CVE-2016-8200 - RESERVED + REJECTED CVE-2016-8199 - RESERVED + REJECTED CVE-2016-8198 - RESERVED + REJECTED CVE-2016-8197 - RESERVED + REJECTED CVE-2016-8196 - RESERVED + REJECTED CVE-2016-8195 - RESERVED + REJECTED CVE-2016-8194 - RESERVED + REJECTED CVE-2016-8193 - RESERVED + REJECTED CVE-2016-8192 - RESERVED + REJECTED CVE-2016-8191 - RESERVED + REJECTED CVE-2016-8190 - RESERVED + REJECTED CVE-2016-8189 - RESERVED + REJECTED CVE-2016-8188 - RESERVED + REJECTED CVE-2016-8187 - RESERVED + REJECTED CVE-2016-8186 - RESERVED + REJECTED CVE-2016-8185 - RESERVED + REJECTED CVE-2016-8184 - RESERVED + REJECTED CVE-2016-8183 - RESERVED + REJECTED CVE-2016-8182 - RESERVED + REJECTED CVE-2016-8181 - RESERVED + REJECTED CVE-2016-8180 - RESERVED + REJECTED CVE-2016-8179 - RESERVED + REJECTED CVE-2016-8178 - RESERVED + REJECTED CVE-2016-8177 - RESERVED + REJECTED CVE-2016-8176 - RESERVED + REJECTED CVE-2016-8175 - RESERVED + REJECTED CVE-2016-8174 - RESERVED + REJECTED CVE-2016-8173 - RESERVED + REJECTED CVE-2016-8172 - RESERVED + REJECTED CVE-2016-8171 - RESERVED + REJECTED CVE-2016-8170 - RESERVED + REJECTED CVE-2016-8169 - RESERVED + REJECTED CVE-2016-8168 - RESERVED + REJECTED CVE-2016-8167 - RESERVED + REJECTED CVE-2016-8166 - RESERVED + REJECTED CVE-2016-8165 - RESERVED + REJECTED CVE-2016-8164 - RESERVED + REJECTED CVE-2016-8163 - RESERVED + REJECTED CVE-2016-8162 - RESERVED + REJECTED CVE-2016-8161 - RESERVED + REJECTED CVE-2016-8160 - RESERVED + REJECTED CVE-2016-8159 - RESERVED + REJECTED CVE-2016-8158 - RESERVED + REJECTED CVE-2016-8157 - RESERVED + REJECTED CVE-2016-8156 - RESERVED + REJECTED CVE-2016-8155 - RESERVED + REJECTED CVE-2016-8154 - RESERVED + REJECTED CVE-2016-8153 - RESERVED + REJECTED CVE-2016-8152 - RESERVED + REJECTED CVE-2016-8151 - RESERVED + REJECTED CVE-2016-8150 - RESERVED + REJECTED CVE-2016-8149 - RESERVED + REJECTED CVE-2016-8148 - RESERVED + REJECTED CVE-2016-8147 - RESERVED + REJECTED CVE-2016-8146 - RESERVED + REJECTED CVE-2016-8145 - RESERVED + REJECTED CVE-2016-8144 - RESERVED + REJECTED CVE-2016-8143 - RESERVED + REJECTED CVE-2016-8142 - RESERVED + REJECTED CVE-2016-8141 - RESERVED + REJECTED CVE-2016-8140 - RESERVED + REJECTED CVE-2016-8139 - RESERVED + REJECTED CVE-2016-8138 - RESERVED + REJECTED CVE-2016-8137 - RESERVED + REJECTED CVE-2016-8136 - RESERVED + REJECTED CVE-2016-8135 - RESERVED + REJECTED CVE-2016-8134 - RESERVED + REJECTED CVE-2016-8133 - RESERVED + REJECTED CVE-2016-8132 - RESERVED + REJECTED CVE-2016-8131 - RESERVED + REJECTED CVE-2016-8130 - RESERVED + REJECTED CVE-2016-8129 - RESERVED + REJECTED CVE-2016-8128 - RESERVED + REJECTED CVE-2016-8127 - RESERVED + REJECTED CVE-2016-8126 - RESERVED + REJECTED CVE-2016-8125 - RESERVED + REJECTED CVE-2016-8124 - RESERVED + REJECTED CVE-2016-8123 - RESERVED + REJECTED CVE-2016-8122 - RESERVED + REJECTED CVE-2016-8121 - RESERVED + REJECTED CVE-2016-8120 - RESERVED + REJECTED CVE-2016-8119 - RESERVED + REJECTED CVE-2016-8118 - RESERVED + REJECTED CVE-2016-8117 - RESERVED + REJECTED CVE-2016-8116 - RESERVED + REJECTED CVE-2016-8115 - RESERVED + REJECTED CVE-2016-8114 - RESERVED + REJECTED CVE-2016-8113 - RESERVED + REJECTED CVE-2016-8112 - RESERVED + REJECTED CVE-2016-8111 - RESERVED + REJECTED CVE-2016-8110 - RESERVED + REJECTED CVE-2016-8109 - RESERVED + REJECTED CVE-2016-8108 - RESERVED + REJECTED CVE-2016-8107 - RESERVED + REJECTED CVE-2016-8106 (A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non ...) NOT-FOR-US: Intel driver CVE-2016-8105 (Drivers for the Intel Ethernet Controller X710 and Intel Ethernet Cont ...) @@ -9020,25 +9079,25 @@ CVE-2016-8051 CVE-2016-8050 REJECTED CVE-2016-8049 - RESERVED + REJECTED CVE-2016-8048 - RESERVED + REJECTED CVE-2016-8047 - RESERVED + REJECTED CVE-2016-8046 - RESERVED + REJECTED CVE-2016-8045 - RESERVED + REJECTED CVE-2016-8044 - RESERVED + REJECTED CVE-2016-8043 - RESERVED + REJECTED CVE-2016-8042 - RESERVED + REJECTED CVE-2016-8041 - RESERVED + REJECTED CVE-2016-8040 - RESERVED + REJECTED CVE-2016-8039 REJECTED CVE-2016-8038 @@ -9062,7 +9121,7 @@ CVE-2016-8030 (A memory corruption vulnerability in Scriptscan COM Object in McA CVE-2016-8029 REJECTED CVE-2016-8028 - RESERVED + REJECTED CVE-2016-8027 (SQL injection vulnerability in core services in Intel Security McAfee ...) NOT-FOR-US: Intel antivirus CVE-2016-8026 (Arbitrary command execution vulnerability in Intel Security McAfee Sec ...) @@ -9088,11 +9147,11 @@ CVE-2016-8017 (Special element injection vulnerability in Intel Security VirusSc CVE-2016-8016 (Information exposure in Intel Security VirusScan Enterprise Linux (VSE ...) NOT-FOR-US: Intel antivirus CVE-2016-8015 - RESERVED + REJECTED CVE-2016-8014 - RESERVED + REJECTED CVE-2016-8013 - RESERVED + REJECTED CVE-2016-8012 (Access control vulnerability in Intel Security Data Loss Prevention En ...) NOT-FOR-US: Intel antivirus CVE-2016-8011 (Cross-site scripting vulnerability in Intel Security McAfee Endpoint S ...) @@ -9110,13 +9169,13 @@ CVE-2016-8006 (Authentication bypass vulnerability in Enterprise Security Manage CVE-2016-8005 (File extension filtering vulnerability in Intel Security McAfee Email ...) NOT-FOR-US: Intel antivirus CVE-2016-8004 - RESERVED + REJECTED CVE-2016-8003 - RESERVED + REJECTED CVE-2016-8002 REJECTED CVE-2016-8001 - RESERVED + REJECTED CVE-2016-7999 (ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote at ...) {DLA-695-1} - spip 3.1.3-1 @@ -9288,6 +9347,7 @@ CVE-2016-7965 (DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead o NOTE: https://github.com/splitbrain/dokuwiki/issues/1709#issuecomment-262337572 CVE-2016-7964 (The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php ...) - dokuwiki <unfixed> (low; bug #844731) + [bullseye] - dokuwiki <ignored> (Minor issue) [buster] - dokuwiki <ignored> (Minor issue) [jessie] - dokuwiki <no-dsa> (Minor issue) [wheezy] - dokuwiki <no-dsa> (Minor issue) @@ -10283,9 +10343,11 @@ CVE-2016-7566 CVE-2016-7565 (install/index.php in Exponent CMS 2.3.9 allows remote attackers to exe ...) NOT-FOR-US: Exponent CMS CVE-2016-7564 (Heap-based buffer overflow in the Fp_toString function in jsfunction.c ...) - NOT-FOR-US: MuJS + - mujs <not-affected> (Fixed before initial upload to Debian) + NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697137 CVE-2016-7563 (The chartorune function in Artifex Software MuJS allows attackers to c ...) - NOT-FOR-US: MuJS + - mujs <not-affected> (Fixed before initial upload to Debian) + NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697136 CVE-2016-7562 (The ff_draw_pc_font function in libavcodec/cga_data.c in FFmpeg before ...) - ffmpeg 7:3.1.4-1 (bug #840434) NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/496267f8e9ec218351e4359e1fde48722d4fc804 (n3.1.4) @@ -10376,11 +10438,14 @@ CVE-2016-7507 (Cross-Site Request Forgery (CSRF) vulnerability in GLPI 0.90.4 al - glpi <removed> (unimportant) NOTE: Only supported behind an authenticated HTTP zone CVE-2016-7506 (An out-of-bounds read vulnerability was observed in Sp_replace_regexp ...) - NOT-FOR-US: MuJS + - mujs <not-affected> (Fixed before initial upload to Debian) + NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697141 CVE-2016-7505 (A buffer overflow vulnerability was observed in divby function of Arti ...) - NOT-FOR-US: MuJS + - mujs <not-affected> (Fixed before initial upload to Debian) + NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697140 CVE-2016-7504 (A use-after-free vulnerability was observed in Rp_toString function of ...) - NOT-FOR-US: MuJS + - mujs <not-affected> (Fixed before initial upload to Debian) + NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697142 CVE-2016-7503 RESERVED CVE-2016-7502 (The cavs_idct8_add_c function in libavcodec/cavsdsp.c in FFmpeg before ...) @@ -10718,24 +10783,24 @@ CVE-2016-7410 (The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf 2 NOTE: Introduced by (as confirmed by upstream): https://sourceforge.net/p/libdwarf/code/ci/b446e23dc21704ccd3b76d8945aaf39e4aca8c27 CVE-2016-7409 (The dbclient and server in Dropbear SSH before 2016.74, when compiled ...) - dropbear 2016.74-1 (unimportant) - NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/6a14b1f6dc04 + NOTE: https://hg.ucc.asn.au/dropbear/rev/6a14b1f6dc04 NOTE: Not an issue for the the Debian binary package since we do not NOTE: compile with DEBUG_TRACE. CVE-2016-7408 (The dbclient in Dropbear SSH before 2016.74 allows remote attackers to ...) - dropbear 2016.74-1 [jessie] - dropbear 2014.65-1+deb8u1 [wheezy] - dropbear <not-affected> (Vulnerable code not present) - NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/eed9376a4ad6 + NOTE: https://hg.ucc.asn.au/dropbear/rev/eed9376a4ad6 CVE-2016-7407 (The dropbearconvert command in Dropbear SSH before 2016.74 allows atta ...) {DLA-634-1} - dropbear 2016.74-1 [jessie] - dropbear 2014.65-1+deb8u1 - NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/34e6127ef02e + NOTE: https://hg.ucc.asn.au/dropbear/rev/34e6127ef02e CVE-2016-7406 (Format string vulnerability in Dropbear SSH before 2016.74 allows remo ...) {DLA-634-1} - dropbear 2016.74-1 [jessie] - dropbear 2014.65-1+deb8u1 - NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/b66a483f3dcb + NOTE: https://hg.ucc.asn.au/dropbear/rev/b66a483f3dcb CVE-2016-7404 (OpenStack Magnum passes OpenStack credentials into the Heat templates ...) - magnum 3.1.1-5 (bug #863547) NOTE: https://git.openstack.org/cgit/openstack/magnum/commit/?id=0bb0d6486d6771ee21bbf897a091b1aa59e01b22 @@ -11385,7 +11450,7 @@ CVE-2016-7153 (The HTTP/2 protocol does not consider the role of the TCP congest CVE-2016-7152 (The HTTPS protocol does not consider the role of the TCP congestion wi ...) NOTE: CVE assigned for the HTTP/2 protocol issue CVE-2016-7151 (Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a re ...) - - capstone <unfixed> (low; bug #930002) + - capstone 4.0.2-2 (low; bug #930002) [buster] - capstone <no-dsa> (Minor issue) [stretch] - capstone <no-dsa> (Minor issue) [jessie] - capstone <not-affected> (Vulnerable code not present) @@ -11626,9 +11691,10 @@ CVE-2016-10053 (The WriteTIFFImage function in coders/tiff.c in ImageMagick befo NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-7118 (fs/fcntl.c in the "aufs 3.2.x+setfl-debian" patch in the linux-image p ...) {DLA-609-1} - - linux <not-affected> + - linux <not-affected> (Vulnerable code not present) NOTE: Bit of complicated tracking information. For jessie the affected version is not in any yet - NOTE: released version, thus should be n/a. wheezy OTOH, has already the issue in a released version. Issue then was fixed in 3.2.81-2 in DLA-609-1 + NOTE: released version, thus should be n/a. wheezy OTOH, has already the issue in a released version. + NOTE: Issue then was fixed in 3.2.81-2 in DLA-609-1 NOTE: https://www.openwall.com/lists/oss-security/2016/08/31/1 CVE-2016-7116 (Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick E ...) {DLA-1599-1 DLA-619-1 DLA-618-1} @@ -11672,6 +11738,8 @@ CVE-2016-7111 (MantisBT before 1.3.1 and 2.x before 2.0.0-beta.2 uses a weak Con NOTE: https://github.com/mantisbt/mantisbt/commit/b3511d2feb47eaee41feb5f69cf3c8a2c9acd229 NOTE: https://mantisbt.org/bugs/view.php?id=21263 CVE-2016-7103 (Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 mi ...) + {DLA-2889-1} + - drupal7 <removed> - jqueryui 1.12.1+dfsg-1 [jessie] - jqueryui <no-dsa> (Minor issue) [wheezy] - jqueryui <no-dsa> (Minor issue) @@ -11679,6 +11747,7 @@ CVE-2016-7103 (Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12 NOTE: https://github.com/jquery/jquery-ui/pull/1622 NOTE: https://github.com/jquery/jquery-ui/pull/1632 NOTE: https://github.com/jquery/api.jqueryui.com/issues/281 + NOTE: https://www.drupal.org/sa-core-2022-002 CVE-2016-7094 (Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS ...) {DSA-3663-1 DLA-614-1} - xen 4.8.0~rc3-1 @@ -12147,8 +12216,7 @@ CVE-2016-6921 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0. NOT-FOR-US: Adobe Flash Player CVE-2016-6920 (Heap-based buffer overflow in the decode_block function in libavcodec/ ...) - ffmpeg 7:3.1.3-1 - - libav <not-affected> - NOTE: Vulnerable code not present in any Libav version. + - libav <not-affected> (Vulnerable code not present in any Libav version) CVE-2016-6919 RESERVED CVE-2016-6918 (Lexmark Markvision Enterprise (MVE) before 2.4.1 allows remote attacke ...) @@ -12212,10 +12280,9 @@ CVE-2016-6889 RESERVED CVE-2016-6881 (The zlib_refill function in libavformat/swfdec.c in FFmpeg before 3.1. ...) - ffmpeg 7:3.1.3-1 (unimportant) - - libav <not-affected> + - libav <not-affected> (Vulnerable code not present in any Libav version) NOTE: https://www.openwall.com/lists/oss-security/2016/09/26/6 NOTE: https://github.com/FFmpeg/FFmpeg/commit/4770eac6 - NOTE: Vulnerable code not present in any Libav version. CVE-2016-6902 (lshell 0.9.16 allows remote authenticated users to break out of a limi ...) - lshell <removed> (bug #834949) [wheezy] - lshell <not-affected> (Vulnerable code not present) @@ -12880,7 +12947,7 @@ CVE-2016-6662 (Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x thro NOTE: https://bugzilla.suse.com/show_bug.cgi?id=998309 NOTE: Fixed in upstream Oracle MySQL 5.5.52, 5.6.33 and 5.7.15 NOTE: MariaDB: https://jira.mariadb.org/browse/MDEV-10465 - NOTE: Fixed in upstream MariaDB 5.5.51, 10.0.27, 10.1.17 + NOTE: Fixed in upstream MariaDB 5.5.51, 10.0.27, 10.1.17 NOTE: PerconaDB: https://www.percona.com/blog/2016/09/12/database-affected-cve-2016-6662/ NOTE: Although Oracle mentions this CVE only to be fixed in 5.5.53 this is not NOTE: true for src:mysql-5.5 as in Debian and other Linux distributions, so @@ -13124,7 +13191,7 @@ CVE-2016-6607 (XSS issues were discovered in phpMyAdmin. This affects Zoom searc - phpmyadmin 4:4.6.4+dfsg1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-30/ CVE-2016-6606 (An issue was discovered in cookie encryption in phpMyAdmin. The decryp ...) - {DLA-1821-1 DLA-626-1} + {DLA-626-1} - phpmyadmin 4:4.6.4+dfsg1-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-29/ CVE-2016-6605 (Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to ...) @@ -13632,7 +13699,7 @@ CVE-2016-6508 (epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1. NOTE: https://www.wireshark.org/security/wnpa-sec-2016-44.html NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12660 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6cf9616df68a4db7e436bb77392586ff9ad84feb - NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13. + NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13. NOTE: https://www.openwall.com/lists/oss-security/2016/07/28/3 CVE-2016-6507 (epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark 1.12. ...) {DSA-3648-1 DLA-595-1} @@ -13943,21 +14010,26 @@ CVE-2016-6355 (Memory leak in Cisco IOS XR 5.1.x through 5.1.3, 5.2.x through 5. CVE-2016-6353 (Cloudera Search in CDH before 5.7.0 allows unauthorized document acces ...) NOT-FOR-US: Cloudera CVE-2016-6348 (JacksonJsonpInterceptor in RESTEasy might allow remote attackers to co ...) - - resteasy <unfixed> (low; bug #837170) + - resteasy 3.1.0-1 (low; bug #837170) [jessie] - resteasy <no-dsa> (Minor issue) - - resteasy3.0 <undetermined> + - resteasy3.0 3.0.26-1 + NOTE: https://github.com/resteasy/Resteasy/commit/7cc46c65b11de69b87ef8850dc68cca3de8cd7c6 (3.1.0.CR1) CVE-2016-6347 (Cross-site scripting (XSS) vulnerability in the default exception hand ...) - - resteasy <unfixed> (low; bug #837170) + - resteasy 3.1.0-1 (low; bug #837170) [jessie] - resteasy <no-dsa> (Minor issue) - - resteasy3.0 <undetermined> + - resteasy3.0 3.0.26-1 + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1372124 CVE-2016-6346 (RESTEasy enables GZIPInterceptor, which allows remote attackers to cau ...) - - resteasy <unfixed> (low; bug #837170) + - resteasy 3.1.0-1 (low; bug #837170) [jessie] - resteasy <no-dsa> (Minor issue) - - resteasy3.0 <undetermined> + - resteasy3.0 3.0.26-1 + NOTE: https://issues.jboss.org/browse/RESTEASY-1484 (not public) + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1372120 CVE-2016-6345 (RESTEasy allows remote authenticated users to obtain sensitive informa ...) - - resteasy <unfixed> (low; bug #837170) + - resteasy 3.1.0-1 (low; bug #837170) [jessie] - resteasy <no-dsa> (Minor issue) - - resteasy3.0 <undetermined> + - resteasy3.0 3.0.26-1 + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1372117 CVE-2016-6344 (Red Hat JBoss BPM Suite 6.3.x does not include the HTTPOnly flag in a ...) NOT-FOR-US: Red Hat JBoss bpm Suite CVE-2016-6343 (JBoss BPM Suite 6 is vulnerable to a reflected XSS via dashbuilder. Re ...) @@ -14531,7 +14603,7 @@ CVE-2016-6265 (Use-after-free vulnerability in the pdf_load_xref function in pdf CVE-2016-6264 (Integer signedness error in libc/string/arm/memset.S in uClibc and uCl ...) {DLA-561-1} - uclibc-ng <itp> (bug #811275) - - uclibc <unfixed> (unimportant) + - uclibc 1.0.20-1 (unimportant; bug #990648) NOTE: Just for cross-compiling, not used for actual packages NOTE: https://repo.or.cz/uclibc-ng.git/commit/e3848e3dd64a8d6437531488fe341354bc02eaed NOTE: http://mailman.uclibc-ng.org/pipermail/devel/2016-July/001067.html @@ -14673,7 +14745,7 @@ CVE-2016-1000103 REJECTED CVE-2016-1000102 REJECTED -CVE-2016-1000027 (Pivotal Spring Framework 4.1.4 suffers from a potential remote code ex ...) +CVE-2016-1000027 (Pivotal Spring Framework through 5.3.16 suffers from a potential remot ...) - libspring-java 4.2.7-1 (unimportant) NOTE: https://www.tenable.com/security/research/tra-2016-20 NOTE: This is not a vulnerability in Spring itself, just how applications are using it @@ -14922,7 +14994,7 @@ CVE-2016-6185 (The XSLoader::load method in XSLoader in Perl does not properly l {DSA-3628-1 DLA-565-1} - perl 5.22.2-2 (bug #829578) CVE-2016-6175 (Eval injection vulnerability in php-gettext 1.0.12 and earlier allows ...) - - php-gettext <unfixed> (bug #851771) + - php-gettext 1.0.12-1 (bug #851771) [buster] - php-gettext <no-dsa> (Minor issue) [stretch] - php-gettext <no-dsa> (Minor issue) [jessie] - php-gettext <no-dsa> (Minor issue) @@ -14943,7 +15015,7 @@ CVE-2016-6165 RESERVED CVE-2016-6164 (Integer overflow in the mov_build_index function in libavformat/mov.c ...) - ffmpeg 7:3.1.1-1 - NOTE: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8a3221cc67a516dfc1700bdae3566ec52c7ee823 + NOTE: https://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8a3221cc67a516dfc1700bdae3566ec52c7ee823 CVE-2016-1000101 REJECTED CVE-2016-1000100 @@ -16960,10 +17032,12 @@ CVE-2016-5417 (Memory leak in the __res_vinit function in the IPv6 name server m NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=19257 CVE-2016-5416 (389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, ...) - 389-ds-base <unfixed> (bug #834233) - [buster] - 389-ds-base <no-dsa> (Minor issue) + [bullseye] - 389-ds-base <ignored> (Minor issue) + [buster] - 389-ds-base <ignored> (Minor issue) [stretch] - 389-ds-base <no-dsa> (Minor issue) [jessie] - 389-ds-base <no-dsa> (Minor issue) NOTE: https://fedorahosted.org/389/ticket/48852 + NOTE: https://github.com/389ds/389-ds-base/issues/1912 NOTE: Potentially related: https://fedorahosted.org/389/ticket/48354 CVE-2016-5415 RESERVED @@ -17641,6 +17715,7 @@ CVE-2016-4456 (The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 all NOTE: https://www.openwall.com/lists/oss-security/2016/06/07/2 CVE-2016-1000002 (gdm3 3.14.2 and possibly later has an information leak before screen l ...) - gdm3 <unfixed> (low; bug #849432) + [bullseye] - gdm3 <ignored> (Minor issue) [buster] - gdm3 <ignored> (Minor issue) [stretch] - gdm3 <ignored> (Minor issue) [jessie] - gdm3 <ignored> (Minor issue) @@ -18441,7 +18516,7 @@ CVE-2016-5008 (libvirt before 2.0.0 improperly disables password checking when t NOTE: http://security.libvirt.org/2016/0001.html CVE-2016-5007 (Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2. ...) - libspring-java 4.3.2-1 - [jessie] - libspring-java <no-dsa> (Minor issue) + [jessie] - libspring-java <ignored> (Minor issue, no rdeps using both spring-framework and spring-security, trimTokens mitigation not present in 3.0.x) [wheezy] - libspring-java <not-affected> (Vulnerable code not present) NOTE: https://pivotal.io/security/cve-2016-5007 NOTE: https://github.com/spring-projects/spring-framework/commit/a30ab30 (v4.3.1.RELEASE) @@ -18823,8 +18898,8 @@ CVE-2016-XXXX [mediawiki issues from 1.26.3, 1.25.6 and 1.23.14] CVE-2016-4952 (QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual S ...) {DLA-1599-1} - qemu 1:2.6+dfsg-2 (bug #825210) - [wheezy] - qemu <not-affected> (VMWare PVSCSI paravirtual device implementation introduced later) - - qemu-kvm <not-affected> (VMWare PVSCSI paravirtual device implementation introduced later) + [wheezy] - qemu <not-affected> (VMware PVSCSI paravirtual device implementation introduced later) + - qemu-kvm <not-affected> (VMware PVSCSI paravirtual device implementation introduced later) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03774.html NOTE: Introduced in: http://git.qemu.org/?p=qemu.git;a=commit;h=881d588a98bf0dce98ddb65c15aa0854c0ac41ed (v1.5.0-rc0) CVE-2016-4951 (The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kerne ...) @@ -21699,7 +21774,7 @@ CVE-2016-3863 (Multiple stack-based buffer overflows in the AVCC reassembly impl CVE-2016-3862 (media/ExifInterface.java in mediaserver in Android 4.x before 4.4.4, 5 ...) NOT-FOR-US: libstagefright CVE-2016-3861 (LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before ...) - - android-platform-system-core 1:7.0.0+r1-4 (unimportant; bug #858177) + - android-platform-system-core 1:7.0.0+r1-4 (unimportant; bug #858177) NOTE: Not running as a privileged process in SDK CVE-2016-3860 (sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver ...) NOT-FOR-US: Qualcomm driver for Android @@ -21965,9 +22040,9 @@ CVE-2016-3738 (Red Hat OpenShift Enterprise 3.2 does not properly restrict acces CVE-2016-3737 (The server in Red Hat JBoss Operations Network (JON) before 3.3.6 allo ...) NOT-FOR-US: Red Hat / JBoss Operations Network server CVE-2016-3736 - RESERVED -CVE-2016-3735 - RESERVED + REJECTED +CVE-2016-3735 (Piwigo is image gallery software written in PHP. When a criteria is no ...) + - piwigo <removed> CVE-2016-3734 (Cross-site request forgery (CSRF) vulnerability in markposts.php in Mo ...) - moodle 2.7.14+dfsg-1 NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53755 @@ -23424,7 +23499,7 @@ CVE-2016-3159 (The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not p NOTE: http://xenbits.xen.org/xsa/advisory-172.html NOTE: CVE-2016-3159 is for the code change which is applicable for later NOTE: versions only, but which must always be combined with the code change - NOTE: for CVE-2016-3158. Ie for the first hunk in xsa172.patch, which + NOTE: for CVE-2016-3158. Ie for the first hunk in xsa172.patch, which NOTE: patches the function fpu_fxrstor. CVE-2016-3158 (The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly ...) {DSA-3554-1 DLA-571-1} @@ -23432,7 +23507,7 @@ CVE-2016-3158 (The xrstor function in arch/x86/xstate.c in Xen 4.x does not prop NOTE: http://xenbits.xen.org/xsa/advisory-172.html NOTE: CVE-2016-3158 is for the code change which is required for all NOTE: versions (but which is sufficient only on Xen 4.3.x, and insufficient - NOTE: on later versions). Ie for the second hunk in xsa172.patch (the only + NOTE: on later versions). Ie for the second hunk in xsa172.patch (the only NOTE: hunk in xsa172-4.3.patch), which patches the function xrstor. CVE-2016-3157 (The __switch_to function in arch/x86/kernel/process_64.c in the Linux ...) {DSA-3607-1 DLA-516-1} @@ -23548,7 +23623,7 @@ CVE-2016-3104 (mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow NOTE: MongoDB 2.4 installation with authentication enabled, upgraded NOTE: to 2.6, and did not complete a full upgrade CVE-2016-3103 - RESERVED + REJECTED CVE-2016-3102 (The Script Security plugin before 1.18.1 in Jenkins might allow remote ...) - jenkins <removed> CVE-2016-3101 (Cross-site scripting (XSS) vulnerability in the Extra Columns plugin b ...) @@ -24675,7 +24750,7 @@ CVE-2016-2774 (ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3. - isc-dhcp 4.3.4-1 (bug #817158) [wheezy] - isc-dhcp <no-dsa> (Minor issue) NOTE: https://kb.isc.org/article/AA-01354 - NOTE: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commitdiff;h=0b209ea5cc333255e055113fa2ad636dda681a21 + NOTE: https://gitlab.isc.org/isc-projects/dhcp/-/commit/0b209ea5cc333255e055113fa2ad636dda681a21 CVE-2016-2773 REJECTED CVE-2016-2772 @@ -25093,6 +25168,7 @@ CVE-2016-2782 (The treo_attach function in drivers/usb/serial/visor.c in the Lin NOTE: Upstream commit: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cac9b50b0d75a1d50d6c056ff65c005f3224c8e0 (v4.5-rc2) CVE-2016-2781 (chroot in GNU coreutils, when used with --userspec, allows local users ...) - coreutils <unfixed> (low; bug #816320) + [bullseye] - coreutils <ignored> (Minor issue) [buster] - coreutils <ignored> (Minor issue) [stretch] - coreutils <ignored> (Minor issue) [jessie] - coreutils <ignored> (Minor issue) @@ -25142,7 +25218,7 @@ CVE-2016-2562 (The checkHTTP function in libraries/Config.class.php in phpMyAdmi - phpmyadmin 4:4.5.5.1-1 (unimportant) [jessie] - phpmyadmin <not-affected> [wheezy] - phpmyadmin <not-affected> - NOTE: vulnerabilty is only in the test suite + NOTE: vulnerability is only in the test suite CVE-2016-2561 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4. ...) {DSA-3627-1} - phpmyadmin 4:4.5.5.1-1 @@ -25193,6 +25269,7 @@ CVE-2016-2569 (Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly ap NOTE: Upstream confirmed it does not affect squid 2.7.x CVE-2016-2568 (pkexec, when used with --user nonpriv, allows local users to escape to ...) - policykit-1 <unfixed> (low; bug #816062; bug #812512) + [bullseye] - policykit-1 <ignored> (Minor issue) [buster] - policykit-1 <ignored> (Minor issue) [stretch] - policykit-1 <ignored> (Minor issue) [jessie] - policykit-1 <ignored> (Minor issue) @@ -25739,7 +25816,7 @@ CVE-2016-2410 (A Qualcomm video kernel driver in Android 6.x before 2016-04-01 a NOT-FOR-US: Android CVE-2016-2409 (A Texas Instruments (TI) haptic kernel driver in Android 6.x before 20 ...) NOT-FOR-US: Android -CVE-2016-2408 (An unspecified client-side component in Pulse Secure Desktop Client be ...) +CVE-2016-2408 (Pulse Secure Desktop before 5.2R2 and Pulse Secure Installer Service b ...) NOT-FOR-US: Pulse Secure Desktop Client CVE-2016-2407 REJECTED @@ -25788,7 +25865,7 @@ CVE-2016-2393 (Lenovo Fingerprint Manager before 8.01.57 and Touch Fingerprint b NOT-FOR-US: Lenovo CVE-2016-2389 (Directory traversal vulnerability in the GetFileList function in the S ...) NOT-FOR-US: SAP -CVE-2016-2388 (The Universal Worklist Configuration in SAP NetWeaver 7.4 allows remot ...) +CVE-2016-2388 (The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allo ...) NOT-FOR-US: SAP CVE-2016-2387 (Multiple cross-site scripting (XSS) vulnerabilities in the Java Proxy ...) NOT-FOR-US: SAP @@ -26044,9 +26121,9 @@ CVE-2016-XXXX [exec functions ignore length but look for NULL termination] - php5 5.6.18+dfsg-1 [jessie] - php5 5.6.19+dfsg-0+deb8u1 [wheezy] - php5 5.4.45-0+deb7u7 + [squeeze] - php5 5.3.3.1-7+squeeze29 - php5.6 5.6.18+dfsg-1 - php7.0 7.0.3-1 - [squeeze] - php5 5.3.3.1-7+squeeze29 NOTE: temporary workaround until CVE assigned to explitly tag for squeeze NOTE: https://bugs.php.net/bug.php?id=71039 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305494 @@ -26066,9 +26143,9 @@ CVE-2016-XXXX [Integer overflow in iptcembed()] - php5 5.6.18+dfsg-1 [jessie] - php5 5.6.19+dfsg-0+deb8u1 [wheezy] - php5 5.4.45-0+deb7u7 + [squeeze] - php5 5.3.3.1-7+squeeze29 - php5.6 5.6.18+dfsg-1 - php7.0 7.0.3-1 - [squeeze] - php5 5.3.3.1-7+squeeze29 NOTE: temporary workaround until CVE assigned to explitly tag for squeeze NOTE: https://bugs.php.net/bug.php?id=71459 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305518 @@ -26121,9 +26198,9 @@ CVE-2016-XXXX [NULL Pointer Dereference in phar_tar_setupmetadata()] - php5 5.6.18+dfsg-1 [jessie] - php5 5.6.19+dfsg-0+deb8u1 [wheezy] - php5 5.4.45-0+deb7u7 + [squeeze] - php5 5.3.3.1-7+squeeze29 - php5.6 5.6.18+dfsg-1 - php7.0 7.0.3-1 - [squeeze] - php5 5.3.3.1-7+squeeze29 NOTE: temporary workaround until CVE assigned to explitly tag for squeeze NOTE: https://bugs.php.net/bug.php?id=71391 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305540 @@ -26155,9 +26232,9 @@ CVE-2016-XXXX [Crash on bad SOAP request] - php5 5.6.18+dfsg-1 [jessie] - php5 5.6.19+dfsg-0+deb8u1 [wheezy] - php5 5.4.45-0+deb7u7 + [squeeze] - php5 5.3.3.1-7+squeeze29 - php5.6 5.6.18+dfsg-1 - php7.0 7.0.3-1 - [squeeze] - php5 5.3.3.1-7+squeeze29 NOTE: temporary workaround until CVE assigned to explitly tag for squeeze NOTE: https://bugs.php.net/bug.php?id=70979 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305551 @@ -26166,26 +26243,26 @@ CVE-2016-XXXX [Crash on bad SOAP request] CVE-2016-2330 (libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a ...) - ffmpeg 2.8.6-1 - libav <not-affected> (Libav not affected according to upstream) - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=03d83ba34b2070878909eae18dfac0f519503777 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=03d83ba34b2070878909eae18dfac0f519503777 CVE-2016-2329 (libavcodec/tiff.c in FFmpeg before 2.8.6 does not properly validate Ro ...) - ffmpeg 2.8.6-1 - libav <not-affected> (Vulnerable code not present in any Libav version) - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=89f464e9c229006e16f6bb5403c5529fdd0a9edd + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=89f464e9c229006e16f6bb5403c5529fdd0a9edd CVE-2016-2328 (libswscale/swscale_unscaled.c in FFmpeg before 2.8.6 does not validate ...) - ffmpeg 2.8.6-1 - libav <not-affected> (Vulnerable code not present) - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=ad3b6fa7d83db7de951ed891649af93a47e74be5 - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=757248ea3cd917a7755cb15f817a9b1f15578718 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=ad3b6fa7d83db7de951ed891649af93a47e74be5 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=757248ea3cd917a7755cb15f817a9b1f15578718 CVE-2016-2327 (libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes i ...) - ffmpeg 2.8.5-1 - libav <not-affected> (Vulnerable code not present) - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8f4c3e4b92212d98f5b9ca2dee13e076effe9589 - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7ec9c5ce8a753175244da971fed9f1e25aef7971 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=8f4c3e4b92212d98f5b9ca2dee13e076effe9589 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=7ec9c5ce8a753175244da971fed9f1e25aef7971 CVE-2016-2326 (Integer overflow in the asf_write_packet function in libavformat/asfen ...) {DSA-3506-1} - ffmpeg 2.8.5-1 - libav <removed> - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7c0b84d89911b2035161f5ef51aafbfcc84aa9e2 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=7c0b84d89911b2035161f5ef51aafbfcc84aa9e2 CVE-2016-2325 RESERVED CVE-2016-2324 (Integer overflow in Git before 2.7.4 allows remote attackers to execut ...) @@ -26447,13 +26524,13 @@ CVE-2016-2218 RESERVED CVE-2016-2224 (The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before ...) {DLA-561-1} - - uclibc <unfixed> (unimportant) + - uclibc 1.0.20-1 (unimportant; bug #990648) NOTE: Just for cross-compiling, not used for actual packages NOTE: https://repo.or.cz/uclibc-ng.git/commit/d9c3a16dcab57d6b56225b9a67e9119cc9e2e4ac NOTE: https://www.openwall.com/lists/oss-security/2016/02/05/2 CVE-2016-2225 (The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng bef ...) {DLA-561-1} - - uclibc <unfixed> (unimportant) + - uclibc 1.0.20-1 (unimportant; bug #990648) NOTE: Just for cross-compiling, not used for actual packages NOTE: https://repo.or.cz/uclibc-ng.git/commit/6932f2282ba0578d6ca2f21eead920d6b78bc93c NOTE: https://www.openwall.com/lists/oss-security/2016/02/05/2 @@ -26537,7 +26614,7 @@ CVE-2016-2213 (The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in - ffmpeg 7:2.8.6-1 [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <not-affected> (Vulnerable code not present) - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=0aada30510d809bccfd539a90ea37b61188f2cb4 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=0aada30510d809bccfd539a90ea37b61188f2cb4 CVE-2016-2196 (Heap-based buffer overflow in the P-521 reduction function in Botan 1. ...) - botan1.10 <not-affected> (Introduced in 1.11.10) NOTE: Introduced in 1.11.10, fixed in 1.11.27 @@ -26727,15 +26804,13 @@ CVE-2016-2150 (SPICE allows local guest OS users to read from or write to arbitr CVE-2016-2149 (Red Hat OpenShift Enterprise 3.2 allows remote authenticated users to ...) NOT-FOR-US: OpenShift CVE-2016-2148 (Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox befo ...) - {DLA-1445-1} + {DLA-2559-1 DLA-1445-1} - busybox 1:1.27.2-1 (bug #818497) - [stretch] - busybox <no-dsa> (Minor issue) [wheezy] - busybox <no-dsa> (Minor issue) NOTE: https://git.busybox.net/busybox/commit/?id=352f79acbd759c14399e39baef21fc4ffe180ac2 CVE-2016-2147 (Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 ...) - {DLA-1445-1} + {DLA-2559-1 DLA-1445-1} - busybox 1:1.27.2-1 (bug #818499) - [stretch] - busybox <no-dsa> (Minor issue) [wheezy] - busybox <no-dsa> (Minor issue) NOTE: https://git.busybox.net/busybox/commit/?id=d474ffc68290e0a83651c4432eeabfa62cd51e87 CVE-2016-2146 (The am_read_post_data function in mod_auth_mellon before 0.11.1 does n ...) @@ -26756,6 +26831,7 @@ CVE-2016-2142 (Red Hat OpenShift Enterprise 3.1 uses world-readable permissions NOT-FOR-US: OpenShift CVE-2016-2141 (JGroups before 4.0 does not require the proper headers for the ENCRYPT ...) - libjgroups-java <unfixed> (low; bug #867493) + [bullseye] - libjgroups-java <ignored> (Minor issue, only used as build dep) [buster] - libjgroups-java <ignored> (Minor issue, only used as build dep) [stretch] - libjgroups-java <ignored> (Minor issue, only used as build dep) [jessie] - libjgroups-java <no-dsa> (Minor issue) @@ -26801,8 +26877,12 @@ CVE-2016-2125 (It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 alwa - samba 2:4.5.2+dfsg-2 NOTE: https://www.samba.org/samba/security/CVE-2016-2125.html NOTE: Patch (with some more) here: https://download.samba.org/pub/samba/patches/security/samba-4.3.12-security-20016-12-19.patch -CVE-2016-2124 - RESERVED +CVE-2016-2124 (A flaw was found in the way samba implemented SMB1 authentication. An ...) + {DSA-5003-1} + - samba 2:4.13.14+dfsg-1 + [buster] - samba <no-dsa> (Minor issue) + NOTE: https://bugzilla.samba.org/show_bug.cgi?id=12444 + NOTE: https://www.samba.org/samba/security/CVE-2016-2124.html CVE-2016-2123 (A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine n ...) {DSA-3740-1} - samba 2:4.5.2+dfsg-2 @@ -27341,10 +27421,10 @@ CVE-2016-1980 CVE-2016-1979 (Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndRet ...) {DSA-3688-1 DSA-3576-1 DLA-480-1 DLA-472-1} - iceweasel <removed> - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel <not-affected> (Only affects Firefox 44.x) [wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 - icedove 38.8.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/ - nss 2:3.21-1 @@ -27379,10 +27459,10 @@ CVE-2016-1974 (The nsScannerString::AppendUnicodeTo function in Mozilla Firefox NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/ CVE-2016-1973 (Race condition in the GetStaticInstance function in the WebRTC impleme ...) - iceweasel <removed> - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel <not-affected> (Only affects Firefox 44.x) [wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-33/ CVE-2016-1972 (Race condition in libvpx in Mozilla Firefox before 45.0 on Windows mig ...) - iceweasel <not-affected> (Windows-specific) @@ -27400,19 +27480,19 @@ CVE-2016-1969 (The setAttr function in Graphite 2 before 1.3.6, as used in Mozil NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-38/ CVE-2016-1968 (Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, a ...) - iceweasel <removed> - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel <not-affected> (Only affects Firefox 44.x) [wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-30/ - brotli 0.3.0+dfsg-3 (bug #817233) NOTE: https://github.com/google/brotli/commit/37a320dd81db8d546cd24a45b4c61d87b45dcade CVE-2016-1967 (Mozilla Firefox before 45.0 does not properly restrict the availabilit ...) - iceweasel <removed> - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel <not-affected> (Only affects Firefox 44.x) [wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-29/ CVE-2016-1966 (The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRu ...) {DSA-3520-1 DSA-3510-1} @@ -27436,10 +27516,10 @@ CVE-2016-1964 (Use-after-free vulnerability in the AtomicBaseIncDec function in NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/ CVE-2016-1963 (The FileReader class in Mozilla Firefox before 45.0 allows local users ...) - iceweasel <removed> - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel <not-affected> (Only affects Firefox 44.x) [wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-26/ CVE-2016-1962 (Use-after-free vulnerability in the mozilla::DataChannelConnection::Cl ...) {DSA-3520-1 DSA-3510-1} @@ -27484,17 +27564,17 @@ CVE-2016-1957 (Memory leak in libstagefright in Mozilla Firefox before 45.0 and NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/ CVE-2016-1956 (Mozilla Firefox before 45.0 on Linux, when an Intel video driver is us ...) - iceweasel <removed> - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel <not-affected> (Only affects Firefox 44.x) [wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/ CVE-2016-1955 (Mozilla Firefox before 45.0 allows remote attackers to bypass the Same ...) - iceweasel <removed> - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel <not-affected> (Only affects Firefox 44.x) [wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/ CVE-2016-1954 (The nsCSPContext::SendReports function in dom/security/nsCSPContext.cp ...) {DSA-3520-1 DSA-3510-1} @@ -27505,10 +27585,10 @@ CVE-2016-1954 (The nsCSPContext::SendReports function in dom/security/nsCSPConte NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/ CVE-2016-1953 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...) - iceweasel <removed> - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel <not-affected> (Only affects Firefox 44.x) [wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/ CVE-2016-1952 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...) {DSA-3510-1} @@ -27536,11 +27616,11 @@ CVE-2016-1950 (Heap-based buffer overflow in Mozilla Network Security Services ( NOTE: NSS fixed in 3.21.1 CVE-2016-1949 (Mozilla Firefox before 44.0.2 does not properly restrict the interacti ...) - iceweasel <removed> - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel <not-affected> (Only affects Firefox 43.x) [wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x) [squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/ CVE-2016-1948 (Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is u ...) - iceweasel <not-affected> (Only affects Firefox for Android) @@ -28769,6 +28849,7 @@ CVE-2016-1586 (A malicious webview could install long-lived unload handlers that NOT-FOR-US: Oxide CVE-2016-1585 (In all versions of AppArmor mount rules are accidentally widened when ...) - apparmor <unfixed> (low; bug #929990) + [bullseye] - apparmor <ignored> (Minor overall security impact) [buster] - apparmor <ignored> (Minor overall security impact) [stretch] - apparmor <ignored> (Minor overall security impact) [jessie] - apparmor <ignored> (Minor overall security impact) @@ -28843,11 +28924,11 @@ CVE-2016-1567 (chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer asso NOTE: Fix for 2.x http://git.tuxfamily.org/chrony/chrony.git/commit/?id=a78bf9725a7b481ebff0e0c321294ba767f2c1d8 NOTE: Fix for 1.x http://git.tuxfamily.org/chrony/chrony.git/commit/?h=1.31-security&id=df46e5ca5d70be1c0ae037f96b4b038362703832 CVE-2016-1566 (Cross-site scripting (XSS) vulnerability in the file browser in Guacam ...) - - guacamole-client <unfixed> (bug #859136) - [stretch] - guacamole-client <no-dsa> (Minor issue) - [jessie] - guacamole-client <not-affected> (Vulnerable code not present) + - guacamole-client <not-affected> (Vulnerable code never present in released Debian version, cf #859136) - guacamole <not-affected> (Vulnerable code not present) NOTE: Fixed by: https://github.com/glyptodon/guacamole-client/commit/7da13129c432d1c0a577342a9bf23ca2bde9c367 + NOTE: The Debian released versions never contained the broken code in guacFileBrowser.js + NOTE: in a released version. CVE-2016-1565 (Cross-site scripting (XSS) vulnerability in the Field Group module 7.x ...) NOT-FOR-US: Field Group module for Drupal CVE-2016-1714 (The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg. ...) @@ -29040,10 +29121,9 @@ CVE-2016-1517 (OpenCV 3.0.0 allows remote attackers to cause a denial of service NOTE: https://arxiv.org/pdf/1701.04739.pdf NOTE: https://github.com/opencv/opencv/issues/5956 CVE-2016-1516 (OpenCV 3.0.0 has a double free issue that allows attackers to execute ...) - {DLA-1438-1 DLA-1117-1} + {DLA-2799-1 DLA-1438-1 DLA-1117-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #872043) - [stretch] - opencv <no-dsa> (Minor issue) NOTE: https://arxiv.org/pdf/1701.04739.pdf NOTE: https://github.com/opencv/opencv/issues/5956 CVE-2016-1515 @@ -29706,11 +29786,10 @@ CVE-2016-1240 (The Tomcat init script in the tomcat7 package before 7.0.56-3+deb - tomcat7 7.0.70-3 - tomcat6 6.0.41-3 NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs -CVE-2016-1239 [loads arbitrary code from the current untrusted directory] - RESERVED +CVE-2016-1239 (duck before 0.10 did not properly handle loading of untrusted code fro ...) - duck 0.10 [jessie] - duck 0.7+deb8u1 - NOTE: https://anonscm.debian.org/cgit/collab-maint/duck.git/commit/?id=b43b5bbf07973c54b8f1c581a941f4facc97177a (0.10) + NOTE: https://salsa.debian.org/debian/duck/-/commit/b43b5bbf07973c54b8f1c581a941f4facc97177a (0.10) CVE-2016-1238 ((1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) ...) {DSA-3628-1 DLA-1578-1 DLA-584-1 DLA-565-1} - perl 5.22.2-3 @@ -30902,11 +30981,11 @@ CVE-2016-0746 (Use-after-free vulnerability in the resolver in nginx 0.6.18 thro NOTE: https://github.com/nginx/nginx/commit/4b581a7c21e4328d059bf400a059c0458fc9f806 (release-1.9.10) NOTE: https://github.com/nginx/nginx/commit/a3d42258d97ebd0b638c20976654d3edfbaf943f (release-1.9.10) CVE-2016-0745 - RESERVED + REJECTED CVE-2016-0744 - RESERVED + REJECTED CVE-2016-0743 - RESERVED + REJECTED CVE-2016-0742 (The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remo ...) {DSA-3473-1 DLA-404-1} - nginx 1.9.10-1 (bug #812806) |