SCAP Feed Release Update: 13-APR-2015

  • Post author:
  • Reading time:21 mins read

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. This is a list of vulnerabilities detected using a vulnerability management solution.

Also, a patch management tool can patch these vulnerabilities.

oval:org.secpod.oval:def:24061 CVE-2015-0251, svn:author property spoofing vulnerability in Apache Subversion via a crafted v1 HTTP protocol request sequences
oval:org.secpod.oval:def:24062 CVE-2015-0202, Denial of service vulnerability in Apache Subversion via a large number of REPORT requests
oval:org.secpod.oval:def:24063 CVE-2015-0248, Denial of service vulnerability in Apache Subversion via crafted parameter combinations related to dynamically evaluated revision numbers
oval:org.secpod.oval:def:24064 APPLE-SA-2015-03-09-4,
CVE-2014-3522,
CVE-2014-3528,
CVE-2014-3580,
CVE-2014-8108,
CVE-2014-9390,		 Multiple vulnerabilities in Subversion in Xcode – APPLE-SA-2015-03-09-4
oval:org.secpod.oval:def:24065 CVE-2014-3522, Spoofing vulnerability in Subversion in Xcode via a crafted certificate
oval:org.secpod.oval:def:24066 CVE-2014-3522, Security bypass vulnerability in Subversion in Xcode via a crafted authentication realm
oval:org.secpod.oval:def:24067 CVE-2014-3580, Denial of service vulnerability in Subversion in Xcode via a REPORT request
oval:org.secpod.oval:def:24068 CVE-2014-3580, Denial of service vulnerability in Subversion in Xcode via a request for a URI
oval:org.secpod.oval:def:203604 CESA-2015:0794,
CVE-2014-5352,
CVE-2014-5353,
CVE-2014-5355,
CVE-2014-9421,
CVE-2014-9422,		 CESA-2015:0794 — centos 6 krb5
oval:org.secpod.oval:def:702438 CVE-2013-7421,
CVE-2014-7970,
CVE-2014-8160,
CVE-2014-9529,
CVE-2014-9584,
CVE-2014-9585,
CVE-2014-9644,
CVE-2015-0239,
USN-2513-1,		 USN-2513-1 — linux-image
oval:org.secpod.oval:def:702463 CVE-2014-8159,
USN-2526-1,		 USN-2526-1 — linux-image
oval:org.secpod.oval:def:702474 CVE-2013-7421,
CVE-2014-7822,
CVE-2014-9644,
CVE-2015-0274,
USN-2544-1,		 USN-2544-1 — linux-image
oval:org.secpod.oval:def:702475 CVE-2013-7421,
CVE-2014-9644,
CVE-2015-1421,
CVE-2015-1465,
USN-2546-1,		 USN-2546-1 — linux-image
oval:org.secpod.oval:def:702476 CVE-2013-0211,
CVE-2015-2304,
USN-2549-1,		 USN-2549-1 — libarchive vulnerabilities
oval:org.secpod.oval:def:702477 CVE-2015-0250,
USN-2548-1,		 USN-2548-1 — batik vulnerability
oval:org.secpod.oval:def:702478 CVE-2014-7822,
CVE-2014-9419,
CVE-2014-9683,
CVE-2015-1421,
USN-2541-1,		 USN-2541-1 — linux-image
oval:org.secpod.oval:def:702479 CVE-2014-7822,
CVE-2014-9419,
CVE-2014-9683,
CVE-2015-1421,
USN-2542-1,		 USN-2542-1 — linux-image
oval:org.secpod.oval:def:702480 CVE-2011-0992,
CVE-2012-3543,
CVE-2015-2318,
CVE-2015-2319,
CVE-2015-2320,
USN-2547-1,		 USN-2547-1 — mono vulnerabilities
oval:org.secpod.oval:def:702481 CVE-2013-7421,
CVE-2014-7822,
CVE-2014-9644,
CVE-2015-0274,
USN-2543-1,		 USN-2543-1 — linux-image
oval:org.secpod.oval:def:702482 CVE-2013-7421,
CVE-2014-9644,
CVE-2015-1421,
CVE-2015-1465,
USN-2545-1,		 USN-2545-1 — linux-image
oval:org.secpod.oval:def:602034 CVE-2015-0840,
DSA-3217-1,		 DSA-3217-1 dpkg — dpkg
oval:org.secpod.oval:def:1500978 CVE-2014-5352,
CVE-2014-5353,
CVE-2014-5355,
CVE-2014-9421,
CVE-2014-9422,
ELSA-2015-0794,		 ELSA-2015-0794 — Oracle krb5
oval:org.secpod.oval:def:1500979 CVE-2014-8159,
CVE-2014-8867,
ELSA-2015-0783,		 ELSA-2015-0783 — Oracle kernel_oracleasm_ocfs2
oval:org.secpod.oval:def:1500980 CVE-2014-8159,
CVE-2014-8867,
ELSA-2015-0783-1,		 ELSA-2015-0783-1 — Oracle kernel_oracleasm_ocfs2
oval:org.secpod.oval:def:702506 CVE-2015-1593,
CVE-2015-2041,
CVE-2015-2042,
USN-2564-1,		 USN-2564-1 — linux-image
oval:org.secpod.oval:def:702507 CVE-2015-0840,
USN-2566-1,		 USN-2566-1 — dpkg vulnerability
oval:org.secpod.oval:def:702508 CVE-2015-1593,
CVE-2015-2041,
CVE-2015-2042,
USN-2565-1,		 USN-2565-1 — linux-image
oval:org.secpod.oval:def:501554 CVE-2015-0255,
RHSA-2015:0797-01,		 RHSA-2015:0797-01 — Redhat xorg-x11-server
oval:org.secpod.oval:def:108670 FEDORA-2015-4994, FEDORA-2015-4994 — Fedora 20 drupal7-webform-4.7-1.fc20
oval:org.secpod.oval:def:108672 FEDORA-2015-5702, FEDORA-2015-5702 — Fedora 21 firefox-37.0.1-1.fc21
oval:org.secpod.oval:def:108673 FEDORA-2015-5055, FEDORA-2015-5055 — Fedora 21 drupal7-webform-4.7-1.fc21
oval:org.secpod.oval:def:108674 CVE-2014-8165,
FEDORA-2015-4143,		 FEDORA-2015-4143 — Fedora 21 powerpc-utils-python-1.2.1-7.fc21
oval:org.secpod.oval:def:108676 CVE-2014-8165,
FEDORA-2015-4201,		 FEDORA-2015-4201 — Fedora 20 powerpc-utils-python-1.2.1-7.fc20
oval:org.secpod.oval:def:108677 FEDORA-2015-3201, FEDORA-2015-3201 — Fedora 20 xterm-297-2.fc20
oval:org.secpod.oval:def:108678 FEDORA-2015-3218, FEDORA-2015-3218 — Fedora 21 xterm-308-3.fc21
oval:org.secpod.oval:def:108667 CVE-2015-0296,
FEDORA-2015-4872,		 FEDORA-2015-4872 — Fedora 21 texlive-2014-3.1.20140525_r34255.fc21
oval:org.secpod.oval:def:108668 CVE-2015-1815,
FEDORA-2015-4838,		 FEDORA-2015-4838 — Fedora 21 setroubleshoot-3.2.22-1.fc21
oval:org.secpod.oval:def:108669 CVE-2015-1815,
FEDORA-2015-4833,		 FEDORA-2015-4833 — Fedora 20 setroubleshoot-3.2.17-2.fc20