SCAP Feed Release: 05-Apr-2016

  • Post author:
  • Reading time:17 mins read

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update.

oval:org.secpod.oval:def:203887 CESA-2016:0532,
CVE-2015-8629,
CVE-2015-8630,
CVE-2015-8631,
CESA-2016:0532 — centos 7 krb5
oval:org.secpod.oval:def:203888 CESA-2016:0534,
CVE-2015-4792,
CVE-2015-4802,
CVE-2015-4815,
CVE-2015-4816,
CVE-2015-4819,
CVE-2015-4826,
CVE-2015-4830,
CVE-2015-4836,
CVE-2015-4858,
CVE-2015-4861,
CVE-2015-4870,
CVE-2015-4879,
CVE-2015-4913,
CVE-2016-0505,
CVE-2016-0546,
CVE-2016-0596,
CVE-2016-0597,
CVE-2016-0598,
CVE-2016-0600,
CVE-2016-0606,
CVE-2016-0608,
CVE-2016-0609,
CVE-2016-0616,
CVE-2016-2047,
CESA-2016:0534 — centos 7 mariadb
oval:org.secpod.oval:def:602455 CVE-2016-2347,
DSA-3540-1,
DSA-3540-1 lhasa — lhasa
oval:org.secpod.oval:def:602456 CVE-2015-6360,
DSA-3539-1,
DSA-3539-1 srtp — srtp
oval:org.secpod.oval:def:501798 CVE-2015-4792,
CVE-2015-4802,
CVE-2015-4815,
CVE-2015-4816,
CVE-2015-4819,
CVE-2015-4826,
CVE-2015-4830,
CVE-2015-4836,
CVE-2015-4858,
CVE-2015-4861,
CVE-2015-4870,
CVE-2015-4879,
CVE-2015-4913,
CVE-2016-0505,
CVE-2016-0546,
CVE-2016-0596,
CVE-2016-0597,
CVE-2016-0598,
CVE-2016-0600,
CVE-2016-0606,
CVE-2016-0608,
CVE-2016-0609,
CVE-2016-0616,
CVE-2016-2047,
RHSA-2016:0534-01,
RHSA-2016:0534-01 — Redhat mariadb
oval:org.secpod.oval:def:501799 CVE-2015-8629,
CVE-2015-8630,
CVE-2015-8631,
RHSA-2016:0532-01,
RHSA-2016:0532-01 — Redhat krb5
oval:org.secpod.oval:def:110359 FEDORA-2016-0c5838abc5, FEDORA-2016-0c5838abc5 — Fedora 23 apache-commons-collections-3.2.2-3.fc23
oval:org.secpod.oval:def:110360 FEDORA-2016-8201e3fefa, FEDORA-2016-8201e3fefa — Fedora 23 NetworkManager-1.0.12-1.fc23
oval:org.secpod.oval:def:110361 CVE-2016-1285,
CVE-2016-1286,
FEDORA-2016-161b73fc2c,
FEDORA-2016-161b73fc2c — Fedora 22 bind99-9.9.8-4.P4.fc22
oval:org.secpod.oval:def:110362 FEDORA-2016-dc3740c56e, FEDORA-2016-dc3740c56e — Fedora 22 apache-commons-collections-3.2.2-3.fc22
oval:org.secpod.oval:def:110363 CVE-2016-1285,
CVE-2016-1286,
CVE-2016-2088,
FEDORA-2016-364c0a9df4,
FEDORA-2016-364c0a9df4 — Fedora 22 bind-9.10.3-9.P4.fc22
oval:org.secpod.oval:def:33769 CVE-2010-1169, Privilege escalation vulnerability in PostgreSQL via a crafted script
oval:org.secpod.oval:def:33768 CVE-2010-1170, Privilege escalation vulnerability in the PL/Tcl implementation in PostgreSQL
oval:org.secpod.oval:def:33767 CVE-2010-1447, Intended restriction bypass vulnerability in PostgreSQL via vectors involving subroutine references and delayed execution
oval:org.secpod.oval:def:33770 CVE-2012-0866, Privilege escalation vulnerability in PostgreSQL – CVE-2012-0866
oval:org.secpod.oval:def:33771 CVE-2012-0867, Spoofing vulnerability in PostgreSQL
oval:org.secpod.oval:def:33758 CVE-2012-0868, CRLF injection vulnerability in PostgreSQL via a crafted file containing object names with newlines
oval:org.secpod.oval:def:33759 CVE-2009-0922, Denial of service vulnerability in PostgreSQL by triggering a failure error message to a client-specified encoding
oval:org.secpod.oval:def:33766 CVE-2010-1975, Privilege escalation vulnerability in PostgreSQL via a ALTER USER or ALTER DATABASE statement
oval:org.secpod.oval:def:33772 CVE-2012-2655, Denial of service vulnerability in PostgreSQL by adding the SECURITY DEFINER or SET attributes
oval:org.secpod.oval:def:33764 CVE-2009-3229, Denial of service vulnerability in PostgreSQL by &quot
oval:org.secpod.oval:def:33763 CVE-2009-3230, Privilege escalation vulnerability in PostgreSQL – CVE-2009-3230
oval:org.secpod.oval:def:33762 CVE-2009-3231, Security bypass vulnerability in PostgreSQL via an empty password
oval:org.secpod.oval:def:33773 CVE-2012-3488, Information disclosure vulnerability in PostgreSQL by leveraging stylesheet commands or an xslt_process feature
oval:org.secpod.oval:def:33774 CVE-2012-3489, Information disclosure vulnerability in PostgreSQL via an XML value that refers to a DTD or an entity
oval:org.secpod.oval:def:33765 CVE-2010-4015, Buffer overflow in the gettoken function in PostgreSQL via integers with a large number of digits to unspecified functions
oval:org.secpod.oval:def:33761 CVE-2009-4034, Spoofing vulnerability in PostgreSQL via a crafted client and server certificate issued by a legitimate Certification Authority
oval:org.secpod.oval:def:33760 CVE-2009-4136, Privilege escalation vulnerability in PostgreSQL via a table with crafted index functions
oval:org.secpod.oval:def:33775 CVE-2015-3197,
CVE-2015-4000,
openssl_advisory17,
Multiple vulnerabilities in OpenSSL