SCAP Feed Release Update: 08-Jan-2015

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. This is a list of vulnerabilities detected using a vulnerability management solution.

Also, a patch management tool can patch these vulnerabilities.

oval:org.secpod.oval:def:22705	CVE-2011-1793,	Denial of service vulnerability in WebKit in Google Chrome via a crafted SVG document (rpm)
oval:org.secpod.oval:def:22706	CVE-2011-1793,	Denial of service vulnerability in WebKit in Google Chrome via a crafted SVG document (dpkg)
oval:org.secpod.oval:def:22707	CVE-2011-1794,	Integer overflow vulnerability in WebKit in Google Chrome via crafted dimensions (rpm)
oval:org.secpod.oval:def:22708	CVE-2011-1794,	Integer overflow vulnerability in WebKit in Google Chrome via crafted dimensions (dpkg)
oval:org.secpod.oval:def:22709	CVE-2011-1795,	Integer underflow vulnerability in WebKit in Google Chrome via a crafted HTML document (rpm)
oval:org.secpod.oval:def:22710	CVE-2011-1795,	Integer underflow vulnerability in WebKit in Google Chrome via a crafted HTML document (dpkg)
oval:org.secpod.oval:def:22711	CVE-2011-1796,	Use-after-free vulnerability in WebKit in Google Chrome via a crafted JavaScript code (rpm)
oval:org.secpod.oval:def:22712	CVE-2011-1796,	Use-after-free vulnerability in WebKit in Google Chrome via a crafted JavaScript code (dpkg)
oval:org.secpod.oval:def:22713	CVE-2011-1798,	Denial of service vulnerability in WebKit in Google Chrome via a crafted text element in an SVG document (rpm)
oval:org.secpod.oval:def:22714	CVE-2011-1798,	Denial of service vulnerability in WebKit in Google Chrome via a crafted text element in an SVG document (dpkg)
oval:org.secpod.oval:def:22715	CVE-2011-1793, CVE-2011-1794, CVE-2011-1795, CVE-2011-1796, CVE-2011-1798, VENDORLINK,	Multiple vulnerabilities in WebKit in Google Chrome (rpm)
oval:org.secpod.oval:def:22716	CVE-2011-1793, CVE-2011-1794, CVE-2011-1795, CVE-2011-1796, CVE-2011-1798, VENDORLINK,	Multiple vulnerabilities in WebKit in Google Chrome (dpkg)
oval:org.secpod.oval:def:22348	CVE-2014-3693,	Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice
oval:org.secpod.oval:def:22349	CVE-2014-0247,	Remote code execution vulnerability in LibreOffice while loading Microsoft Office documents
oval:org.secpod.oval:def:601898	CVE-2014-8142, DSA-3117-1,	DSA-3117-1 php5 — php5
oval:org.secpod.oval:def:108225	CVE-2014-3477, CVE-2014-3532, CVE-2014-3533, CVE-2014-3635, CVE-2014-3636, CVE-2014-3637, CVE-2014-3638, CVE-2014-3639, CVE-2014-7824, FEDORA-2014-17595,	FEDORA-2014-17595 — Fedora 21 mingw-dbus-1.8.12-1.fc21
oval:org.secpod.oval:def:108227	CVE-2014-9092, FEDORA-2014-17543,	FEDORA-2014-17543 — Fedora 21 mingw-libjpeg-turbo-1.3.1-4.fc21
oval:org.secpod.oval:def:108228	CVE-2014-9258, FEDORA-2014-17497,	FEDORA-2014-17497 — Fedora 21 glpi-0.84.8-3.fc21
oval:org.secpod.oval:def:108229	CVE-2010-5298, CVE-2013-4353, CVE-2013-6449, CVE-2013-6450, CVE-2014-0160, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509, CVE-2014-3510, CVE-2014-3511, CVE-2014-3566, FEDORA-2014-17587,	FEDORA-2014-17587 — Fedora 20 mingw-openssl-1.0.1j-1.fc20
oval:org.secpod.oval:def:108230	CVE-2014-8501, CVE-2014-8502, CVE-2014-8503, CVE-2014-8504, CVE-2014-8737, CVE-2014-8738, FEDORA-2014-17586,	FEDORA-2014-17586 — Fedora 21 mingw-binutils-2.25-1.fc21
oval:org.secpod.oval:def:108232	CVE-2010-5298, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509, CVE-2014-3510, CVE-2014-3511, CVE-2014-3566, FEDORA-2014-17576,	FEDORA-2014-17576 — Fedora 21 mingw-openssl-1.0.1j-1.fc21
oval:org.secpod.oval:def:108233	CVE-2014-6395, CVE-2014-6396, CVE-2014-9376, CVE-2014-9377, CVE-2014-9378, CVE-2014-9379, CVE-2014-9380, CVE-2014-9381, FEDORA-2014-17107,	FEDORA-2014-17107 — Fedora 20 ettercap-0.8.1-2.fc20
oval:org.secpod.oval:def:108235	CVE-2014-3477, CVE-2014-3532, CVE-2014-3533, CVE-2014-3635, CVE-2014-3636, CVE-2014-3637, CVE-2014-3638, CVE-2014-3639, CVE-2014-7824, FEDORA-2014-17570,	FEDORA-2014-17570 — Fedora 20 mingw-dbus-1.6.28-1.fc20
oval:org.secpod.oval:def:108236	CVE-2014-0017, CVE-2014-8132, FEDORA-2014-17354,	FEDORA-2014-17354 — Fedora 19 libssh-0.6.4-1.fc19
oval:org.secpod.oval:def:108237	CVE-2014-0017, CVE-2014-8132, FEDORA-2014-17303,	FEDORA-2014-17303 — Fedora 20 libssh-0.6.4-1.fc20
oval:org.secpod.oval:def:108238	CVE-2013-2174, CVE-2014-0015, CVE-2014-0138, CVE-2014-3613, CVE-2014-3620, CVE-2014-3707, FEDORA-2014-16690,	FEDORA-2014-16690 — Fedora 19 curl-7.29.0-27.fc19
oval:org.secpod.oval:def:108239	CVE-2004-2771, CVE-2014-7844, FEDORA-2014-17245,	FEDORA-2014-17245 — Fedora 20 mailx-12.5-11.fc20
oval:org.secpod.oval:def:108240	CVE-2004-2771, CVE-2014-7844, FEDORA-2014-17277,	FEDORA-2014-17277 — Fedora 19 mailx-12.5-9.fc19
oval:org.secpod.oval:def:108241	CVE-2004-2771, CVE-2014-7844, FEDORA-2014-17243,	FEDORA-2014-17243 — Fedora 21 mailx-12.5-14.fc21
oval:org.secpod.oval:def:108242	CVE-2014-2240, FEDORA-2014-17550,	FEDORA-2014-17550 — Fedora 21 mingw-freetype-2.5.4-1.fc21
oval:org.secpod.oval:def:108243	CVE-2014-9258, FEDORA-2014-17520,	FEDORA-2014-17520 — Fedora 20 glpi-0.84.8-3.fc20
oval:org.secpod.oval:def:108244	CVE-2014-0191, FEDORA-2014-17573,	FEDORA-2014-17573 — Fedora 20 mingw-libxml2-2.9.2-1.fc20
oval:org.secpod.oval:def:108246	CVE-2014-6395, CVE-2014-6396, CVE-2014-9376, CVE-2014-9377, CVE-2014-9378, CVE-2014-9379, CVE-2014-9380, CVE-2014-9381, FEDORA-2014-17210,	FEDORA-2014-17210 — Fedora 19 ettercap-0.8.1-2.fc19
oval:org.secpod.oval:def:108247	CVE-2014-3613, CVE-2014-3620, CVE-2014-3707, FEDORA-2014-17601,	FEDORA-2014-17601 — Fedora 21 mingw-curl-7.39.0-1.fc21
oval:org.secpod.oval:def:108248	CVE-2013-6629, CVE-2013-6630, CVE-2014-9092, FEDORA-2014-17561,	FEDORA-2014-17561 — Fedora 20 mingw-libjpeg-turbo-1.3.1-4.fc20
oval:org.secpod.oval:def:108249	CVE-2014-9258, FEDORA-2014-17508,	FEDORA-2014-17508 — Fedora 19 glpi-0.83.9.1-5.fc19
oval:org.secpod.oval:def:108250	CVE-2014-1624, FEDORA-2014-16357,	FEDORA-2014-16357 — Fedora 20 pyxdg-0.25-5.fc20
oval:org.secpod.oval:def:108251	CVE-2014-0191, FEDORA-2014-17609,	FEDORA-2014-17609 — Fedora 21 mingw-libxml2-2.9.2-1.fc21
oval:org.secpod.oval:def:108252	CVE-2014-2240, CVE-2014-2241, FEDORA-2014-16854,	FEDORA-2014-16854 — Fedora 20 freetype-2.5.0-7.fc20
oval:org.secpod.oval:def:108253	CVE-2014-8132, FEDORA-2014-17324,	FEDORA-2014-17324 — Fedora 21 libssh-0.6.4-1.fc21
oval:org.secpod.oval:def:108254	CVE-2014-2240, CVE-2014-2241, FEDORA-2014-17580,	FEDORA-2014-17580 — Fedora 20 mingw-freetype-2.5.4-1.fc20
oval:org.secpod.oval:def:108255	CVE-2013-4545, CVE-2014-0138, CVE-2014-0139, CVE-2014-3613, CVE-2014-3620, CVE-2014-3707, FEDORA-2014-17596,	FEDORA-2014-17596 — Fedora 20 mingw-curl-7.39.0-1.fc20
oval:org.secpod.oval:def:108256	CVE-2013-1447, CVE-2013-6045, CVE-2013-6052, CVE-2013-6053, CVE-2013-6887, FEDORA-2014-17053,	FEDORA-2014-17053 — Fedora 19 openjpeg-1.5.1-13.fc19
oval:org.secpod.oval:def:108257	CVE-2014-9274, CVE-2014-9275, FEDORA-2014-17281,	FEDORA-2014-17281 — Fedora 21 unrtf-0.21.7-1.fc21
oval:org.secpod.oval:def:108259	CVE-2014-8501, CVE-2014-8502, CVE-2014-8503, CVE-2014-8504, CVE-2014-8737, CVE-2014-8738, FEDORA-2014-17603,	FEDORA-2014-17603 — Fedora 20 mingw-binutils-2.24-5.fc20
oval:org.secpod.oval:def:108260	CVE-2014-6395, CVE-2014-6396, CVE-2014-9376, CVE-2014-9377, CVE-2014-9378, CVE-2014-9379, CVE-2014-9380, CVE-2014-9381, FEDORA-2014-17090,	FEDORA-2014-17090 — Fedora 21 ettercap-0.8.1-2.fc21
oval:org.secpod.oval:def:22699	CVE-2011-1793,	Denial of service vulnerability in WebKit in Google Chrome via a crafted SVG document (Mac OS X)
oval:org.secpod.oval:def:22700	CVE-2011-1794,	Integer overflow vulnerability in WebKit in Google Chrome via crafted dimensions (Mac OS X)
oval:org.secpod.oval:def:22701	CVE-2011-1795,	Integer underflow vulnerability in WebKit in Google Chrome via a crafted HTML document (Mac OS X)
oval:org.secpod.oval:def:22702	CVE-2011-1796,	Use-after-free vulnerability in WebKit in Google Chrome via a crafted JavaScript code (Mac OS X)
oval:org.secpod.oval:def:22703	CVE-2011-1798,	Denial of service vulnerability in WebKit in Google Chrome via a crafted text element in an SVG document (Mac OS X)
oval:org.secpod.oval:def:22704	CVE-2011-1793, CVE-2011-1794, CVE-2011-1795, CVE-2011-1796, CVE-2011-1798, VENDORLINK,	Multiple vulnerabilities in WebKit in Google Chrome (Mac OS X)
oval:org.secpod.oval:def:501482	CVE-2014-7823, RHSA-2015:0008-01,	RHSA-2015:0008-01 — Redhat libvirt
oval:org.secpod.oval:def:601899	CVE-2014-9221, DSA-3118-1,	DSA-3118-1 strongswan — strongswan
oval:org.secpod.oval:def:601900	CVE-2014-6272, DSA-3119-1,	DSA-3119-1 libevent — libevent
oval:org.secpod.oval:def:601901	CVE-2014-6316, CVE-2014-7146, CVE-2014-8553, CVE-2014-8554, CVE-2014-8598, CVE-2014-8986, CVE-2014-8988, CVE-2014-9089, CVE-2014-9117, CVE-2014-9269, CVE-2014-9270, CVE-2014-9271, CVE-2014-9272, CVE-2014-9280, CVE-2014-9281, CVE-2014-9388, CVE-2014-9506, DSA-3120-1,	DSA-3120-1 mantis — mantis
oval:org.secpod.oval:def:702345	CVE-2014-1425, USN-2451-1,	USN-2451-1 — cgmanager vulnerability
oval:org.secpod.oval:def:702346	CVE-2014-9221, USN-2450-1,	USN-2450-1 — strongswan vulnerability
oval:org.secpod.oval:def:1500876	CVE-2014-7823, ELSA-2015-0008,	ELSA-2015-0008 — Oracle libvirt
oval:org.secpod.oval:def:203530	CESA-2015:0008, CVE-2014-7823,	CESA-2015:0008 — centos 7 libvirt

Share this article