Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7532679e by security tracker role at 2018-07-14T08:10:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4469,6 +4469,7 @@ CVE-2017-18288 (An issue was discovered in PvPGN Stats
2.4.6. SQL Injection exis
CVE-2017-18287 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection
exists in ...)
NOT-FOR-US: PvPGN Stats (relates to pvpgn, but the PHP utilities
allowing integration with a PvPGN game server)
CVE-2018-12233 (In the ea_get function in fs/jfs/xattr.c in the Linux kernel
through ...)
+ {DLA-1423-1 DLA-1422-1}
- linux 4.17.3-1
NOTE: https://lkml.org/lkml/2018/6/2/2
CVE-2018-12232 (In net/socket.c in the Linux kernel through 4.17.1, there is a
race ...)
@@ -5400,6 +5401,7 @@ CVE-2018-1002200 [arbitrary file write vulnerability /
arbitrary code execution
NOTE: https://github.com/codehaus-plexus/plexus-archiver/pull/87
NOTE:
https://github.com/codehaus-plexus/plexus-archiver/commit/58bc24e465c0842981692adbf6d75680298989de
CVE-2018-1000204 (** DISPUTED ** Linux Kernel version 3.18 to 4.16 incorrectly
handles ...)
+ {DLA-1423-1 DLA-1422-1}
- linux 4.16.12-1
NOTE: Fixed by:
https://git.kernel.org/linus/a45b599ad808c3c982fdcdc12b0b8611c2f92824
CVE-2018-1000203 (Soar Labs Soar Coin version up to and including git commit
...)
@@ -6267,6 +6269,7 @@ CVE-2018-11507 (An issue was discovered in Free Lossless
Image Format (FLIF) 0.3
- flif <unfixed> (bug #902188)
NOTE: https://github.com/FLIF-hub/FLIF/issues/509
CVE-2018-11506 (The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the
Linux kernel ...)
+ {DLA-1423-1 DLA-1422-1}
- linux 4.16.16-1
NOTE: Fixed by:
https://git.kernel.org/linus/f7068114d45ec55996b9040e98111afa56e010fe
CVE-2018-11505 (The Werewolf Online application 0.8.8 for Android allows
attackers to ...)
@@ -7756,7 +7759,7 @@ CVE-2018-10942
(modules/attributewizardpro/file_upload.php in the Attribute Wiza
CVE-2018-10941
RESERVED
CVE-2018-10940 (The cdrom_ioctl_media_changed function in
drivers/cdrom/cdrom.c in the ...)
- {DLA-1392-1}
+ {DLA-1423-1 DLA-1422-1 DLA-1392-1}
- linux 4.16.12-1
NOTE: Fixed by:
https://git.kernel.org/linus/9de4ee40547fd315d4a0ed1dd15a2fa3559ad707
CVE-2018-10939 (Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8
before ...)
@@ -7894,38 +7897,45 @@ CVE-2018-10884
RESERVED
CVE-2018-10883
RESERVED
+ {DLA-1423-1}
- linux 4.17.3-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200071
CVE-2018-10882
RESERVED
+ {DLA-1423-1}
- linux 4.17.3-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200069
CVE-2018-10881
RESERVED
+ {DLA-1423-1}
- linux 4.17.3-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200015
CVE-2018-10880
RESERVED
+ {DLA-1423-1}
- linux 4.17.3-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200005
CVE-2018-10879
RESERVED
+ {DLA-1423-1}
- linux 4.17.3-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596806
CVE-2018-10878
RESERVED
+ {DLA-1423-1}
- linux 4.17.3-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199865
CVE-2018-10877
RESERVED
+ {DLA-1423-1}
- linux 4.17.3-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199417
CVE-2018-10876
RESERVED
+ {DLA-1423-1}
- linux 4.17.3-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199403
-CVE-2018-10875
- RESERVED
+CVE-2018-10875 (A flaw was found in ansible. ansible.cfg is read from the
current ...)
- ansible 2.6.1+dfsg-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596533
NOTE: https://github.com/ansible/ansible/pull/42070
@@ -8002,6 +8012,7 @@ CVE-2018-10854
RESERVED
CVE-2018-10853 [kvm: guest userspace to guest kernel write]
RESERVED
+ {DLA-1423-1 DLA-1422-1}
- linux 4.16.16-1
NOTE: Fixed by:
https://git.kernel.org/linus/3c9fa24ca7c9c47605672916491f79e8ccacb9e6
CVE-2018-10852 (The UNIX pipe which sudo uses to contact SSSD and read the
available ...)
@@ -9979,12 +9990,14 @@ CVE-2018-10089
CVE-2018-10088 (Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified
impact and ...)
NOT-FOR-US: XiongMai uc-httpd
CVE-2018-10124 (The kill_something_info function in kernel/signal.c in the
Linux kernel ...)
+ {DLA-1423-1}
- linux 4.13.4-1
[stretch] - linux <ignored> (Minor issue)
[jessie] - linux <ignored> (Minor issue)
[wheezy] - linux <ignored> (Minor issue)
NOTE: Fixed by:
https://git.kernel.org/linus/4ea77014af0d6205b05503d1c7aac6eace11d473 (4.13-rc1)
CVE-2018-10087 (The kernel_wait4 function in kernel/exit.c in the Linux kernel
before ...)
+ {DLA-1423-1}
- linux 4.13.4-1
[stretch] - linux <ignored> (Minor issue)
[jessie] - linux <ignored> (Minor issue)
@@ -10146,6 +10159,7 @@ CVE-2018-10023 (Catfish CMS V4.7.21 allows XSS via the
pinglun parameter to ...)
CVE-2018-10022
RESERVED
CVE-2018-10021 (** DISPUTED ** drivers/scsi/libsas/sas_scsi_host.c in the
Linux kernel ...)
+ {DLA-1423-1}
- linux 4.15.17-1
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by:
https://git.kernel.org/linus/318aaf34f1179b39fa9c30fa0f3288b645beee39 (4.16-rc7)
@@ -11466,6 +11480,7 @@ CVE-2018-9423
NOT-FOR-US: Android Media Framework
CVE-2018-9422
RESERVED
+ {DLA-1422-1}
- linux 4.6.1-1
NOTE:
https://git.kernel.org/linus/65d8fc777f6dcfee12785c057a6b57f679641c90
CVE-2018-9421
@@ -12239,6 +12254,7 @@ CVE-2018-9154 (There is a reachable abort in the
function jpc_dec_process_sot in
CVE-2018-9153 (The plugin upload component in Z-BlogPHP 1.5.1 allows remote
attackers ...)
NOT-FOR-US: Z-BlogPHP
CVE-2017-18255 (The perf_cpu_time_max_percent_handler function in
kernel/events/core.c ...)
+ {DLA-1423-1}
- linux 4.11.6-1 (unimportant)
NOTE:
https://git.kernel.org/linus/1572e45a924f254d9570093abde46430c3172e3d
CVE-2015-9259 (In Docker Notary before 0.1, the checkRoot function in ...)
@@ -20089,6 +20105,7 @@ CVE-2018-6414
CVE-2018-6413 (There is a buffer overflow in the Hikvision Camera DS-2CD9111-S
of ...)
NOT-FOR-US: Hikvision Camera DS-2CD9111-S
CVE-2018-6412 (In the function sbusfb_ioctl_helper() in
drivers/video/fbdev/sbuslib.c ...)
+ {DLA-1423-1}
- linux 4.16.5-1 (unimportant)
[wheezy] - linux 3.2.102-1
NOTE: https://marc.info/?l=linux-fbdev&m=151734425901499&w=2
@@ -22089,6 +22106,7 @@ CVE-2018-5816
CVE-2018-5815
RESERVED
CVE-2018-5814 (In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102,
and ...)
+ {DLA-1423-1 DLA-1422-1}
- linux 4.16.12-1
NOTE:
https://git.kernel.org/linus/22076557b07c12086eeb16b8ce2b0b735f7a27e7
NOTE:
https://git.kernel.org/linus/c171654caa875919be3c533d3518da8be5be966e
@@ -27741,7 +27759,7 @@ CVE-2018-3667 (Installation tool IPDT (Intel Processor
Diagnostic Tool) 4.1.0.24
CVE-2018-3666
RESERVED
CVE-2018-3665 (System software utilizing Lazy FP state restore technique on
systems ...)
- {DSA-4232-1}
+ {DSA-4232-1 DLA-1422-1}
- linux 4.6.1-1
- xen <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-267.html
@@ -27802,7 +27820,7 @@ CVE-2018-3640 (Systems with microprocessors utilizing
speculative execution and
NOTE: No software mitigations planned to be implemented in src:linux
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
CVE-2018-3639 (Systems with microprocessors utilizing speculative execution
and ...)
- {DSA-4210-1}
+ {DSA-4210-1 DLA-1423-1}
- intel-microcode 3.20180703.1
- linux 4.16.12-1
[wheezy] - linux <ignored> (Too much work to backport)
@@ -35109,7 +35127,7 @@ CVE-2018-1132 (A flaw was found in Opendaylight's
SDNInterfaceapp (SDNI). Attack
CVE-2018-1131 (Infinispan permits improper deserialization of trusted data via
XML ...)
NOT-FOR-US: infinispan
CVE-2018-1130 (Linux kernel before version 4.16-rc7 is vulnerable to a null
pointer ...)
- {DLA-1392-1}
+ {DLA-1423-1 DLA-1422-1 DLA-1392-1}
- linux 4.15.17-1
NOTE: Fixed by:
https://git.kernel.org/linus/67f93df79aeefc3add4e4b31a752600f834236e2
CVE-2018-1129 (A flaw was found in the way signature calculation was handled
by cephx ...)
@@ -35163,6 +35181,7 @@ CVE-2018-1121 (procps-ng, procps is vulnerable to a
process hiding through race
NOTE: http://www.openwall.com/lists/oss-security/2018/05/17/1
NOTE:
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
CVE-2018-1120 (A flaw was found affecting the Linux kernel before version
4.17. By ...)
+ {DLA-1423-1}
- linux 4.16.12-1
NOTE: http://www.openwall.com/lists/oss-security/2018/05/17/1
NOTE:
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
@@ -35170,6 +35189,7 @@ CVE-2018-1120 (A flaw was found affecting the Linux
kernel before version 4.17.
CVE-2018-1119
REJECTED
CVE-2018-1118 (Linux kernel vhost since version 4.8 does not properly
initialize ...)
+ {DLA-1423-1}
- linux 4.17.3-1
[jessie] - linux <not-affected> (Vulnerable code not present)
[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -35283,7 +35303,7 @@ CVE-2018-1094 (The ext4_fill_super function in
fs/ext4/super.c in the Linux kern
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199183
CVE-2018-1093 (The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the
Linux ...)
- {DSA-4188-1 DLA-1392-1}
+ {DSA-4188-1 DLA-1422-1 DLA-1392-1}
- linux 4.15.17-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199181
CVE-2018-1092 (The ext4_iget function in fs/ext4/inode.c in the Linux kernel
through ...)
@@ -35392,7 +35412,7 @@ CVE-2018-1067 (In Undertow before versions 7.1.2.CR1,
7.1.2.GA it was found that
NOTE: Issue is incomplete fix for CVE-2016-4993
NOTE: Fixed by
https://github.com/undertow-io/undertow/commit/85d4478e598105fe94ac152d3e11e388374e8b86
(1.4.25.Final)
CVE-2018-1066 (The Linux kernel before version 4.11 is vulnerable to a NULL
pointer ...)
- {DSA-4188-1 DSA-4187-1}
+ {DSA-4188-1 DSA-4187-1 DLA-1422-1}
- linux 4.11.6-1
[wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: Fixed by:
https://git.kernel.org/linus/cabfb3680f78981d26c078a26e5c748531257ebb
@@ -50233,20 +50253,20 @@ CVE-2017-13098 (BouncyCastle TLS prior to version
1.0.3, when configured to use
NOTE: Fixed by:
https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c
NOTE: Fixed in 1.59 beta 9
NOTE: https://robotattack.org/
-CVE-2017-13097
- RESERVED
-CVE-2017-13096
- RESERVED
-CVE-2017-13095
- RESERVED
-CVE-2017-13094
- RESERVED
-CVE-2017-13093
- RESERVED
-CVE-2017-13092
- RESERVED
-CVE-2017-13091
- RESERVED
+CVE-2017-13097 (The P1735 IEEE standard describes flawed methods for
encrypting ...)
+ TODO: check
+CVE-2017-13096 (The P1735 IEEE standard describes flawed methods for
encrypting ...)
+ TODO: check
+CVE-2017-13095 (The P1735 IEEE standard describes flawed methods for
encrypting ...)
+ TODO: check
+CVE-2017-13094 (The P1735 IEEE standard describes flawed methods for
encrypting ...)
+ TODO: check
+CVE-2017-13093 (The P1735 IEEE standard describes flawed methods for
encrypting ...)
+ TODO: check
+CVE-2017-13092 (The P1735 IEEE standard describes flawed methods for
encrypting ...)
+ TODO: check
+CVE-2017-13091 (The P1735 IEEE standard describes flawed methods for
encrypting ...)
+ TODO: check
CVE-2017-13090 (The retr.c:fd_read_body() function is called when processing
OK ...)
{DSA-4008-1 DLA-1149-1}
- wget 1.19.2-1 (bug #879957)
@@ -73294,7 +73314,7 @@ CVE-2017-5754 (Systems with microprocessors utilizing
speculative execution and
NOTE: https://01.org/security/advisories/intel-oss-10003
- linux-grsec <removed>
CVE-2017-5753 (Systems with microprocessors utilizing speculative execution
and ...)
- {DSA-4188-1 DSA-4187-1}
+ {DSA-4188-1 DSA-4187-1 DLA-1423-1 DLA-1422-1}
- linux 4.15.11-1
- nvidia-graphics-drivers 384.111-1 (bug #886852)
[stretch] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -73386,7 +73406,7 @@ CVE-2017-5717 (Type Confusion in Content Protection
HECI Service in Intel Graphi
CVE-2017-5716
REJECTED
CVE-2017-5715 (Systems with microprocessors utilizing speculative execution
and ...)
- {DSA-4213-1 DSA-4188-1 DSA-4187-1 DLA-1369-1}
+ {DSA-4213-1 DSA-4188-1 DSA-4187-1 DLA-1422-1 DLA-1369-1}
- linux 4.15.11-1
- intel-microcode 3.20180425.1
[jessie] - intel-microcode 3.20180425.1~deb8u1
@@ -88835,44 +88855,44 @@ CVE-2016-9502
REJECTED
CVE-2016-9501
REJECTED
-CVE-2016-9500
- RESERVED
-CVE-2016-9499
- RESERVED
-CVE-2016-9498
- RESERVED
-CVE-2016-9497
- RESERVED
-CVE-2016-9496
- RESERVED
-CVE-2016-9495
- RESERVED
-CVE-2016-9494
- RESERVED
-CVE-2016-9493
- RESERVED
-CVE-2016-9492
- RESERVED
-CVE-2016-9491
- RESERVED
+CVE-2016-9500 (Accellion FTP server prior to version FTA_9_12_220 uses the
Accusoft ...)
+ TODO: check
+CVE-2016-9499 (Accellion FTP server prior to version FTA_9_12_220 only returns
the ...)
+ TODO: check
+CVE-2016-9498 (ManageEngine Applications Manager 12 and 13, allows
unserialization of ...)
+ TODO: check
+CVE-2016-9497 (Hughes high-performance broadband satellite modems, models
HN7740S ...)
+ TODO: check
+CVE-2016-9496 (Hughes high-performance broadband satellite modems, models
HN7740S ...)
+ TODO: check
+CVE-2016-9495 (Hughes high-performance broadband satellite modems, models
HN7740S ...)
+ TODO: check
+CVE-2016-9494 (Hughes high-performance broadband satellite modems, models
HN7740S ...)
+ TODO: check
+CVE-2016-9493 (The code generated by PHP FormMail Generator prior to 17
December 2016 ...)
+ TODO: check
+CVE-2016-9492 (The code generated by PHP FormMail Generator prior to 17
December 2016 ...)
+ TODO: check
+CVE-2016-9491 (ManageEngine Applications Manager 12 and 13 allows an
authenticated ...)
+ TODO: check
CVE-2016-9490 (ManageEngine Applications Manager versions 12 and 13 suffer
from a ...)
NOT-FOR-US: ManageEngine Applications Manager
-CVE-2016-9489
- RESERVED
+CVE-2016-9489 (In ManageEngine Applications Manager 12 and 13, an
authenticated user ...)
+ TODO: check
CVE-2016-9488 (ManageEngine Applications Manager versions 12 and 13 suffer
from ...)
NOT-FOR-US: ManageEngine Applications Manager
-CVE-2016-9487
- RESERVED
-CVE-2016-9486
- RESERVED
-CVE-2016-9485
- RESERVED
-CVE-2016-9484
- RESERVED
-CVE-2016-9483
- RESERVED
-CVE-2016-9482
- RESERVED
+CVE-2016-9487 (EpubCheck 4.0.1 does not properly restrict resolving external
entities ...)
+ TODO: check
+CVE-2016-9486 (On Windows endpoints, the SecureConnector agent must run under
the ...)
+ TODO: check
+CVE-2016-9485 (On Windows endpoints, the SecureConnector agent must run under
the ...)
+ TODO: check
+CVE-2016-9484 (The generated PHP form code does not properly validate user
input ...)
+ TODO: check
+CVE-2016-9483 (The PHP form code generated by PHP FormMail Generator
deserializes ...)
+ TODO: check
+CVE-2016-9482 (Code generated by PHP FormMail Generator may allow a remote ...)
+ TODO: check
CVE-2014-9912 (The get_icu_disp_value_src_php function in ...)
- php5 5.6.0+dfsg-1
[wheezy] - php5 5.4.34-0+deb7u1
@@ -98655,8 +98675,8 @@ CVE-2016-6582 (The Doorkeeper gem before 4.2.0 for Ruby
might allow remote attac
NOTE: https://github.com/doorkeeper-gem/doorkeeper/issues/875
CVE-2016-6579
REJECTED
-CVE-2016-6578
- RESERVED
+CVE-2016-6578 (CodeLathe FileCloud, version 13.0.0.32841 and earlier, contains
a ...)
+ TODO: check
CVE-2016-6577
RESERVED
CVE-2016-6576
@@ -98677,58 +98697,58 @@ CVE-2016-6569
RESERVED
CVE-2016-6568
RESERVED
-CVE-2016-6567
- RESERVED
-CVE-2016-6566
- RESERVED
-CVE-2016-6565
- RESERVED
-CVE-2016-6564
- RESERVED
-CVE-2016-6563
- RESERVED
-CVE-2016-6562
- RESERVED
+CVE-2016-6567 (SHDesigns' Resident Download Manager provides firmware update
...)
+ TODO: check
+CVE-2016-6566 (The valueAsString parameter inside the JSON payload contained
by the ...)
+ TODO: check
+CVE-2016-6565 (The Imagely NextGen Gallery plugin for Wordpress prior to
version ...)
+ TODO: check
+CVE-2016-6564 (Android devices with code from Ragentek contain a privileged
binary ...)
+ TODO: check
+CVE-2016-6563 (Processing malformed SOAP messages when performing the HNAP
Login ...)
+ TODO: check
+CVE-2016-6562 (On iOS and Android devices, the ShoreTel Mobility Client app
version ...)
+ TODO: check
CVE-2016-6561 (illumos smbsrv NULL pointer dereference allows system crash.
...)
NOT-FOR-US: illumos
CVE-2016-6560 (illumos osnet-incorporation bcopy() and bzero() implementations
make ...)
NOT-FOR-US: illumos
-CVE-2016-6559
- RESERVED
-CVE-2016-6558
- RESERVED
-CVE-2016-6557
- RESERVED
+CVE-2016-6559 (Improper bounds checking of the obuf variable in the
link_ntoa() ...)
+ TODO: check
+CVE-2016-6558 (A command injection vulnerability exists in apply.cgi on the
ASUS ...)
+ TODO: check
+CVE-2016-6557 (In ASUS RP-AC52 access points with firmware version 1.0.1.1s
and ...)
+ TODO: check
CVE-2016-6556
RESERVED
CVE-2016-6555
RESERVED
-CVE-2016-6554
- RESERVED
-CVE-2016-6553
- RESERVED
-CVE-2016-6552
- RESERVED
-CVE-2016-6551
- RESERVED
+CVE-2016-6554 (Synology NAS servers DS107, firmware version 3.1-1639 and
prior, and ...)
+ TODO: check
+CVE-2016-6553 (Nuuo NT-4040 Titan, firmware NT-4040_01.07.0000.0015_1120, uses
...)
+ TODO: check
+CVE-2016-6552 (Green Packet DX-350 uses non-random default credentials of: ...)
+ TODO: check
+CVE-2016-6551 (Intellian Satellite TV antennas t-Series and v-Series, firmware
...)
+ TODO: check
CVE-2016-6550 (The U by BB&T app 1.5.4 and earlier for iOS does not
properly verify ...)
NOT-FOR-US: BB&T
-CVE-2016-6549
- RESERVED
-CVE-2016-6548
- RESERVED
-CVE-2016-6547
- RESERVED
-CVE-2016-6546
- RESERVED
-CVE-2016-6545
- RESERVED
-CVE-2016-6544
- RESERVED
-CVE-2016-6543
- RESERVED
-CVE-2016-6542
- RESERVED
+CVE-2016-6549 (The Zizai Tech Nut device allows unauthenticated Bluetooth
pairing, ...)
+ TODO: check
+CVE-2016-6548 (The Zizai Tech Nut mobile app makes requests via HTTP instead
of ...)
+ TODO: check
+CVE-2016-6547 (The Zizai Tech Nut mobile app stores the account password used
to ...)
+ TODO: check
+CVE-2016-6546 (The iTrack Easy mobile application stores the account password
used to ...)
+ TODO: check
+CVE-2016-6545 (Session cookies are not used for maintaining valid sessions in
iTrack ...)
+ TODO: check
+CVE-2016-6544 (getgps data in iTrack Easy can be modified without
authentication by ...)
+ TODO: check
+CVE-2016-6543 (A captured MAC/device ID of an iTrack Easy can be registered
under ...)
+ TODO: check
+CVE-2016-6542 (The iTrack device tracking ID number, also called
"LosserID" in the ...)
+ TODO: check
CVE-2016-6541 (TrackR Bravo device allows unauthenticated pairing, which
enables ...)
NOT-FOR-US: TrackR
CVE-2016-6540 (Unauthenticated access to the cloud-based service maintained by
TrackR ...)
@@ -189350,8 +189370,8 @@ CVE-2013-0572 (Cross-site scripting (XSS)
vulnerability in IBM Document Connect
NOT-FOR-US: IBM Document Connect for Application Support Facility
CVE-2013-0571 (Cross-site scripting (XSS) vulnerability in IBM Document
Connect for ...)
NOT-FOR-US: IBM Document Connect for Application Support Facility
-CVE-2013-0570
- RESERVED
+CVE-2013-0570 (The Fibre Channel over Ethernet (FCoE) feature in IBM System
...)
+ TODO: check
CVE-2013-0569 (Cross-site scripting (XSS) vulnerability in the Communities
component ...)
NOT-FOR-US: IBM Connections
CVE-2013-0568 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File
Gateway 2.1 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7532679e2d45b88a428eac96f1b1a6b39eb0fa04
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7532679e2d45b88a428eac96f1b1a6b39eb0fa04
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
