[Git][security-tracker-team/security-tracker][master] record ATS fixes

Wed, 29 Aug 2018 02:31:15 -0700 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
19585b9a by Moritz Muehlenhoff at 2018-08-29T09:30:43Z
record ATS fixes

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -20099,6 +20099,7 @@ CVE-2018-8040
        - trafficserver 7.1.4+ds-1
        NOTE: http://www.openwall.com/lists/oss-security/2018/08/29/2
        NOTE: https://github.com/apache/trafficserver/pull/3926
+       NOTE: 
https://github.com/apache/trafficserver/commit/cea07c03274807c1588dbdf03baa1537d958c92f
 CVE-2018-8039 (It is possible to configure Apache CXF to use the 
com.sun.net.ssl ...)
        NOT-FOR-US: Apache CXF
 CVE-2018-8038 (Versions of Apache CXF Fediz prior to 1.4.4 do not fully 
disable ...)
@@ -20249,6 +20250,7 @@ CVE-2018-8005
        NOTE: http://www.openwall.com/lists/oss-security/2018/08/29/4
        NOTE: https://github.com/apache/trafficserver/pull/3106
        NOTE: https://github.com/apache/trafficserver/pull/3124
+       NOTE: 
https://github.com/apache/trafficserver/commit/bbcbb7cf7f25ebfe3a97d792e889de618e41a6a4
 CVE-2018-8004
        RESERVED
        - trafficserver 7.1.4+ds-1
@@ -20257,6 +20259,10 @@ CVE-2018-8004
        NOTE: https://github.com/apache/trafficserver/pull/3201
        NOTE: https://github.com/apache/trafficserver/pull/3231
        NOTE: https://github.com/apache/trafficserver/pull/3251
+       NOTE: 
https://github.com/apache/trafficserver/commit/05d734c773900dd589480ff07572c0d7db7c3d44
+       NOTE: 
https://github.com/apache/trafficserver/commit/9659d12a21cf1870c2790fdd5acab712ed87f16e
+       NOTE: 
https://github.com/apache/trafficserver/commit/2616e580de7d66b9098c464d503a049c7814e35a
+       NOTE: 
https://github.com/apache/trafficserver/commit/3d2fdab8b0606bc8b35006f7aeb73729d364b333
 CVE-2018-8003 (Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a 
directory ...)
        NOT-FOR-US: Apache Ambari
 CVE-2018-8002 (In PoDoFo 0.9.5, there exists an infinite loop vulnerability in 
...)
@@ -39896,6 +39902,7 @@ CVE-2018-1318
        - trafficserver 7.1.4+ds-1
        NOTE: http://www.openwall.com/lists/oss-security/2018/08/29/3
        NOTE: https://github.com/apache/trafficserver/pull/3195
+       NOTE: 
https://github.com/apache/trafficserver/commit/e6dfda305acf85250861ecfa14a7bd6bb2fad5c3
 CVE-2018-1317
        RESERVED
 CVE-2018-1316 (The ODE process deployment web service was sensible to 
deployment ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/19585b9ac32e236ef01abe32d5bf54f1af659653

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/19585b9ac32e236ef01abe32d5bf54f1af659653
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to