Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 044250c7 by security tracker role at 2019-01-01T08:10:14Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,53 @@ +CVE-2018-20648 + RESERVED +CVE-2018-20647 + RESERVED +CVE-2018-20646 + RESERVED +CVE-2018-20645 + RESERVED +CVE-2018-20644 + RESERVED +CVE-2018-20643 + RESERVED +CVE-2018-20642 + RESERVED +CVE-2018-20641 + RESERVED +CVE-2018-20640 + RESERVED +CVE-2018-20639 + RESERVED +CVE-2018-20638 + RESERVED +CVE-2018-20637 + RESERVED +CVE-2018-20636 + RESERVED +CVE-2018-20635 + RESERVED +CVE-2018-20634 + RESERVED +CVE-2018-20633 + RESERVED +CVE-2018-20632 + RESERVED +CVE-2018-20631 + RESERVED +CVE-2018-20630 + RESERVED +CVE-2018-20629 + RESERVED +CVE-2018-20628 + RESERVED +CVE-2018-20627 + RESERVED +CVE-2018-20626 + RESERVED +CVE-2018-20625 + RESERVED +CVE-2018-20624 + RESERVED CVE-2019-3493 RESERVED CVE-2019-3492 @@ -44939,50 +44989,47 @@ CVE-2018-6349 RESERVED CVE-2018-6348 RESERVED -CVE-2018-6347 - RESERVED -CVE-2018-6346 - RESERVED +CVE-2018-6347 (An issue in the Proxygen handling of HTTP2 parsing of headers/trailers ...) + TODO: check +CVE-2018-6346 (A potential denial-of-service issue in the Proxygen handling of ...) + TODO: check CVE-2018-6345 RESERVED -CVE-2018-6344 - RESERVED -CVE-2018-6343 - RESERVED -CVE-2018-6342 - RESERVED -CVE-2018-6341 - RESERVED -CVE-2018-6340 - RESERVED +CVE-2018-6344 (A heap corruption in WhatsApp can be caused by a malformed RTP packet ...) + TODO: check +CVE-2018-6343 (Proxygen fails to validate that a secondary auth manager is set before ...) + TODO: check +CVE-2018-6342 (react-dev-utils on Windows allows developers to run a local webserver ...) + TODO: check +CVE-2018-6341 (React applications which rendered to HTML using the ReactDOMServer API ...) + TODO: check +CVE-2018-6340 (The Memcache::getextendedstats function can be used to trigger an ...) + TODO: check CVE-2018-6339 RESERVED CVE-2018-6338 RESERVED -CVE-2018-6337 - RESERVED +CVE-2018-6337 (folly::secureRandom will re-use a buffer between parent and child ...) - hhvm <not-affected> (Only affects 3.26) NOTE: https://github.com/facebook/hhvm/commit/e2d10a1e32d01f71aaadd81169bcb9ae86c5d6b8 NOTE: https://hhvm.com/blog/2018/05/24/hhvm-3.26.3.html -CVE-2018-6336 - RESERVED -CVE-2018-6335 - RESERVED +CVE-2018-6336 (An issue was discovered in osquery. A maliciously crafted ...) + TODO: check +CVE-2018-6335 (A Malformed h2 frame can cause 'std::out_of_range' exception when ...) - hhvm 3.24.7+dfsg-1 NOTE: https://github.com/facebook/hhvm/commit/4cb57dd753a339654ca464c139db9871fe961d56 NOTE: https://hhvm.com/blog/2018/05/04/hhvm-3.25.3.html -CVE-2018-6334 [ability to override global variables and members of $GLOBALS via file uploads] - RESERVED +CVE-2018-6334 (Multipart-file uploads call variables to be improperly registered in ...) - hhvm 3.24.7+dfsg-1 (bug #895194) NOTE: https://hhvm.com/blog/2018/03/30/hhvm-3.25.2.html NOTE: https://github.com/facebook/hhvm/commit/6937de5544c3eead3466b75020d8382080ed0cff -CVE-2018-6333 - RESERVED +CVE-2018-6333 (The hhvm-attach deep link handler in Nuclide did not properly sanitize ...) + TODO: check CVE-2018-6332 (A potential denial-of-service issue in the Proxygen handling of ...) - hhvm 3.24.7+dfsg-1 (bug #895194) NOTE: https://hhvm.com/blog/2018/03/15/hhvm-3.25.html -CVE-2018-6331 - RESERVED +CVE-2018-6331 (Buck parser-cache command loads/saves state using Java serialized ...) + TODO: check CVE-2018-6330 RESERVED CVE-2018-6329 (It was discovered that the Unitrends Backup (UB) before 10.1.0 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/044250c7c78e8d34597cad98ba3e1c37b5a4c9c2 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/044250c7c78e8d34597cad98ba3e1c37b5a4c9c2 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits