Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dc0428c0 by Moritz Muehlenhoff at 2019-01-03T15:05:33Z
NFUs
one unimportant staging linux issue
add some notes for libxls, libdoc
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -936,13 +936,13 @@ CVE-2018-20455 (In radare2 prior to 3.1.1, the
parseOperand function inside ...)
CVE-2018-20454 (An issue was discovered in 74cms v4.2.111. ...)
NOT-FOR-US: 74cms
CVE-2018-20453 (The getlong function in numutils.c in libdoc through
2017-10-23 has a ...)
- TODO: check
+ TODO: check, potentially affects src:catdoc
CVE-2018-20452 (The read_MSAT_body function in ole.c in libxls 1.4.0 has an
invalid ...)
- TODO: check
+ TODO: check, potentially affects src:r-cran-readxl
CVE-2018-20451 (The process_file function in reader.c in libdoc through
2017-10-23 has ...)
- TODO: check
+ TODO: check, potentially affects src:catdoc
CVE-2018-20450 (The read_MSAT function in ole.c in libxls 1.4.0 has a double
free that ...)
- TODO: check
+ TODO: check, potentially affects src:r-cran-readxl
CVE-2018-20449
RESERVED
CVE-2018-20448 (Frog CMS 0.9.5 has XSS via the Database name field to the ...)
@@ -29560,18 +29560,20 @@ CVE-2018-11990
CVE-2018-11989
RESERVED
CVE-2018-11988 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-11987 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
- - linux <undetermined>
- TODO: check
+ - linux <unfixed> (unimportant)
+ NOTE:
https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=5e9ffcfa152ecb2832990c42fcd8a0f2e63c2c04
+ NOTE:
https://www.codeaurora.org/security-bulletin/2018/12/03/december-2018-code-aurora-security-bulletin#_CVE-2018-11987
+ NOTE: ion not enabled in Debian build and in staging anyway
CVE-2018-11986 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-11985 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-11984 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-11983 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-11982 (In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607,
MDM9635M, ...)
NOT-FOR-US: Snapdragon
CVE-2018-11981
@@ -29607,17 +29609,17 @@ CVE-2018-11967
CVE-2018-11966
RESERVED
CVE-2018-11965 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-11964 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-11963 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-11962
RESERVED
CVE-2018-11961 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-11960 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-11959
RESERVED
CVE-2018-11958
@@ -29728,7 +29730,7 @@ CVE-2018-11907 (In all android releases(Android for
MSM, Firefox OS for MSM, QRD
CVE-2018-11906 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-11905 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-11904 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-11903 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/dc0428c0fddecee171e200f109efc7049452555a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/dc0428c0fddecee171e200f109efc7049452555a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
