Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: c7087a62 by Moritz Muehlenhoff at 2019-01-04T16:20:00Z NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -4350,7 +4350,7 @@ CVE-2018-1000824 (MegaMek version < v0.45.1 contains a Other/Unknown vulnerab CVE-2018-1000823 (exist version <= 5.0.0-RC4 contains a XML External Entity (XXE) ...) TODO: check CVE-2018-1000822 (codelibs fess version before commit faa265b contains a XML External ...) - TODO: check + NOT-FOR-US: codelibs fess CVE-2018-1000821 (MicroMathematics version before commit 5c05ac8 contains a XML External ...) NOT-FOR-US: MicroMathematics CVE-2018-1000820 (neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c ...) @@ -4363,7 +4363,7 @@ CVE-2018-1000816 (Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross CVE-2018-1000815 (Brave Software Inc. Brave version version 0.22.810 to 0.24.0 contains ...) NOT-FOR-US: Brave Software Inc. Brave CVE-2018-1000814 (aio-libs aiohttp-session version 2.6.0 and earlier contains a ...) - TODO: check + NOT-FOR-US: aio-libs aiohttp-session CVE-2018-1000813 (Backdrop CMS version 1.11.0 and earlier contains a Cross Site ...) - backdrop <itp> (bug #914257) CVE-2018-1000812 (&#xc1;rtica Soluciones Tecnol&#xf3;gicas Integria IMS version 5.0 MR56 ...) @@ -19056,15 +19056,15 @@ CVE-2018-17163 CVE-2018-17162 RESERVED CVE-2018-17161 (In FreeBSD before 11.2-STABLE(r348229), 11.2-RELEASE-p7, ...) - TODO: check + NOT-FOR-US: FreeBSD bootpd CVE-2018-17160 (In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, ...) - TODO: check + NOT-FOR-US: FreeBSD bhyve CVE-2018-17159 (In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, the NFS ...) - TODO: check + NOT-FOR-US: FreeBSD nfs server CVE-2018-17158 (In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer ...) - TODO: check + NOT-FOR-US: FreeBSD nfs server CVE-2018-17157 (In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer ...) - TODO: check + NOT-FOR-US: FreeBSD nfs server CVE-2018-17156 (In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to ...) - kfreebsd-10 <unfixed> (unimportant) NOTE: https://www.freebsd.org/security/advisories/FreeBSD-EN-18:13.icmp.asc @@ -20838,7 +20838,7 @@ CVE-2018-16480 CVE-2018-16479 RESERVED CVE-2018-16478 (A Path Traversal in simplehttpserver versions <=0.2.1 allows to list ...) - TODO: check + NOT-FOR-US: simplehttpserver CVE-2018-16477 (A bypass vulnerability in Active Storage >= 5.2.0 for Google Cloud ...) - rails <not-affected> (Only affects >= 5.2.0; vulnerable code not present) NOTE: https://www.openwall.com/lists/oss-security/2018/11/27/5 @@ -22630,7 +22630,7 @@ CVE-2018-15803 CVE-2018-15802 REJECTED CVE-2018-15801 (Spring Security versions 5.1.x prior to 5.1.2 contain an authorization ...) - TODO: check + - libspring-security-2.0-java <removed> CVE-2018-15800 (Cloud Foundry Bits Service, versions prior to 2.18.0, includes an ...) NOT-FOR-US: Cloud Foundry CVE-2018-15799 @@ -23760,9 +23760,9 @@ CVE-2018-15337 CVE-2018-15336 RESERVED CVE-2018-15335 (When APM 13.0.0-13.1.x is deployed as an OAuth Resource Server, APM ...) - TODO: check + NOT-FOR-US: F5 CVE-2018-15334 (A cross-site request forgery (CSRF) vulnerability in the APM webtop ...) - TODO: check + NOT-FOR-US: F5 CVE-2018-15333 (On versions 11.2.1. and greater, unrestricted Snapshot File Access ...) NOT-FOR-US: F5 BIG-IP CVE-2018-15332 (The svpn component of the F5 BIG-IP APM client prior to version ...) @@ -48244,7 +48244,7 @@ CVE-2018-6337 (folly::secureRandom will re-use a buffer between parent and child NOTE: https://github.com/facebook/hhvm/commit/e2d10a1e32d01f71aaadd81169bcb9ae86c5d6b8 NOTE: https://hhvm.com/blog/2018/05/24/hhvm-3.26.3.html CVE-2018-6336 (An issue was discovered in osquery. A maliciously crafted ...) - TODO: check + NOT-FOR-US: osquery CVE-2018-6335 (A Malformed h2 frame can cause 'std::out_of_range' exception when ...) - hhvm 3.24.7+dfsg-1 NOTE: https://github.com/facebook/hhvm/commit/4cb57dd753a339654ca464c139db9871fe961d56 @@ -48259,7 +48259,7 @@ CVE-2018-6332 (A potential denial-of-service issue in the Proxygen handling of . - hhvm 3.24.7+dfsg-1 (bug #895194) NOTE: https://hhvm.com/blog/2018/03/15/hhvm-3.25.html CVE-2018-6331 (Buck parser-cache command loads/saves state using Java serialized ...) - TODO: check + NOT-FOR-US: Buck parser-cache CVE-2018-6330 RESERVED CVE-2018-6329 (It was discovered that the Unitrends Backup (UB) before 10.1.0 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c7087a62163f1dd195b4ce41423c284fe17a6243 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c7087a62163f1dd195b4ce41423c284fe17a6243 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits