[Git][security-tracker-team/security-tracker][master] buster triage

Moritz Muehlenhoff Mon, 18 Feb 2019 14:26:59 -0800

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f9762516 by Moritz Muehlenhoff at 2019-02-18T22:26:13Z
buster triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4329,7 +4329,8 @@ CVE-2019-1000018 (rssh version 2.3.4 contains a CWE-77: 
Improper Neutralization
 CVE-2019-6989
        RESERVED
 CVE-2019-6988 (An issue was discovered in OpenJPEG 2.3.0. It allows remote 
attackers ...)
-       - openjpeg2 <unfixed> (low)
+       - openjpeg2 <unfixed> (low; bug #922648)
+       [buster] - openjpeg2 <ignored> (Minor issue)
        [stretch] - openjpeg2 <ignored> (Minor issue)
        [jessie] - openjpeg2 <ignored> (Minor issue)
        NOTE: https://github.com/uclouvain/openjpeg/issues/1178
@@ -18518,10 +18519,12 @@ CVE-2018-19869 (An issue was discovered in Qt before 
5.11.3. A malformed SVG ima
        [stretch] - qtsvg-opensource-src <no-dsa> (Minor issue)
        [jessie] - qtsvg-opensource-src <no-dsa> (Minor issue)
        - qt4-x11 <unfixed> (low)
+       [buster] - qt4-x11 <no-dsa> (Minor issue)
        [stretch] - qt4-x11 <no-dsa> (Minor issue)
        [jessie] - qt4-x11 <no-dsa> (Minor issue)
        NOTE: 
https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
        NOTE: https://codereview.qt-project.org/#/c/234142/
+       NOTE: 
https://github.com/qt/qtsvg/commit/8c199714e9bc638fb3f6ec747fb7a23373e49335
 CVE-2018-19868
        RESERVED
 CVE-2018-19867
@@ -117033,16 +117036,13 @@ CVE-2016-10042 (Authorization Bypass in the Web 
interface of Arcadyan SLT-00 Sta
 CVE-2016-10041 (An issue was discovered in Sprecher Automation SPRECON-E 
Service ...)
        NOT-FOR-US: Sprecher Automation SPRECON-E Service
 CVE-2016-10040 (Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 
allows ...)
-       - qt4-x11 <unfixed> (low; bug #851058)
-       [buster] - qt4-x11 <ignored> (Minor issue)
-       [stretch] - qt4-x11 <ignored> (Minor issue)
+       - qt4-x11 4:4.8.7+dfsg-1 (low; bug #851058)
        [jessie] - qt4-x11 <ignored> (Minor issue)
        [wheezy] - qt4-x11 <ignored> (Minor issue)
-       - qtbase-opensource-src <unfixed> (low; bug #850954)
-       [stretch] - qtbase-opensource-src <ignored> (Minor issue)
-       [jessie] - qtbase-opensource-src <ignored> (Minor issue)
+       - qtbase-opensource-src 5.2.0+dfsg-7
        NOTE: CVE assignment specific to 
http://www.openwall.com/lists/oss-security/2016/12/24/2
        NOTE: http://www.openwall.com/lists/oss-security/2016/12/24/1
+       NOTE: 
https://github.com/qt/qtbase/commit/f1053d94f59f053ce4acad9320df14f1fbe4faac
 CVE-2016-10039 (Directory traversal in /connectors/index.php in MODX 
Revolution before ...)
        NOT-FOR-US: MODX Revolution
 CVE-2016-10038 (Directory traversal in /connectors/index.php in MODX 
Revolution before ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f97625168ba5f33a000411b3f0bde95a84d63d63

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f97625168ba5f33a000411b3f0bde95a84d63d63
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] buster triage

Reply via email to