Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: f9762516 by Moritz Muehlenhoff at 2019-02-18T22:26:13Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -4329,7 +4329,8 @@ CVE-2019-1000018 (rssh version 2.3.4 contains a CWE-77: Improper Neutralization CVE-2019-6989 RESERVED CVE-2019-6988 (An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers ...) - - openjpeg2 <unfixed> (low) + - openjpeg2 <unfixed> (low; bug #922648) + [buster] - openjpeg2 <ignored> (Minor issue) [stretch] - openjpeg2 <ignored> (Minor issue) [jessie] - openjpeg2 <ignored> (Minor issue) NOTE: https://github.com/uclouvain/openjpeg/issues/1178 @@ -18518,10 +18519,12 @@ CVE-2018-19869 (An issue was discovered in Qt before 5.11.3. A malformed SVG ima [stretch] - qtsvg-opensource-src <no-dsa> (Minor issue) [jessie] - qtsvg-opensource-src <no-dsa> (Minor issue) - qt4-x11 <unfixed> (low) + [buster] - qt4-x11 <no-dsa> (Minor issue) [stretch] - qt4-x11 <no-dsa> (Minor issue) [jessie] - qt4-x11 <no-dsa> (Minor issue) NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/ NOTE: https://codereview.qt-project.org/#/c/234142/ + NOTE: https://github.com/qt/qtsvg/commit/8c199714e9bc638fb3f6ec747fb7a23373e49335 CVE-2018-19868 RESERVED CVE-2018-19867 @@ -117033,16 +117036,13 @@ CVE-2016-10042 (Authorization Bypass in the Web interface of Arcadyan SLT-00 Sta CVE-2016-10041 (An issue was discovered in Sprecher Automation SPRECON-E Service ...) NOT-FOR-US: Sprecher Automation SPRECON-E Service CVE-2016-10040 (Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows ...) - - qt4-x11 <unfixed> (low; bug #851058) - [buster] - qt4-x11 <ignored> (Minor issue) - [stretch] - qt4-x11 <ignored> (Minor issue) + - qt4-x11 4:4.8.7+dfsg-1 (low; bug #851058) [jessie] - qt4-x11 <ignored> (Minor issue) [wheezy] - qt4-x11 <ignored> (Minor issue) - - qtbase-opensource-src <unfixed> (low; bug #850954) - [stretch] - qtbase-opensource-src <ignored> (Minor issue) - [jessie] - qtbase-opensource-src <ignored> (Minor issue) + - qtbase-opensource-src 5.2.0+dfsg-7 NOTE: CVE assignment specific to http://www.openwall.com/lists/oss-security/2016/12/24/2 NOTE: http://www.openwall.com/lists/oss-security/2016/12/24/1 + NOTE: https://github.com/qt/qtbase/commit/f1053d94f59f053ce4acad9320df14f1fbe4faac CVE-2016-10039 (Directory traversal in /connectors/index.php in MODX Revolution before ...) NOT-FOR-US: MODX Revolution CVE-2016-10038 (Directory traversal in /connectors/index.php in MODX Revolution before ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f97625168ba5f33a000411b3f0bde95a84d63d63 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f97625168ba5f33a000411b3f0bde95a84d63d63 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits