Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6d20cb4f by security tracker role at 2019-02-24T20:10:17Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2019-9082 (ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and
other ...)
+ TODO: check
+CVE-2019-9081 (The Illuminate component of Laravel Framework 5.7.x has a ...)
+ TODO: check
+CVE-2019-9080
+ RESERVED
+CVE-2019-9079
+ RESERVED
+CVE-2019-9078 (zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify
parameter ...)
+ TODO: check
+CVE-2018-20786 (libvterm through 0+bzr726, as used in Vim and other products,
...)
+ TODO: check
CVE-2019-9077 (An issue was discovered in GNU Binutils 2.32. It is a
heap-based buffer ...)
- binutils <unfixed>
[stretch] - binutils <ignored> (Minor issue)
@@ -1571,8 +1583,8 @@ CVE-2019-8376 (An issue was discovered in Tcpreplay
4.3.1. A NULL pointer derefe
- tcpreplay <unfixed> (unimportant; bug #922624)
NOTE: https://github.com/appneta/tcpreplay/issues/537
NOTE: Crash in a CLI tool, no security impact
-CVE-2019-8375
- RESERVED
+CVE-2019-8375 (The UIProcess subsystem in WebKit, as used in WebKitGTK through
2.23.90 ...)
+ TODO: check
CVE-2019-8374
RESERVED
CVE-2019-8373
@@ -76165,6 +76177,7 @@ CVE-2018-0497 (ARM mbed TLS before 2.12.0, before
2.7.5, and before 2.1.14 allow
- polarssl <removed>
NOTE:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02
CVE-2018-0496 (Directory traversal issues in the D-Mod extractor in DFArc and
DFArc2 ...)
+ {DLA-1686-1}
- freedink-dfarc 3.14-1
[stretch] - freedink-dfarc 3.12-1+deb9u1
NOTE: https://savannah.gnu.org/forum/forum.php?forum_id=9169
@@ -188483,7 +188496,7 @@ CVE-2014-8146 (The resolveImplicitLevels function in
common/ubidi.c in the Unico
[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze
LTS)
NOTE: Patch: http://bugs.icu-project.org/trac/changeset/37162
CVE-2014-8145 (Multiple heap-based buffer overflows in Sound eXchange (SoX)
14.4.1 ...)
- {DSA-3112-1 DLA-128-1}
+ {DSA-3112-1 DLA-1687-1 DLA-128-1}
- sox 14.4.2-2 (bug #773720)
[stretch] - sox 14.4.1-5+deb9u1
NOTE: The two needed patches were added in 14.4.1-5 but not to the
series file
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d20cb4f24b906667036e37f36bb8c6399de09ef
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d20cb4f24b906667036e37f36bb8c6399de09ef
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
