Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 6d20cb4f by security tracker role at 2019-02-24T20:10:17Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,15 @@ +CVE-2019-9082 (ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other ...) + TODO: check +CVE-2019-9081 (The Illuminate component of Laravel Framework 5.7.x has a ...) + TODO: check +CVE-2019-9080 + RESERVED +CVE-2019-9079 + RESERVED +CVE-2019-9078 (zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter ...) + TODO: check +CVE-2018-20786 (libvterm through 0+bzr726, as used in Vim and other products, ...) + TODO: check CVE-2019-9077 (An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer ...) - binutils <unfixed> [stretch] - binutils <ignored> (Minor issue) @@ -1571,8 +1583,8 @@ CVE-2019-8376 (An issue was discovered in Tcpreplay 4.3.1. A NULL pointer derefe - tcpreplay <unfixed> (unimportant; bug #922624) NOTE: https://github.com/appneta/tcpreplay/issues/537 NOTE: Crash in a CLI tool, no security impact -CVE-2019-8375 - RESERVED +CVE-2019-8375 (The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 ...) + TODO: check CVE-2019-8374 RESERVED CVE-2019-8373 @@ -76165,6 +76177,7 @@ CVE-2018-0497 (ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allow - polarssl <removed> NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02 CVE-2018-0496 (Directory traversal issues in the D-Mod extractor in DFArc and DFArc2 ...) + {DLA-1686-1} - freedink-dfarc 3.14-1 [stretch] - freedink-dfarc 3.12-1+deb9u1 NOTE: https://savannah.gnu.org/forum/forum.php?forum_id=9169 @@ -188483,7 +188496,7 @@ CVE-2014-8146 (The resolveImplicitLevels function in common/ubidi.c in the Unico [squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS) NOTE: Patch: http://bugs.icu-project.org/trac/changeset/37162 CVE-2014-8145 (Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 ...) - {DSA-3112-1 DLA-128-1} + {DSA-3112-1 DLA-1687-1 DLA-128-1} - sox 14.4.2-2 (bug #773720) [stretch] - sox 14.4.1-5+deb9u1 NOTE: The two needed patches were added in 14.4.1-5 but not to the series file View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d20cb4f24b906667036e37f36bb8c6399de09ef -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d20cb4f24b906667036e37f36bb8c6399de09ef You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits