Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cbaf6ecd by security tracker role at 2019-03-07T20:10:24Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2019-9627
+ RESERVED
+CVE-2019-9626 (PHPSHE 1.7 allows module/index/cart.php pintuan_id SQL
Injection to ...)
+ TODO: check
+CVE-2019-9625 (JBMC DirectAdmin 1.55 allows CSRF via the /CMD_ACCOUNT_ADMIN
URI to ...)
+ TODO: check
CVE-2019-XXXX [high memory usage with long running sessions]
- proftpd-dfsg 1.3.5d-1 (bug #923926)
NOTE:
https://github.com/proftpd/proftpd/issues/330#issuecomment-276891713
@@ -13368,26 +13374,26 @@ CVE-2019-3786
RESERVED
CVE-2019-3785
RESERVED
-CVE-2019-3784
- RESERVED
-CVE-2019-3783
- RESERVED
+CVE-2019-3784 (Cloud Foundry Stratos, versions prior to 2.3.0, contains an
insecure ...)
+ TODO: check
+CVE-2019-3783 (Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a
public ...)
+ TODO: check
CVE-2019-3782 (Cloud Foundry CredHub CLI, versions prior to 2.2.1,
inadvertently ...)
NOT-FOR-US: Cloud Foundry
-CVE-2019-3781
- RESERVED
+CVE-2019-3781 (Cloud Foundry CLI, versions prior to v6.43.0, improperly
exposes ...)
+ TODO: check
CVE-2019-3780
RESERVED
CVE-2019-3779
RESERVED
-CVE-2019-3778
- RESERVED
-CVE-2019-3777
- RESERVED
-CVE-2019-3776
- RESERVED
-CVE-2019-3775
- RESERVED
+CVE-2019-3778 (Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2
prior to ...)
+ TODO: check
+CVE-2019-3777 (Pivotal Application Service (PAS), versions 2.2.x prior to
2.2.12, ...)
+ TODO: check
+CVE-2019-3776 (Pivotal Operations Manager, 2.1.x versions prior to 2.1.20,
2.2.x ...)
+ TODO: check
+CVE-2019-3775 (Cloud Foundry UAA, versions prior to v70.0, allows a user to
update ...)
+ TODO: check
CVE-2019-3774 (Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older
unsupported ...)
NOT-FOR-US: Spring Batch
CVE-2019-3773 (Spring Web Services, versions 2.4.3, 3.0.4, and older
unsupported ...)
@@ -13512,8 +13518,8 @@ CVE-2019-3714
RESERVED
CVE-2019-3713
RESERVED
-CVE-2019-3712
- RESERVED
+CVE-2019-3712 (Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell
Wyse ...)
+ TODO: check
CVE-2019-3711
RESERVED
CVE-2019-3710
@@ -20132,10 +20138,10 @@ CVE-2019-1599
RESERVED
CVE-2019-1598
RESERVED
-CVE-2019-1597
- RESERVED
-CVE-2019-1596
- RESERVED
+CVE-2019-1597 (Multiple vulnerabilities in the implementation of the
Lightweight ...)
+ TODO: check
+CVE-2019-1596 (A vulnerability in the Bash shell implementation for Cisco
NX-OS ...)
+ TODO: check
CVE-2019-1595 (A vulnerability in the Fibre Channel over Ethernet (FCoE)
protocol ...)
TODO: check
CVE-2019-1594 (A vulnerability in the 802.1X implementation for Cisco NX-OS
Software ...)
@@ -44485,8 +44491,7 @@ CVE-2018-11784 (When the default servlet in Apache
Tomcat versions 9.0.0.M1 to 9
NOTE: https://svn.apache.org/r1840055 (9.0.x)
NOTE: https://svn.apache.org/r1840056 (8.5.x)
NOTE: https://svn.apache.org/r1840057 (7.0.x)
-CVE-2018-11783 [Apache Traffic Server vulnerability with sslheader plugin]
- RESERVED
+CVE-2018-11783 (sslheaders plugin extracts information from the client
certificate and ...)
- trafficserver 8.0.2+ds-1
[stretch] - trafficserver <postponed> (Minor issue, experimental
plugin, will be fixed along in next DSA)
NOTE: https://github.com/apache/trafficserver/pull/4701
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cbaf6ecd2b0810b986488da82327e129141e4bc3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cbaf6ecd2b0810b986488da82327e129141e4bc3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
