Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 3fc25561 by security tracker role at 2019-08-06T08:10:22Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,10 +1,58 @@ +CVE-2019-14689 + RESERVED +CVE-2019-14688 + RESERVED +CVE-2019-14687 + RESERVED +CVE-2019-14686 + RESERVED +CVE-2019-14685 + RESERVED +CVE-2019-14684 + RESERVED +CVE-2019-14683 + RESERVED +CVE-2019-14682 + RESERVED +CVE-2019-14681 + RESERVED +CVE-2019-14680 + RESERVED +CVE-2019-14679 + RESERVED +CVE-2019-14678 + RESERVED +CVE-2019-14677 + RESERVED +CVE-2019-14676 + RESERVED +CVE-2019-14675 + RESERVED +CVE-2019-14674 + RESERVED +CVE-2019-14673 + RESERVED +CVE-2019-14672 (Firefly III 4.7.17.5 is vulnerable to stored XSS due to the lack of fi ...) + TODO: check +CVE-2019-14671 (Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attac ...) + TODO: check +CVE-2019-14670 (Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of fi ...) + TODO: check +CVE-2019-14669 (Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of fi ...) + TODO: check +CVE-2019-14668 (Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of fi ...) + TODO: check +CVE-2019-14667 (Firefly III 4.7.17.4 is vulnerable to multiple stored XSS issues due t ...) + TODO: check +CVE-2015-9292 + RESERVED CVE-2019-14666 RESERVED CVE-2019-14665 (Brandy 1.20.1 has a heap-based buffer overflow in define_array in vari ...) - brandy <unfixed> (bug #933996) NOTE: https://sourceforge.net/p/brandy/bugs/8/ -CVE-2019-14664 - RESERVED +CVE-2019-14664 (In Enigmail below 2.1, an attacker in possession of PGP encrypted emai ...) + TODO: check CVE-2019-14663 (Brandy 1.20.1 has a stack-based buffer overflow in fileio_openin in fi ...) - brandy <unfixed> (bug #933996) NOTE: https://sourceforge.net/p/brandy/bugs/6/ @@ -447,8 +495,8 @@ CVE-2019-14477 RESERVED CVE-2019-14476 RESERVED -CVE-2019-14475 - RESERVED +CVE-2019-14475 (eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use s ...) + TODO: check CVE-2019-14474 RESERVED CVE-2019-14473 @@ -5804,7 +5852,8 @@ CVE-2019-12934 (An issue was discovered in the wp-code-highlightjs plugin throug NOT-FOR-US: wp-code-highlightjs plugin for WordPress CVE-2019-12935 (Shopware before 5.5.8 has XSS via the Query String to the backend/Logi ...) NOT-FOR-US: Shopware -CVE-2019-12933 (An XSS issue on the PIX-Link Repeater/Router LV-WR09 with firmware v28 ...) +CVE-2019-12933 + REJECTED NOT-FOR-US: PIX-Link Repeater/Router LV-WR09 CVE-2019-12932 (A stored XSS vulnerability was found in SeedDMS 5.1.11 due to poorly e ...) NOT-FOR-US: SeedDMS @@ -7027,7 +7076,7 @@ CVE-2019-12452 (types/types.go in Containous Traefik 1.7.x through 1.7.11, when CVE-2019-12451 RESERVED CVE-2019-13012 (The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 ...) - {DLA-1866-1} + {DLA-1866-2 DLA-1866-1} [experimental] - glib2.0 2.60.0-1 - glib2.0 2.60.5-1 (bug #931234) [buster] - glib2.0 <no-dsa> (Minor issue) @@ -14436,7 +14485,7 @@ CVE-2019-1010027 RESERVED CVE-2019-1010026 RESERVED -CVE-2019-1010025 (GNU Libc current is affected by: Mitigation bypass. The impact is: Att ...) +CVE-2019-1010025 (** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The ...) - glibc <unfixed> (unimportant) NOTE: Not treated as a security issue by upstream NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22853 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3fc25561532264c8f0b02fd8b4efae1a24fa8620 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3fc25561532264c8f0b02fd8b4efae1a24fa8620 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits