Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: a49def56 by security tracker role at 2019-09-06T08:10:22Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -25,8 +25,8 @@ CVE-2019-15946 (OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 CVE-2019-15945 (OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitst ...) - opensc <unfixed> NOTE: https://github.com/OpenSC/OpenSC/commit/412a6142c27a5973c61ba540e33cdc22d5608e68 -CVE-2019-15944 - RESERVED +CVE-2019-15944 (In Counter-Strike: Global Offensive before 8/29/2019, community game s ...) + TODO: check CVE-2019-15943 RESERVED CVE-2019-15942 (FFmpeg through 4.2 has a "Conditional jump or move depends on uninitia ...) @@ -265,8 +265,8 @@ CVE-2019-15850 RESERVED CVE-2019-15849 RESERVED -CVE-2019-15848 - RESERVED +CVE-2019-15848 (JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XS ...) + TODO: check CVE-2019-15847 (The POWER9 backend in GNU Compiler Collection (GCC) before version 10 ...) TODO: check CVE-2015-9383 (FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_v ...) @@ -2608,8 +2608,8 @@ CVE-2019-15031 RESERVED CVE-2019-15030 RESERVED -CVE-2019-15029 - RESERVED +CVE-2019-15029 (FusionPBX 4.4.8 allows an attacker to execute arbitrary system command ...) + TODO: check CVE-2019-15028 (In Joomla! before 3.9.11, inadequate checks in com_contact could allow ...) NOT-FOR-US: Joomla! CVE-2019-15027 (The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on ...) @@ -5101,8 +5101,8 @@ CVE-2019-14341 RESERVED CVE-2019-14340 RESERVED -CVE-2019-14339 - RESERVED +CVE-2019-14339 (The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2 ...) + TODO: check CVE-2019-14338 (An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 2 ...) NOT-FOR-US: D-Link CVE-2019-14337 (An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 2 ...) @@ -5467,12 +5467,12 @@ CVE-2019-14226 RESERVED CVE-2019-14225 RESERVED -CVE-2019-14224 - RESERVED +CVE-2019-14224 (An issue was discovered in Alfresco Community Edition 5.2 201707. By l ...) + TODO: check CVE-2019-14223 RESERVED -CVE-2019-14222 - RESERVED +CVE-2019-14222 (An issue was discovered in Alfresco Community Edition versions 6.0 and ...) + TODO: check CVE-2019-14221 (1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishan ...) NOT-FOR-US: 1CRM On-Premise Software CVE-2019-14220 @@ -13873,8 +13873,8 @@ CVE-2019-11382 RESERVED CVE-2019-11381 RESERVED -CVE-2019-11380 - RESERVED +CVE-2019-11380 (The master-password feature in the ES File Explorer File Manager appli ...) + TODO: check CVE-2019-11379 RESERVED CVE-2019-11378 (An issue was discovered in ProjectSend r1053. upload-process-form.php ...) @@ -15480,8 +15480,8 @@ CVE-2019-10755 RESERVED CVE-2019-10754 RESERVED -CVE-2019-10753 - RESERVED +CVE-2019-10753 (In all versions prior to version 3.9.6 for eclipse-wtp, all versions p ...) + TODO: check CVE-2019-10752 RESERVED CVE-2019-10751 (All versions of the HTTPie package prior to version 1.0.3 are vulnerab ...) @@ -20460,8 +20460,8 @@ CVE-2019-9256 RESERVED CVE-2019-9255 RESERVED -CVE-2019-9254 - RESERVED +CVE-2019-9254 (In readArgumentList of zygote.java in Android 10, there is a possible ...) + TODO: check CVE-2019-9253 RESERVED CVE-2019-9252 @@ -39423,22 +39423,22 @@ CVE-2019-2183 RESERVED CVE-2019-2182 RESERVED -CVE-2019-2181 - RESERVED -CVE-2019-2180 - RESERVED -CVE-2019-2179 - RESERVED -CVE-2019-2178 - RESERVED -CVE-2019-2177 - RESERVED -CVE-2019-2176 - RESERVED -CVE-2019-2175 - RESERVED -CVE-2019-2174 - RESERVED +CVE-2019-2181 (In binder_transaction of binder.c in the Android kernel, there is a po ...) + TODO: check +CVE-2019-2180 (In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possi ...) + TODO: check +CVE-2019-2179 (In NDEF_MsgValidate of ndef_utils in Android 7.1.1, 7.1.2, 8.0, 8.1 an ...) + TODO: check +CVE-2019-2178 (In rw_t4t_sm_read_ndef of rw_t4t in Android 7.1.1, 7.1.2, 8.0, 8.1 and ...) + TODO: check +CVE-2019-2177 (In isPreferred of HidProfile.java in Android 7.1.1, 7.1.2, 8.0, 8.1 an ...) + TODO: check +CVE-2019-2176 (In ihevcd_parse_buffering_period_sei of ihevcd_parse_headers.c in Andr ...) + TODO: check +CVE-2019-2175 (In checkAccess of SliceManagerService.java in Android 9, there is a po ...) + TODO: check +CVE-2019-2174 (In SensorManager::assertStateLocked of SensorManager.cpp in Android 7. ...) + TODO: check CVE-2019-2173 RESERVED CVE-2019-2172 @@ -39537,10 +39537,10 @@ CVE-2019-2126 (In ParseContentEncodingEntry of mkvparser.cc, there is a possible NOT-FOR-US: Android media framework CVE-2019-2125 (In ChangeDefaultDialerDialog.java, there is a possible escalation of p ...) NOT-FOR-US: Android -CVE-2019-2124 - RESERVED -CVE-2019-2123 - RESERVED +CVE-2019-2124 (In ComposeActivityEmailExternal of ComposeActivityEmailExternal.java i ...) + TODO: check +CVE-2019-2123 (In execTransact of Binder.java in Android 7.1.1, 7.1.2, 8.0, 8.1, and ...) + TODO: check CVE-2019-2122 (In LockTaskController.lockKeyguardIfNeeded of the LockTaskController.j ...) NOT-FOR-US: Android CVE-2019-2121 (In ActivityManagerService.attachApplication of ActivityManagerService, ...) @@ -39555,8 +39555,8 @@ CVE-2019-2117 (In checkQueryPermission of TelephonyProvider.java, there is a pos NOT-FOR-US: Android CVE-2019-2116 (In save_attr_seq of sdp_discovery.cc, there is a possible out-of-bound ...) NOT-FOR-US: Android -CVE-2019-2115 - RESERVED +CVE-2019-2115 (In GateKeeper::MintAuthToken of gatekeeper.cpp in Android 7.1.1, 7.1.2 ...) + TODO: check CVE-2019-2114 RESERVED CVE-2019-2113 (In setup wizard there is a bypass of some checks when wifi connection ...) @@ -39569,8 +39569,7 @@ CVE-2019-2110 RESERVED CVE-2019-2109 (In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a pos ...) NOT-FOR-US: Android media framework -CVE-2019-2108 - RESERVED +CVE-2019-2108 (In ihevcd_ref_list of ihevcd_ref_list.c in Android 10, there is a poss ...) NOT-FOR-US: Qualcomm components for Android CVE-2019-2107 (In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out ...) NOT-FOR-US: Android media framework @@ -39580,8 +39579,8 @@ CVE-2019-2105 (In FileInputStream::Read of file_input_stream.cc, there is a poss NOT-FOR-US: Android CVE-2019-2104 (In HIDL, safe_union, and other C++ structs/unions being sent to applic ...) NOT-FOR-US: Android -CVE-2019-2103 - RESERVED +CVE-2019-2103 (In Google Assistant in Android 9, there is a possible permissions bypa ...) + TODO: check CVE-2019-2102 (In the Bluetooth Low Energy (BLE) specification, there is a provided e ...) NOT-FOR-US: Android CVE-2019-2101 (In uvc_parse_standard_control of uvc_driver.c, there is a possible out ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a49def563f88d4bb997044a369a9b1381423137a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a49def563f88d4bb997044a369a9b1381423137a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits