Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 41f8d53e by Moritz Muehlenhoff at 2019-09-27T09:23:16Z new mediawiki issue NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -468,7 +468,8 @@ CVE-2019-16740 CVE-2019-16739 RESERVED CVE-2019-16738 (In MediaWiki through 1.33.0, Special:Redirect allows information discl ...) - TODO: check + - mediawiki <unfixed> + NOTE: https://phabricator.wikimedia.org/T230402 CVE-2019-16737 RESERVED CVE-2019-16736 @@ -2748,7 +2749,7 @@ CVE-2019-15894 CVE-2019-15893 RESERVED CVE-2019-15891 (An issue was discovered in CKFinder through 2.6.2.1 and 3.x through 3. ...) - TODO: check + NOT-FOR-US: CKFinder CVE-2019-15890 (libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reas ...) {DLA-1927-1} - slirp4netns 0.4.1-1 (bug #939868) @@ -2828,7 +2829,7 @@ CVE-2019-15892 (An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6 NOTE: https://github.com/varnishcache/varnish-cache/commit/af13de03eaa3d04f60ada52ed3235d545b8d3973 NOTE: https://github.com/varnishcache/varnish-cache/commit/6da64a47beff44ecdb45c82b033811f2d19819af CVE-2019-15862 (An issue was discovered in CKFinder through 2.6.2.1. Improper checks o ...) - TODO: check + NOT-FOR-US: CKFinder CVE-2019-15861 RESERVED CVE-2019-15860 (Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2. ...) @@ -13373,7 +13374,7 @@ CVE-2019-12564 (In DouCo DouPHP v1.5 Release 20190516, remote attackers can view CVE-2019-12563 RESERVED CVE-2019-12562 (Cross-site scripting (XSS) is possible in DNN (formerly DotNetNuke) be ...) - TODO: check + NOT-FOR-US: DNN CVE-2019-12561 RESERVED CVE-2019-12560 @@ -16949,9 +16950,9 @@ CVE-2019-11281 CVE-2019-11280 (Pivotal Apps Manager, included in Pivotal Application Service versions ...) NOT-FOR-US: Pivotal CVE-2019-11279 (CF UAA versions prior to 74.1.0 can request scopes for a client that s ...) - TODO: check + NOT-FOR-US: Cloud Foundry CVE-2019-11278 (CF UAA versions prior to 74.1.0, allow external input to be directly q ...) - TODO: check + NOT-FOR-US: Cloud Foundry CVE-2019-11277 (Cloud Foundry NFS Volume Service, 1.7.x versions prior to 1.7.11 and 2 ...) NOT-FOR-US: Cloud Foundry CVE-2019-11276 (Pivotal Apps Manager, included in Pivotal Application Service versions ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/41f8d53e38f4b26bdd909eff4a6f8f704475f753 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/41f8d53e38f4b26bdd909eff4a6f8f704475f753 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits