[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Mon, 11 Nov 2019 12:11:23 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b9287cbd by security tracker role at 2019-11-11T20:10:32Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,49 @@
+CVE-2019-18872
+       RESERVED
+CVE-2019-18871
+       RESERVED
+CVE-2019-18870
+       RESERVED
+CVE-2019-18869
+       RESERVED
+CVE-2019-18868
+       RESERVED
+CVE-2019-18867
+       RESERVED
+CVE-2019-18866
+       RESERVED
+CVE-2019-18865
+       RESERVED
+CVE-2019-18864
+       RESERVED
+CVE-2019-18863
+       RESERVED
+CVE-2019-18862 (maidag in GNU Mailutils before 3.8 is installed setuid and 
allows loca ...)
+       TODO: check
+CVE-2019-18861
+       RESERVED
+CVE-2019-18860
+       RESERVED
+CVE-2019-18859
+       RESERVED
+CVE-2019-18858
+       RESERVED
+CVE-2019-18857 (darylldoyle svg-sanitizer before 0.12.0 mishandles script and 
data val ...)
+       TODO: check
+CVE-2019-18856 (A Denial Of Service vulnerability exists in the SVG Sanitizer 
module t ...)
+       TODO: check
+CVE-2019-18855 (A Denial Of Service vulnerability exists in the safe-svg (aka 
Safe SVG ...)
+       TODO: check
+CVE-2019-18854 (A Denial Of Service vulnerability exists in the safe-svg (aka 
Safe SVG ...)
+       TODO: check
+CVE-2019-18853 (ImageMagick before 7.0.9-0 allows remote attackers to cause a 
denial o ...)
+       TODO: check
+CVE-2019-18852 (Certain D-Link devices have a hardcoded Alphanetworks user 
account wit ...)
+       TODO: check
+CVE-2019-18851
+       RESERVED
+CVE-2019-18850
+       RESERVED
 CVE-2019-18849 (In tnef before 1.4.18, an attacker may be able to write to the 
victim' ...)
        - tnef <unfixed>
        NOTE: https://github.com/verdammelt/tnef/pull/40
@@ -22195,10 +22241,12 @@ CVE-2019-12387 (In Twisted before 19.2.1, twisted.web 
did not validate or saniti
        [jessie] - twisted <no-dsa> (Minor issue)
        NOTE: 
https://github.com/twisted/twisted/commit/6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2
 CVE-2019-12386 (An issue was discovered in Ampache through 3.9.1. A stored XSS 
exists  ...)
+       {DLA-1988-1}
        - ampache <removed>
        NOTE: https://github.com/ampache/ampache/issues/1872
        NOTE: according to the github issue, it is not really fixed yet
 CVE-2019-12385 (An issue was discovered in Ampache through 3.9.1. The search 
engine is ...)
+       {DLA-1988-1}
        - ampache <removed>
        NOTE: https://github.com/ampache/ampache/issues/1872
        NOTE: according to the github issue, it is not really fixed yet



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b9287cbd12828a8da08d6f810d35066598599886

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b9287cbd12828a8da08d6f810d35066598599886
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to