Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ea926fa6 by security tracker role at 2019-11-25T20:10:23Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,49 @@
+CVE-2019-19263
+ RESERVED
+CVE-2019-19262
+ RESERVED
+CVE-2019-19261
+ RESERVED
+CVE-2019-19260
+ RESERVED
+CVE-2019-19259
+ RESERVED
+CVE-2019-19258
+ RESERVED
+CVE-2019-19257
+ RESERVED
+CVE-2019-19256
+ RESERVED
+CVE-2019-19255
+ RESERVED
+CVE-2019-19254
+ RESERVED
+CVE-2019-19253
+ RESERVED
+CVE-2019-19252 (vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel
through 5. ...)
+ TODO: check
+CVE-2019-19251
+ RESERVED
+CVE-2019-19250 (OpenTrade before 2019-11-23 allows SQL injection, related to
server/mo ...)
+ TODO: check
+CVE-2019-19249 (Controllers/InvitationsController.cs in QueryTree before
3.0.99-beta m ...)
+ TODO: check
+CVE-2019-19248
+ RESERVED
+CVE-2019-19247
+ RESERVED
+CVE-2019-19246 (Oniguruma through 6.9.3, as used in PHP 7.3.x and other
products, has ...)
+ TODO: check
+CVE-2019-19245
+ RESERVED
+CVE-2019-19244
+ RESERVED
+CVE-2019-19243
+ RESERVED
+CVE-2019-19242 (SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by
the TK_C ...)
+ TODO: check
+CVE-2019-19241
+ RESERVED
CVE-2019-19240 (Embedthis GoAhead before 5.0.1 mishandles redirected HTTP
requests wit ...)
NOT-FOR-US: Embedthis GoAhead
CVE-2019-19239
@@ -3486,8 +3532,7 @@ CVE-2019-18683 (An issue was discovered in
drivers/media/platform/vivid in the L
- linux <unfixed>
[jessie] - linux <not-affected> (Vulnerable code not present)
NOTE: https://www.openwall.com/lists/oss-security/2019/11/02/1
-CVE-2019-18675 [integer overflow in cpia2_remap_buffer in
drivers/media/usb/cpia2/cpia2_core.c]
- RESERVED
+CVE-2019-18675 (The Linux kernel through 5.3.13 has a start_offset+size
Integer Overfl ...)
- linux <unfixed>
NOTE: https://deshal3v.github.io/blog/kernel-research/mmap_exploitation
CVE-2019-18674 (An issue was discovered in Joomla! before 3.9.13. A missing
access che ...)
@@ -3591,7 +3636,7 @@ CVE-2019-18627
RESERVED
CVE-2019-18626
RESERVED
-CVE-2018-21029 (systemd 239 through 243 accepts any certificate signed by a
trusted ce ...)
+CVE-2018-21029 (systemd 239 through 244 accepts any certificate signed by a
trusted ce ...)
- systemd <unfixed>
[buster] - systemd <no-dsa> (Minor issue; systemd-resolved not enabled
by default)
[stretch] - systemd <not-affected> (Vulnerable code introduced later)
@@ -4384,8 +4429,8 @@ CVE-2019-18376
RESERVED
CVE-2019-18375
RESERVED
-CVE-2019-18374
- RESERVED
+CVE-2019-18374 (Symantec Critical System Protection (CSP), versions 8.0, 8.0
HF1 & ...)
+ TODO: check
CVE-2019-18373 (Norton App Lock, prior to 1.4.0.503, may be susceptible to a
bypass ex ...)
NOT-FOR-US: Norton
CVE-2019-18372 (Symantec Endpoint Protection, prior to 14.2 RU2, may be
susceptible to ...)
@@ -7703,14 +7748,14 @@ CVE-2019-XXXX [Remote code execution vulnerability]
NOTE:
https://www.redhat.com/archives/libguestfs/2019-October/msg00060.html
NOTE:
https://github.com/libguestfs/libnbd/commit/f75f602a6361c0c5f42debfeea6980f698ce7f09
(1.1.4)
NOTE:
https://github.com/libguestfs/libnbd/commit/2c1987fc23d6d0f537edc6d4701e95a2387f7917
(stable-1.0)
-CVE-2019-17406
- RESERVED
-CVE-2019-17405
- RESERVED
-CVE-2019-17404
- RESERVED
-CVE-2019-17403
- RESERVED
+CVE-2019-17406 (Nokia IMPACT < 18A has path traversal that may lead to RCE
if chain ...)
+ TODO: check
+CVE-2019-17405 (Nokia IMPACT < 18A: has Reflected self XSS ...)
+ TODO: check
+CVE-2019-17404 (Nokia IMPACT < 18A: allows full path disclosure ...)
+ TODO: check
+CVE-2019-17403 (Nokia IMPACT < 18A: An unrestricted File Upload
vulnerability was f ...)
+ TODO: check
CVE-2019-17402 (Exiv2 0.27.2 allows attackers to trigger a crash in
Exiv2::getULong in ...)
TODO: check
CVE-2019-17401 (** DISPUTED ** libyal liblnk 20191006 has a heap-based buffer
over-rea ...)
@@ -9243,10 +9288,10 @@ CVE-2019-16767
RESERVED
CVE-2019-16766
RESERVED
-CVE-2019-16765
- RESERVED
-CVE-2019-16764
- RESERVED
+CVE-2019-16765 (If an attacker can get a user to open a specially prepared
directory t ...)
+ TODO: check
+CVE-2019-16764 (The use of `String.to_atom/1` in PowAssent is susceptible to
denial of ...)
+ TODO: check
CVE-2019-16763 (In Pannellum from 2.5.0 through 2.5.4 URLs were not sanitized
for data ...)
NOT-FOR-US: Pannellum
CVE-2019-16762 (A specially crafted Bitcoin script can cause a discrepancy
between the ...)
@@ -12283,8 +12328,8 @@ CVE-2019-15686
RESERVED
CVE-2019-15685
RESERVED
-CVE-2019-15684
- RESERVED
+CVE-2019-15684 (Kaspersky Protection extension for web browser Google Chrome
prior to ...)
+ TODO: check
CVE-2019-15683 (TurboVNC server code contains stack buffer overflow
vulnerability in c ...)
NOT-FOR-US: TurboVNC
CVE-2019-15682 (RDesktop version 1.8.4 contains multiple out-of-bound access
read vuln ...)
@@ -14811,8 +14856,7 @@ CVE-2019-14892
NOTE: https://github.com/FasterXML/jackson-databind/issues/2462
NOTE:
https://github.com/FasterXML/jackson-databind/commit/41b7f9b90149e9d44a65a8261a8deedc7186f6af
NOTE:
https://github.com/FasterXML/jackson-databind/commit/819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b
-CVE-2019-14891
- RESERVED
+CVE-2019-14891 (A flaw was found in cri-o, as a result of all pod-related
processes be ...)
NOT-FOR-US: Kubernetes CRI-O
CVE-2019-14890
RESERVED
@@ -15048,8 +15092,7 @@ CVE-2019-14826 (A flaw was found in FreeIPA versions
4.5.0 and later. Session co
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1746944
NOTE: Introduced by
https://pagure.io/freeipa/c/b895f4a34bcbd0b1787d2bfc1db25f34c3584b9c
NOTE: due to fix for https://fedorahosted.org/freeipa/ticket/6682.
-CVE-2019-14825
- RESERVED
+CVE-2019-14825 (A cleartext password storage issue was discovered in Katello,
versions ...)
NOT-FOR-US: Katello
CVE-2019-14824 (A flaw was found in the 'deref' plugin of 389-ds-base where it
could u ...)
{DLA-2004-1}
@@ -15064,8 +15107,7 @@ CVE-2019-14823 (A flaw was found in the "Leaf and
Chain" OCSP policy implementat
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1747435
NOTE: https://github.com/dogtagpki/jss/pull/284
NOTE:
https://github.com/dogtagpki/jss/commit/be37ff4738b4696d529a13b6ed33c7ac56d97ba4
-CVE-2019-14822 [missing authorization flaw]
- RESERVED
+CVE-2019-14822 (A flaw was discovered in ibus that allows any unprivileged
user to mon ...)
{DSA-4525-1}
- ibus 1.5.21-1 (bug #940267)
NOTE: https://www.openwall.com/lists/oss-security/2019/09/13/1
@@ -15103,8 +15145,7 @@ CVE-2019-14817 (A flaw was found in, ghostscript
versions prior to 9.50, in the
CVE-2019-14816 (There is heap-based buffer overflow in kernel, all versions up
to, exc ...)
{DLA-1930-1}
- linux 5.2.17-1
-CVE-2019-14815
- RESERVED
+CVE-2019-14815 (kernel is vulnerable to a None ...)
{DLA-1930-1}
- linux 5.2.17-1
[jessie] - linux <not-affected> (Vulnerability introduced later)
@@ -18490,254 +18531,195 @@ CVE-2019-13726
RESERVED
CVE-2019-13725
RESERVED
-CVE-2019-13724
- RESERVED
+CVE-2019-13724 (Out of bounds memory access in WebBluetooth in Google Chrome
prior to ...)
{DSA-4575-1}
- chromium 78.0.3904.108-1
-CVE-2019-13723
- RESERVED
+CVE-2019-13723 (Use after free in WebBluetooth in Google Chrome prior to
78.0.3904.108 ...)
{DSA-4575-1}
- chromium 78.0.3904.108-1
CVE-2019-13722
RESERVED
-CVE-2019-13721
- RESERVED
+CVE-2019-13721 (Use after free in PDFium in Google Chrome prior to
78.0.3904.87 allowe ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13720
- RESERVED
+CVE-2019-13720 (Use after free in WebAudio in Google Chrome prior to
78.0.3904.87 allo ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13719
- RESERVED
+CVE-2019-13719 (Incorrect security UI in full screen mode in Google Chrome
prior to 78 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13718
- RESERVED
+CVE-2019-13718 (Insufficient data validation in Omnibox in Google Chrome prior
to 78.0 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13717
- RESERVED
+CVE-2019-13717 (Incorrect security UI in full screen mode in Google Chrome
prior to 78 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13716
- RESERVED
+CVE-2019-13716 (Insufficient policy enforcement in service workers in Google
Chrome pr ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13715
- RESERVED
+CVE-2019-13715 (Insufficient validation of untrusted input in Omnibox in
Google Chrome ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13714
- RESERVED
+CVE-2019-13714 (Insufficient validation of untrusted input in Color Enhancer
extension ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13713
- RESERVED
+CVE-2019-13713 (Insufficient policy enforcement in JavaScript in Google Chrome
prior t ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
CVE-2019-13712
RESERVED
-CVE-2019-13711
- RESERVED
+CVE-2019-13711 (Insufficient policy enforcement in JavaScript in Google Chrome
prior t ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13710
- RESERVED
+CVE-2019-13710 (Insufficient validation of untrusted input in downloads in
Google Chro ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13709
- RESERVED
+CVE-2019-13709 (Insufficient policy enforcement in downloads in Google Chrome
prior to ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13708
- RESERVED
+CVE-2019-13708 (Inappropriate implementation in navigation in Google Chrome on
iOS pri ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13707
- RESERVED
+CVE-2019-13707 (Insufficient validation of untrusted input in intents in
Google Chrome ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13706
- RESERVED
+CVE-2019-13706 (Out of bounds memory access in PDFium in Google Chrome prior
to 78.0.3 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13705
- RESERVED
+CVE-2019-13705 (Insufficient policy enforcement in extensions in Google Chrome
prior t ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13704
- RESERVED
+CVE-2019-13704 (Insufficient policy enforcement in navigation in Google Chrome
prior t ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13703
- RESERVED
+CVE-2019-13703 (Insufficient policy enforcement in the Omnibox in Google
Chrome on And ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13702
- RESERVED
+CVE-2019-13702 (Inappropriate implementation in installer in Google Chrome on
Windows ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13701
- RESERVED
+CVE-2019-13701 (Incorrect implementation in navigation in Google Chrome prior
to 78.0. ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13700
- RESERVED
+CVE-2019-13700 (Out of bounds memory access in the gamepad API in Google
Chrome prior ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13699
- RESERVED
+CVE-2019-13699 (Use after free in media in Google Chrome prior to 78.0.3904.70
allowed ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13698
- RESERVED
-CVE-2019-13697
- RESERVED
+CVE-2019-13698 (Out of bounds memory access in JavaScript in Google Chrome
prior to 73 ...)
+ TODO: check
+CVE-2019-13697 (Insufficient policy enforcement in performance APIs in Google
Chrome p ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13696
- RESERVED
+CVE-2019-13696 (Use after free in JavaScript in Google Chrome prior to
77.0.3865.120 a ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13695
- RESERVED
+CVE-2019-13695 (Use after free in audio in Google Chrome on Android prior to
77.0.3865 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13694
- RESERVED
+CVE-2019-13694 (Use after free in WebRTC in Google Chrome prior to
77.0.3865.120 allow ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13693
- RESERVED
+CVE-2019-13693 (Use after free in IndexedDB in Google Chrome prior to
77.0.3865.120 al ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13692
- RESERVED
+CVE-2019-13692 (Insufficient policy enforcement in reader mode in Google
Chrome prior ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13691
- RESERVED
+CVE-2019-13691 (Insufficient validation of untrusted input in navigation in
Google Chr ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
CVE-2019-13690
RESERVED
CVE-2019-13689
RESERVED
-CVE-2019-13688
- RESERVED
+CVE-2019-13688 (Use after free in Blink in Google Chrome prior to 77.0.3865.90
allowed ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13687
- RESERVED
+CVE-2019-13687 (Use after free in Blink in Google Chrome prior to 77.0.3865.90
allowed ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13686
- RESERVED
+CVE-2019-13686 (Use after free in offline mode in Google Chrome prior to
77.0.3865.90 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13685
- RESERVED
+CVE-2019-13685 (Use after free in sharing view in Google Chrome prior to
77.0.3865.90 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13684
- RESERVED
-CVE-2019-13683
- RESERVED
+CVE-2019-13684 (Inappropriate implementation in JavaScript in Google Chrome
prior to 7 ...)
+ TODO: check
+CVE-2019-13683 (Insufficient policy enforcement in developer tools in Google
Chrome pr ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13682
- RESERVED
+CVE-2019-13682 (Insufficient policy enforcement in external protocol handling
in Googl ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13681
- RESERVED
+CVE-2019-13681 (Insufficient data validation in downloads in Google Chrome
prior to 77 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13680
- RESERVED
+CVE-2019-13680 (Inappropriate implementation in TLS in Google Chrome prior to
77.0.386 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13679
- RESERVED
+CVE-2019-13679 (Insufficient policy enforcement in PDFium in Google Chrome
prior to 77 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13678
- RESERVED
+CVE-2019-13678 (Incorrect data validation in downloads in Google Chrome prior
to 77.0. ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13677
- RESERVED
+CVE-2019-13677 (Insufficient policy enforcement in site isolation in Google
Chrome pri ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13676
- RESERVED
+CVE-2019-13676 (Insufficient policy enforcement in Chromium in Google Chrome
prior to ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13675
- RESERVED
+CVE-2019-13675 (Insufficient data validation in extensions in Google Chrome
prior to 7 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13674
- RESERVED
+CVE-2019-13674 (IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75
allowed ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13673
- RESERVED
+CVE-2019-13673 (Insufficient data validation in developer tools in Google
Chrome prior ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
CVE-2019-13672
RESERVED
-CVE-2019-13671
- RESERVED
+CVE-2019-13671 (UI spoofing in Blink in Google Chrome prior to 77.0.3865.75
allowed a ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13670
- RESERVED
+CVE-2019-13670 (Insufficient data validation in JavaScript in Google Chrome
prior to 7 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13669
- RESERVED
+CVE-2019-13669 (Incorrect data validation in navigation in Google Chrome prior
to 77.0 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13668
- RESERVED
+CVE-2019-13668 (Insufficient policy enforcement in developer tools in Google
Chrome pr ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13667
- RESERVED
+CVE-2019-13667 (Inappropriate implementation in Omnibox in Google Chrome on
iOS prior ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13666
- RESERVED
+CVE-2019-13666 (Information leak in storage in Google Chrome prior to
77.0.3865.75 all ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13665
- RESERVED
+CVE-2019-13665 (Insufficient filtering in Blink in Google Chrome prior to
77.0.3865.75 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13664
- RESERVED
+CVE-2019-13664 (Insufficient policy enforcement in Blink in Google Chrome
prior to 77. ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13663
- RESERVED
+CVE-2019-13663 (IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75
allowed ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13662
- RESERVED
+CVE-2019-13662 (Insufficient policy enforcement in navigations in Google
Chrome prior ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13661
- RESERVED
+CVE-2019-13661 (UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75
allowed ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13660
- RESERVED
+CVE-2019-13660 (UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75
allowed ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-13659
- RESERVED
+CVE-2019-13659 (IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75
allowed ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
CVE-2019-13658 (CA Network Flow Analysis 9.x and 10.0.x have a default
credential vuln ...)
@@ -27052,6 +27034,7 @@ CVE-2019-11038 (When using the gdImageCreateFromXbm()
function in the GD Graphic
NOTE: https://github.com/libgd/libgd/issues/501
NOTE:
https://github.com/libgd/libgd/commit/e13a342c079aeb73e31dfa19eaca119761bac3f3
CVE-2019-11037 (In PHP imagick extension in versions between 3.3.0 and 3.4.4,
writing ...)
+ {DSA-4576-1}
- php-imagick 3.4.3-4.1 (bug #928420)
[jessie] - php-imagick <not-affected> (vulnerable code is not present)
NOTE: https://bugs.php.net/bug.php?id=77791
@@ -29109,8 +29092,7 @@ CVE-2019-10226 (HTML Injection has been discovered in
the v0.19.0 version of the
CVE-2019-10225
RESERVED
NOT-FOR-US: OpenShift
-CVE-2019-10224 [using dscreate in verbose mode results in information
disclosure]
- RESERVED
+CVE-2019-10224 (A flaw has been found in 389-ds-base versions 1.4.x.x before
1.4.1.3. ...)
- 389-ds-base 1.4.1.5-1
[stretch] - 389-ds-base <not-affected> (vulnerable code not present)
[jessie] - 389-ds-base <not-affected> (vulnerable code not present)
@@ -29145,8 +29127,7 @@ CVE-2019-10218 (A flaw was found in the samba client,
all samba versions before
[stretch] - samba <no-dsa> (Minor issue)
[jessie] - samba <no-dsa> (Minor issue)
NOTE: https://www.samba.org/samba/security/CVE-2019-10218.html
-CVE-2019-10217
- RESERVED
+CVE-2019-10217 (A flaw was found in ansible 2.8.0 before 2.8.4. Fields
managing sensit ...)
- ansible 2.8.6+dfsg-1 (bug #934128)
[buster] - ansible <not-affected> (Vulnerable code introduced later)
[stretch] - ansible <not-affected> (Vulnerable code introduced later)
@@ -29164,14 +29145,12 @@ CVE-2019-10216 [-dSAFER escape via .buildfont1]
NOTE:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5b85ddd19
CVE-2019-10215 (Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a
cross-sit ...)
NOT-FOR-US: Bootstrap-3-Typeahead
-CVE-2019-10214
- RESERVED
+CVE-2019-10214 (The containers/image library used by the container tools
Podman, Build ...)
- golang-github-containers-image <not-affected> (Vulnerable version was
never in unstable)
- singularity-container <unfixed>
NOTE: https://github.com/containers/image/issues/654
NOTE: https://github.com/containers/image/pull/669
-CVE-2019-10213
- RESERVED
+CVE-2019-10213 (OpenShift Container Platform, versions 4.1 and 4.2, does not
sanitize ...)
NOT-FOR-US: OpenShift
CVE-2019-10212 (A flaw was found in, all under 2.0.20, in the Undertow DEBUG
log for i ...)
- undertow 2.0.27-1
@@ -29193,8 +29172,7 @@ CVE-2019-10208 (A flaw was discovered in postgresql
versions 9.4.x before 9.4.24
- postgresql-9.6 <removed>
- postgresql-9.4 <removed>
NOTE: https://www.postgresql.org/about/news/1960/
-CVE-2019-10207 [bluetooth: hci_uart: 0x0 address execution as nonprivileged
user]
- RESERVED
+CVE-2019-10207 (A flaw was found in the Linux kernel's Bluetooth
implementation of UAR ...)
{DSA-4497-1 DSA-4495-1 DLA-1885-1 DLA-1884-1}
- linux 5.2.6-1
NOTE: https://www.openwall.com/lists/oss-security/2019/07/25/1
@@ -29330,8 +29308,7 @@ CVE-2019-10176 (A flaw was found in OpenShift Container
Platform, versions 3.11
NOT-FOR-US: OpenShift
CVE-2019-10175 (A flaw was found in the containerized-data-importer in
virt-cdi-cloner ...)
NOT-FOR-US: KubeVirt
-CVE-2019-10174
- RESERVED
+CVE-2019-10174 (A vulnerability was found in Infinispan such that the
invokeAccessibly ...)
NOT-FOR-US: infinispan
CVE-2019-10173 (It was found that xstream API version 1.4.10 before 1.4.11
introduced ...)
- libxstream-java 1.4.11-1
@@ -41710,141 +41687,108 @@ CVE-2019-5884 (php/elFinder.class.php in elFinder
before 2.1.45 leaks informatio
CVE-2019-5883 (An Incorrect Access Control issue was discovered in GitLab
Community a ...)
- gitlab 11.3.11+dfsg-1
NOTE:
https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/
-CVE-2019-5881
- RESERVED
+CVE-2019-5881 (Out of bounds read in SwiftShader in Google Chrome prior to
77.0.3865. ...)
- chromium 78.0.3904.87-1
-CVE-2019-5880
- RESERVED
+CVE-2019-5880 (Insufficient policy enforcement in Blink in Google Chrome prior
to 77. ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-5879
- RESERVED
+CVE-2019-5879 (Insufficient policy enforcement in extensions in Google Chrome
prior t ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-5878
- RESERVED
+CVE-2019-5878 (Use after free in V8 in Google Chrome prior to 77.0.3865.75
allowed a ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-5877
- RESERVED
+CVE-2019-5877 (Out of bounds memory access in JavaScript in Google Chrome
prior to 77 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-5876
- RESERVED
+CVE-2019-5876 (Use after free in media in Google Chrome on Android prior to
77.0.3865 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-5875
- RESERVED
+CVE-2019-5875 (Insufficient data validation in downloads in Google Chrome
prior to 77 ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-5874
- RESERVED
+CVE-2019-5874 (Insufficient filtering in URI schemes in Google Chrome on
Windows prio ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-5873
- RESERVED
+CVE-2019-5873 (Insufficient policy validation in navigation in Google Chrome
on iOS p ...)
- chromium <not-affected> (iOS specific issue)
-CVE-2019-5872
- RESERVED
+CVE-2019-5872 (Use after free in Mojo in Google Chrome prior to 77.0.3865.75
allowed ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-5871
- RESERVED
+CVE-2019-5871 (Heap buffer overflow in Skia in Google Chrome prior to
77.0.3865.75 al ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-5870
- RESERVED
+CVE-2019-5870 (Use after free in media in Google Chrome prior to 77.0.3865.75
allowed ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-5869
- RESERVED
+CVE-2019-5869 (Use after free in Blink in Google Chrome prior to 76.0.3809.132
allowe ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
-CVE-2019-5868
- RESERVED
+CVE-2019-5868 (Use after free in PDFium in Google Chrome prior to
76.0.3809.100 allow ...)
{DSA-4500-1}
- chromium 76.0.3809.100-1
-CVE-2019-5867
- RESERVED
+CVE-2019-5867 (Out of bounds read in JavaScript in Google Chrome prior to
76.0.3809.1 ...)
{DSA-4500-1}
- chromium 76.0.3809.100-1
-CVE-2019-5866
- RESERVED
-CVE-2019-5865
- RESERVED
+CVE-2019-5866 (Out of bounds memory access in JavaScript in Google Chrome
prior to 75 ...)
+ TODO: check
+CVE-2019-5865 (Insufficient policy enforcement in navigations in Google Chrome
prior ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
-CVE-2019-5864
- RESERVED
+CVE-2019-5864 (Insufficient data validation in CORS in Google Chrome prior to
76.0.38 ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
CVE-2019-5863
RESERVED
- chromium <not-affected> (Windows-specific)
-CVE-2019-5862
- RESERVED
+CVE-2019-5862 (Insufficient data validation in AppCache in Google Chrome prior
to 76. ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
-CVE-2019-5861
- RESERVED
+CVE-2019-5861 (Insufficient data validation in Blink in Google Chrome prior to
76.0.3 ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
-CVE-2019-5860
- RESERVED
+CVE-2019-5860 (Use after free in PDFium in Google Chrome prior to 76.0.3809.87
allowe ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
-CVE-2019-5859
- RESERVED
+CVE-2019-5859 (Insufficient filtering in URI schemes in Google Chrome on
Windows prio ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
-CVE-2019-5858
- RESERVED
+CVE-2019-5858 (Incorrect security UI in MacOS services integration in Google
Chrome o ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
-CVE-2019-5857
- RESERVED
+CVE-2019-5857 (Inappropriate implementation in JavaScript in Google Chrome
prior to 7 ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
-CVE-2019-5856
- RESERVED
+CVE-2019-5856 (Insufficient policy enforcement in storage in Google Chrome
prior to 7 ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
-CVE-2019-5855
- RESERVED
+CVE-2019-5855 (Integer overflow in PDFium in Google Chrome prior to
76.0.3809.87 allo ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
-CVE-2019-5854
- RESERVED
+CVE-2019-5854 (Integer overflow in PDFium in Google Chrome prior to
76.0.3809.87 allo ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
-CVE-2019-5853
- RESERVED
+CVE-2019-5853 (Inappropriate implementation in JavaScript in Google Chrome
prior to 7 ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
-CVE-2019-5852
- RESERVED
+CVE-2019-5852 (Inappropriate implementation in JavaScript in Google Chrome
prior to 7 ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
-CVE-2019-5851
- RESERVED
+CVE-2019-5851 (Use after free in WebAudio in Google Chrome prior to
76.0.3809.87 allo ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
-CVE-2019-5850
- RESERVED
+CVE-2019-5850 (Use after free in offline mode in Google Chrome prior to
76.0.3809.87 ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
-CVE-2019-5849
- RESERVED
+CVE-2019-5849 (Out of bounds read in Skia in Google Chrome prior to
75.0.3770.80 allo ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
- firefox 69.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-5849
-CVE-2019-5848
- RESERVED
+CVE-2019-5848 (Incorrect font handling in autofill in Google Chrome prior to
75.0.377 ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
-CVE-2019-5847
- RESERVED
+CVE-2019-5847 (Inappropriate implementation in JavaScript in Google Chrome
prior to 7 ...)
{DSA-4500-1}
- chromium 76.0.3809.87-1
CVE-2019-5846
@@ -41855,8 +41799,7 @@ CVE-2019-5844
RESERVED
CVE-2019-5843
RESERVED
-CVE-2019-5842
- RESERVED
+CVE-2019-5842 (Use after free in Blink in Google Chrome prior to 75.0.3770.90
allowed ...)
{DSA-4500-1}
- chromium 75.0.3770.90-1
CVE-2019-5841
@@ -45217,8 +45160,8 @@ CVE-2019-4408
RESERVED
CVE-2019-4407
RESERVED
-CVE-2019-4406
- RESERVED
+CVE-2019-4406 (IBM Spectrum Protect Backup-Archive Client 7.1 and 8.1 may be
vulnerab ...)
+ TODO: check
CVE-2019-4405
RESERVED
CVE-2019-4404
@@ -106431,8 +106374,8 @@ CVE-2018-2027
RESERVED
CVE-2018-2026 (IBM Financial Transaction Manager 3.2.1 for Digital Payments
could all ...)
NOT-FOR-US: IBM
-CVE-2018-2025
- RESERVED
+CVE-2018-2025 (IBM Spectrum Protect Backup-Archive Client and IBM Spectrum
Protect fo ...)
+ TODO: check
CVE-2018-2024 (IBM QRadar SIEM 7.2 and 7.3 specifies permissions for a
security-criti ...)
NOT-FOR-US: IBM
CVE-2018-2023
@@ -216544,8 +216487,7 @@ CVE-2014-9650 (CRLF injection vulnerability in the
management plugin in RabbitMQ
NOTE: https://groups.google.com/forum/#!topic/rabbitmq-users/-3Z2FyGtXhs
NOTE: Fixed by:
https://github.com/rabbitmq/rabbitmq-management/commit/b5a5fc31bd49ad821a655ea9e2fe920d670a62ad
NOTE: http://www.openwall.com/lists/oss-security/2015/01/21/13
-CVE-2015-1396 [(another) directory traversal via symlinks -- incomplete fix
for CVE-2015-1196]
- RESERVED
+CVE-2015-1396 (A Directory Traversal vulnerability exists in the GNU patch
before 2.7 ...)
- patch 2.7.3-1 (bug #775901)
[wheezy] - patch <not-affected> (Not affected by CVE-2015-1196 and no
incomplete fix applied)
[squeeze] - patch <not-affected> (Not affected by CVE-2015-1196 and no
incomplete fix applied)
@@ -239078,8 +239020,7 @@ CVE-2014-2310 (The AgentX subagent in Net-SNMP before
5.4.4 allows remote attack
[wheezy] - net-snmp 5.4.3~dfsg-2.8
[squeeze] - net-snmp <no-dsa> (Minor issue)
NOTE: http://sourceforge.net/p/net-snmp/patches/1113/
-CVE-2012-6639
- RESERVED
+CVE-2012-6639 (An privilege elevation vulnerability exists in Cloud-init
before 0.7.0 ...)
- cloud-init 0.7.1-1
NOTE: http://article.gmane.org/gmane.comp.security.oss.general/12299
CVE-2014-2280 (Cross-site scripting (XSS) vulnerability in the search feature
in Seed ...)
@@ -253231,7 +253172,7 @@ CVE-2013-4225
RESERVED
NOT-FOR-US: RESTful Web Services (RESTWS) Drupal cotributed module
CVE-2013-4224
- RESERVED
+ REJECTED
NOTE: Dublicate of CVE-2013-4187, thus rejected
CVE-2013-4223 (The Gentoo Nullmailer package before 1.11-r2 uses
world-readable permi ...)
- nullmailer 1:1.11-2 (low; bug #684619)
@@ -267052,8 +266993,7 @@ CVE-2012-5645
- freeciv 2.3.4-1 (low; bug #696306)
[squeeze] - freeciv <no-dsa> (Minor issue)
[wheezy] - freeciv 2.3.2-1+deb7u1
-CVE-2012-5644 [(Complete) Information disclosure when moving user's home
directory]
- RESERVED
+CVE-2012-5644 (libuser has information disclosure when moving user's home
directory ...)
- libuser 1:0.60~dfsg-1 (low; bug #705690)
[wheezy] - libuser <no-dsa> (Minor issue)
[squeeze] - libuser <no-dsa> (Minor issue)
@@ -267069,8 +267009,7 @@ CVE-2012-5642 (server/action.py in Fail2ban before
0.8.8 does not properly handl
[squeeze] - fail2ban <not-affected> (Introduced in 0.8.6, see #696187)
CVE-2012-5641 (Directory traversal vulnerability in the partition2 function in
mochiw ...)
- couchdb <not-affected> (Only affects CouchDB on Windows)
-CVE-2012-5640 [thttpd: Local DoS vulnerability]
- RESERVED
+CVE-2012-5640 (thttpd has a local DoS vulnerability via specially-crafted
.htpasswd f ...)
- thttpd <removed> (low)
[squeeze] - thttpd <no-dsa> (Minor issue)
CVE-2012-5639
@@ -267100,11 +267039,9 @@ CVE-2012-5633 (The URIMappingInterceptor in Apache
CXF before 2.5.8, 2.6.x befor
- jbossas4 <not-affected> (Only builds a few libraries, not the full
application server, #581226)
CVE-2012-5632
RESERVED
-CVE-2012-5631
- RESERVED
+CVE-2012-5631 (ipa 3.0 does not properly check server identity before sending
credent ...)
NOT-FOR-US: FreeIPA
-CVE-2012-5630 [TOCTOU race conditions by copying and removing directory trees]
- RESERVED
+CVE-2012-5630 (libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use)
race co ...)
- libuser 1:0.60~dfsg-1 (low; bug #705690)
[wheezy] - libuser <no-dsa> (Minor issue)
[squeeze] - libuser <no-dsa> (Minor issue)
@@ -267144,8 +267081,7 @@ CVE-2012-5619 (The Sleuth Kit (TSK) 4.0.1 does not
properly handle "." (dotfile)
CVE-2012-5618
RESERVED
NOT-FOR-US: Ushahidi
-CVE-2012-5617 [privilege escalation due to improper authentication settings in
policykit configuration file]
- RESERVED
+CVE-2012-5617 (gksu-polkit: permissive PolicyKit policy configuration file
allows pri ...)
- gksu-polkit <removed> (bug #695807)
[squeeze] - gksu-polkit <end-of-life> (Unsupported in squeeze-lts)
NOTE: http://www.openwall.com/lists/oss-security/2012/12/12/8
@@ -267252,8 +267188,7 @@ CVE-2012-5583 (phpCAS before 1.3.2 does not verify
that the server hostname matc
[squeeze] - moodle <no-dsa> (Minor issue)
[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy1
NOTE: https://github.com/Jasig/phpCAS/pull/58
-CVE-2012-5582 [opendnssec curl usage]
- RESERVED
+CVE-2012-5582 (opendnssec misuses libcurl API ...)
- opendnssec <not-affected> (eppclient not built in Debian package)
NOTE:
http://lists.opendnssec.org/pipermail/opendnssec-user/2012-November/002296.html
CVE-2012-5581 (Stack-based buffer overflow in tif_dir.c in LibTIFF before
4.0.2 allow ...)
@@ -267269,8 +267204,7 @@ CVE-2012-5580 (Format string vulnerability in the
print_proxies function in bin/
NOTE: https://code.google.com/p/libproxy/source/detail?r=475
CVE-2012-5579
REJECTED
-CVE-2012-5578 [Python keyring insecure permissions on new databases]
- RESERVED
+CVE-2012-5578 (Python keyring has insecure permissions on new databases
allowing worl ...)
- python-keyring 0.9.2-1.1 (bug #696736)
[wheezy] - python-keyring 0.7.1-1+deb7u1
[squeeze] - python-keyring <no-dsa> (Minor issue)
@@ -267379,8 +267313,7 @@ CVE-2012-5537 (The Simplenews Scheduler module
6.x-2.x before 6.x-2.4 for Drupal
NOT-FOR-US: Drupal contributed-module
CVE-2012-5536 (A certain Red Hat build of the pam_ssh_agent_auth module on Red
Hat En ...)
NOT-FOR-US: Red Hat-specific packaging flaw
-CVE-2012-5535
- RESERVED
+CVE-2012-5535 (gnome-system-log polkit policy allows arbitrary files on the
system to ...)
- gnome-system-log <not-affected> (Fedora-specific issue)
CVE-2012-5534 (The hook_process function in the plugin API for WeeChat 0.3.0
through ...)
{DSA-2598-1}
@@ -267404,8 +267337,7 @@ CVE-2012-5529 (TraceManager in Firebird 2.5.0 and
2.5.1, when trace is enabled,
- firebird2.1 <not-affected> (Only affects 2.5.x)
CVE-2012-5528
RESERVED
-CVE-2012-5527
- RESERVED
+CVE-2012-5527 (Claws Mail vCalendar plugin: credentials exposed on interface
...)
- claws-mail-extra-plugins 3.8.1-2 (unimportant; bug #693391)
NOTE: More of a plain bug than a security vulnerability
CVE-2012-5526 (CGI.pm module before 3.63 for Perl does not properly escape
newlines i ...)
@@ -267429,8 +267361,7 @@ CVE-2012-5522 (MantisBT before 1.2.12 does not use an
expected default value dur
- mantis 1.2.11-1.2 (bug #693283)
[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
NOTE: http://www.mantisbt.org/bugs/view.php?id=14496
-CVE-2012-5521
- RESERVED
+CVE-2012-5521 (quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d
daemon pe ...)
- quagga <unfixed> (unimportant; bug #693102)
NOTE: Not reproducible so far
CVE-2012-5520 (The send_to_sourcefire function in manage_sql.c in OpenVAS
Manager 3.x ...)
@@ -267439,8 +267370,7 @@ CVE-2012-5519 (CUPS 1.4.4, when running in certain
Linux distributions such as D
{DSA-2600-1}
- cups 1.5.3-2.7 (bug #692791)
NOTE: http://seclists.org/oss-sec/2012/q4/253
-CVE-2012-5518
- RESERVED
+CVE-2012-5518 (vdsm: certificate generation upon node creation allowing vdsm
to start ...)
NOT-FOR-US: ovirt / vsdm
CVE-2012-5517 (The online_pages function in mm/memory_hotplug.c in the Linux
kernel b ...)
- linux 3.2.41-1
@@ -281534,8 +281464,7 @@ CVE-2011-4926 (Cross-site scripting (XSS)
vulnerability in adminimize/adminimize
NOT-FOR-US: WordPress plugin Adminimize
CVE-2011-4925 (Terascale Open-Source Resource and Queue Manager (aka TORQUE
Resource ...)
- torque <not-affected> (The version in Debian doesn't yet have MUNGE
support)
-CVE-2011-4924
- RESERVED
+CVE-2011-4924 (Cross-site scripting (XSS) vulnerability in Zope 2.8.x before
2.8.12, ...)
- zope2.12 2.12.22-1
- zope3 <removed> (low)
- zope2.10 <removed> (low)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ea926fa6940e7f7f9d12b0dd5afe5641948a3e85
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ea926fa6940e7f7f9d12b0dd5afe5641948a3e85
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
