[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 4dea2153 by Moritz Muehlenhoff at 2018-04-12T20:38:17+02:00 NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -16,7 +16,7 @@ CVE-2018-10056 CVE-2018-10055 RESERVED CVE-2018-10054 (H2 1.4.197, as used in Datomic before 0.9.5697 and other products, ...) - TODO: check + NOT-FOR-US: H2 (different from src:python-h2) CVE-2018-10053 RESERVED CVE-2018-10052 (iScripts SupportDesk v4.3 has XSS via the ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4dea2153f4e071329dbd71d7dd4ae1a1b6999faa --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4dea2153f4e071329dbd71d7dd4ae1a1b6999faa You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f5ab4ae2 by Moritz Muehlenhoff at 2018-04-02T22:43:41+02:00 NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -70608,7 +70608,7 @@ CVE-2017-2160 CVE-2017-2159 RESERVED CVE-2017-2158 (Improper verification when expanding ZIP64 archives in Lhaplus ...) - TODO: check + NOT-FOR-US: Lhaplus CVE-2017-2157 (Untrusted search path vulnerability in installers for The Public ...) NOT-FOR-US: The Public Certification Service CVE-2017-2156 (Untrusted search path vulnerability in Vivaldi installer for Windows ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f5ab4ae23735b7e9f64f01bae92aeae2382045b3 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f5ab4ae23735b7e9f64f01bae92aeae2382045b3 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU from external check
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 9be3ea98 by Moritz Muehlenhoff at 2018-03-23T18:24:24+01:00 NFU from external check - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -21070,6 +21070,7 @@ CVE-2018-1086 RESERVED CVE-2018-1085 RESERVED + NOT-FOR-US: openshift-ansible CVE-2018-1084 RESERVED CVE-2018-1083 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9be3ea98e38d30f6cecd511eedbcb1c567fc3108 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9be3ea98e38d30f6cecd511eedbcb1c567fc3108 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: ac916f1f by Moritz Muehlenhoff at 2018-03-04T21:48:12+01:00 NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -44201,7 +44201,7 @@ CVE-2017-9271 (The commandline package update tool zypper writes HTTP proxy ...) - zypper (low) NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1050625 CVE-2017-9270 (In cryptctl before version 2.0 a malicious server could send RPC ...) - TODO: check + NOT-FOR-US: SuSE cryptctl CVE-2017-9269 (In libzypp before August 2018 GPG keys attached to YUM repositories ...) - libzypp CVE-2017-9268 (In the open build service before 201707022 the wipetrigger and rebuild ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ac916f1f2a7b946d50205cb7934a1518ac810f7f --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ac916f1f2a7b946d50205cb7934a1518ac810f7f You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo pushed to branch master at Debian Security Tracker / security-tracker Commits: 9c376e92 by Henri Salo at 2018-02-20T21:16:47+02:00 NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -43646,13 +43646,13 @@ CVE-2017-8980 (A Remote Disclosure of Information vulnerability in HPE Intellige CVE-2017-8979 (Security vulnerabilities in the HPE Integrated Lights-Out 2 (iLO 2) ...) TODO: check CVE-2017-8978 (A Remote Unauthorized Disclosure of Information vulnerability in HPE ...) - TODO: check + NOT-FOR-US: HPE IceWall Products CVE-2017-8977 (A Remote Denial of Service vulnerability in Hewlett Packard Enterprise ...) - TODO: check + NOT-FOR-US: Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance CVE-2017-8976 (A Remote Code Execution vulnerability in Hewlett Packard Enterprise ...) - TODO: check + NOT-FOR-US: Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance CVE-2017-8975 (A Remote Code Execution vulnerability in Hewlett Packard Enterprise ...) - TODO: checkG + NOT-FOR-US: Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance CVE-2017-8974 (A Local Authentication Restriction Bypass vulnerability in HPE NonStop ...) NOT-FOR-US: HPE NonStop Server CVE-2017-8973 (An improper input validation vulnerability in HPE Matrix Operating ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9c376e924fff6dd7121dcead6cf65c3e075795fd --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9c376e924fff6dd7121dcead6cf65c3e075795fd You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 2b88d04d by Moritz Muehlenhoff at 2018-02-16T11:01:27+01:00 NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -23071,6 +23071,7 @@ CVE-2017-15713 (Vulnerability in Apache Hadoop 0.23.x, 2.x before 2.7.5, 2.8.x b - hadoop (bug #793644) CVE-2017-15712 RESERVED + NOT-FOR-US: Oozie CVE-2017-15711 REJECTED CVE-2017-15710 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2b88d04d4c772b57bcf7ae0d1d0abe89f5062c04 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2b88d04d4c772b57bcf7ae0d1d0abe89f5062c04 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 35f46c20 by Moritz Muehlenhoff at 2018-02-14T22:27:27+01:00 NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -183,7 +183,7 @@ CVE-2018-6958 CVE-2018-6957 RESERVED CVE-2017-18188 (OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks ...) - TODO: check + NOT-FOR-US: opentmpfiles CVE-2017-18187 (In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an ...) TODO: check CVE-2018-7032 (webcheckout in myrepos through 1.20171231 does not sanitize URLs that ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/35f46c2012015ad62b3cfc15e071e2177d2de7ff --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/35f46c2012015ad62b3cfc15e071e2177d2de7ff You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo pushed to branch master at Debian Security Tracker / security-tracker Commits: 570030b4 by Henri Salo at 2018-02-11T11:04:12+02:00 NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -14554,6 +14554,7 @@ CVE-2018-1298 (A Denial of Service vulnerability was found in Apache Qpid Broker NOTE: https://git-wip-us.apache.org/repos/asf?p=qpid-broker-j.git;h=4b9fb37 CVE-2018-1297 RESERVED + NOT-FOR-US: Apache JMeter CVE-2018-1296 RESERVED CVE-2018-1295 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/570030b41d4397c3bc02b4c3a571ad3853a77f70 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/570030b41d4397c3bc02b4c3a571ad3853a77f70 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 8c867cbc by Moritz Muehlenhoff at 2018-02-10T14:32:29+01:00 NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -20,7 +20,7 @@ CVE-2018-6878 (Cross Site Scripting (XSS) exists in the review section in PHP Sc CVE-2018-6877 RESERVED CVE-2018-6876 (THe OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ...) - TODO: check + NOT-FOR-US: libfpx CVE-2018-6875 RESERVED CVE-2018-6874 @@ -596,17 +596,17 @@ CVE-2018-151 (Artifex Mupdf version 1.12.0 contains a Use After Free vulnera NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698873 NOTE: Fixed by: http://www.ghostscript.com/cgi-bin/findgit.cgi?321ba1de287016b0036bf4a56ce774ad11763384 CVE-2018-150 (Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer ...) - TODO: check + NOT-FOR-US: Sean Barrett stb_vorbis CVE-2018-149 (nanopool Claymore Dual Miner version 7.3 and earlier contains a Remote ...) - TODO: check + NOT-FOR-US: nanopool Claymore Dual Miner CVE-2018-148 (NASA RtRetrievalFramework version v1.0 contains a CWE-502 ...) - TODO: check + NOT-FOR-US: NASA RtRetrievalFramework CVE-2018-147 (NASA Kodiak version v1.0 contains a CWE-502 vulnerability in Kodiak ...) - TODO: check + NOT-FOR-US: NASA Kodiak CVE-2018-146 (NASA Pyblock version v1.0 - v1.3 contains a CWE-502 vulnerability in ...) - TODO: check + NOT-FOR-US: NASA Pyblock CVE-2018-145 (NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA ...) - TODO: check + NOT-FOR-US: NASA Singledop CVE-2018-144 (Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a ...) NOT-FOR-US: Security Onion Solutions Squert CVE-2018-143 (Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a ...) @@ -944,7 +944,6 @@ CVE-2018-6548 (A use-after-free issue was discovered in libwebm through 2018-02- [wheezy] - chromium-browser (Not supported in wheezy LTS) NOTE: https://bugs.chromium.org/p/webm/issues/detail?id=1493 NOTE: https://github.com/dwfault/PoCs/blob/master/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info.md - TODO: check CVE-2018-6547 RESERVED CVE-2018-6546 @@ -1381,7 +1380,6 @@ CVE-2018-6406 (The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in [wheezy] - chromium-browser (Not supported in wheezy LTS) NOTE: https://bugs.chromium.org/p/webm/issues/detail?id=1492 NOTE: https://github.com/dwfault/PoCs/blob/master/libwebm%20ParseVP9SuperFrameIndex%20memory%20corruption/libwebm%20ParseVP9SuperFrameIndex%20OOB%20read.md - TODO: check CVE-2018-6405 (In the ReadDCMImage function in coders/dcm.c in ImageMagick before ...) [experimental] - imagemagick 8:6.9.9.34+dfsg-1 - imagemagick (unimportant) @@ -1491,9 +1489,9 @@ CVE-2018-126 (Linux Linux kernel version at least v4.8 onwards, probably wel NOTE: https://git.kernel.org/linus/8914a595110a6eca69a5e275b323f5d09e18f4f9 NOTE: https://git.kernel.org/linus/2b16f048729bf35e6c28a40cbfad07239f9dcd90 CVE-2018-125 (Jerome Gamez Firebase Admin SDK for PHP version from 3.2.0 to 3.8.0 ...) - TODO: check + NOT-FOR-US: Jerome Gamez Firebase Admin SDK for PHP CVE-2018-123 (Bitpay/insight-api Insight-api version 5.0.0 and earlier contains a ...) - TODO: check + NOT-FOR-US: Bitpay/insight-api Insight-api CVE-2018-121 (GIT version 2.15.1 and earlier contains a Input Validation Error ...) - git (unimportant; bug #889680) NOTE: http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html @@ -1510,7 +1508,7 @@ CVE-2017-1000509 (Dolibarr version 6.0.2 contains a Cross Site Scripting (XSS) . CVE-2017-1000508 (Invoice Plane version 1.5.4 and earlier contains a Cross Site ...) NOT-FOR-US: Invoice Plane CVE-2017-1000507 (Canvs Canvas version 3.4.2 contains a Cross Site Scripting (XSS) ...) - TODO: check + NOT-FOR-US: Canvs Canvas CVE-2017-1000506 (Mautic version 2.11.0 and earlier contains a Cross Site Scripting ...) NOT-FOR-US: Mautic CVE-2016-10711 (Apsis Pound before 2.8a allows request smuggling via crafted headers, a ...) @@ -22691,7 +22689,7 @@ CVE-2017-15587 (An integer overflow was discovered in pdf_read_new_xref_section CVE-2017-15538 (Stored XSS vulnerability in the Media Objects component of ILIAS before ...) NOT-FOR-US: ILIAS CVE-2017-15536 (An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.x ...) - TODO: check + NOT-FOR-US: Cloudera Data Science Workbench
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo pushed to branch master at Debian Security Tracker / security-tracker Commits: 9857f12e by Henri Salo at 2018-01-27T13:48:52+02:00 NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -326,8 +326,10 @@ CVE-2018-6199 RESERVED CVE-2018-6195 RESERVED + NOT-FOR-US: WordPress plugin wp-splashing-images CVE-2018-6194 RESERVED + NOT-FOR-US: WordPress plugin wp-splashing-images CVE-2018-6193 (A Cross-Site Scripting (XSS) vulnerability was found in Routers2 2.24, ...) NOT-FOR-US: Routers2 CVE-2018-6192 (In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9857f12e837b7cf18c17e5cb5e61c174a68cc006 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9857f12e837b7cf18c17e5cb5e61c174a68cc006 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: afb3f34a by Moritz Muehlenhoff at 2018-01-24T07:41:26+01:00 NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,5 @@ +CVE-2018-118 + NOT-FOR-US: ovirt-engine CVE-2018-6179 RESERVED CVE-2018-6178 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/afb3f34adf0372ccf5578a8b81f16a2326bab7e7 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/afb3f34adf0372ccf5578a8b81f16a2326bab7e7 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 955c01c5 by Moritz Muehlenhoff at 2018-01-16T17:13:08+01:00 NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -4778,6 +4778,7 @@ CVE-2017-17947 RESERVED CVE-2017-1000411 RESERVED + NOT-FOR-US: OpenDayLight CVE-2017-17946 (A buffer overflow in Handy Password 4.9.3 allows remote attackers to ...) NOT-FOR-US: Handy Password CVE-2017-17945 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/955c01c53ceefe79920e5c36ea38a362a8aeae6e --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/955c01c53ceefe79920e5c36ea38a362a8aeae6e You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo pushed to branch master at Debian Security Tracker / security-tracker Commits: 512383d1 by Henri Salo at 2018-01-13T02:41:10+02:00 NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -355,9 +355,9 @@ CVE-2017-18028 (In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability wa CVE-2017-18027 (In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in ...) TODO: check CVE-2016-10706 (The Jetpack plugin before 4.0.3 for WordPress has XSS via a crafted ...) - TODO: check + NOT-FOR-US: WordPress plugin jetpack CVE-2016-10705 (The Jetpack plugin before 4.0.4 for WordPress has XSS via the Likes ...) - TODO: check + NOT-FOR-US: WordPress plugin jetpack CVE-2018- [rpc session-id mechanism design flaw results in RCE] - transmission (bug #886990) NOTE: http://www.openwall.com/lists/oss-security/2018/01/12/1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/512383d1b4090d162f2d5b5dff0525fb5b578518 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/512383d1b4090d162f2d5b5dff0525fb5b578518 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo pushed to branch master at Debian Security Tracker / security-tracker Commits: 682e7868 by Henri Salo at 2018-01-04T11:48:22+02:00 NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -37,7 +37,7 @@ CVE-2018-5193 CVE-2018-5192 RESERVED CVE-2018-5191 (/usr/local/www/csrf/csrf-magic.php in the WebGUI in pfSense before ...) - TODO: check + NOT-FOR-US: pfSense CVE-2018-5190 RESERVED CVE-2018-5189 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/682e78682b1c28f47ade0c90d2de7b3bf26d1aed --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/682e78682b1c28f47ade0c90d2de7b3bf26d1aed You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 8e5b3430 by Moritz Muehlenhoff at 2017-12-29T22:16:38+01:00 NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -565,7 +565,7 @@ CVE-2017-17912 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-base CVE-2017-17911 (packages/core/contact.php in Archon 3.21 rev-1 has XSS in the referer ...) NOT-FOR-US: Archon CVE-2017-17910 (On Hoermann BiSecur devices before 2018, a vulnerability can be ...) - TODO: check + NOT-FOR-US: Hoermann BiSecur CVE-2017-17909 (PHP Scripts Mall Responsive Realestate Script has XSS via the ...) NOT-FOR-US: PHP Scripts Mall Responsive Realestate Script CVE-2017-17908 (PHP Scripts Mall Responsive Realestate Script has CSRF via ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8e5b3430f37f19fb07156685abb060a67ad7ddc8 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8e5b3430f37f19fb07156685abb060a67ad7ddc8 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 872f9504 by Moritz Mühlenhoff at 2017-12-29T21:56:06+01:00 NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -405,7 +405,7 @@ CVE-2018-3611 CVE-2018-3610 RESERVED CVE-2017-17968 (A buffer overflow vulnerability in NetTransport.exe in NetTransport ...) - TODO: check + NOT-FOR-US: NetTransport Download Manager CVE-2017-17967 (pptreader.dll in Kingsoft WPS Office 10.1.0.6930 allows remote ...) NOT-FOR-US: Kingsoft WPS Office CVE-2017-17966 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/872f9504d10e7f484c70a868abc8d3755ff9b032 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/872f9504d10e7f484c70a868abc8d3755ff9b032 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
