Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: a895beca by Moritz Muehlenhoff at 2019-11-26T10:43:22Z new proftpd issues NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,11 +1,23 @@ CVE-2019-19272 (An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. Dir ...) - TODO: check + - proftpd-dfsg <unfixed> + [buster] - proftpd-dfsg <no-dsa> (Minor issue) + [stretch] - proftpd-dfsg <no-dsa> (Minor issue) + NOTE: https://github.com/proftpd/proftpd/issues/858 CVE-2019-19271 (An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. A w ...) - TODO: check + - proftpd-dfsg <unfixed> + [buster] - proftpd-dfsg <no-dsa> (Minor issue) + [stretch] - proftpd-dfsg <no-dsa> (Minor issue) + NOTE: https://github.com/proftpd/proftpd/issues/860 CVE-2019-19270 (An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. F ...) - TODO: check + - proftpd-dfsg <unfixed> + [buster] - proftpd-dfsg <no-dsa> (Minor issue) + [stretch] - proftpd-dfsg <no-dsa> (Minor issue) + NOTE: https://github.com/proftpd/proftpd/issues/859 CVE-2019-19269 (An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A ...) - TODO: check + - proftpd-dfsg <unfixed> + [buster] - proftpd-dfsg <no-dsa> (Minor issue) + [stretch] - proftpd-dfsg <no-dsa> (Minor issue) + NOTE: https://github.com/proftpd/proftpd/issues/861 CVE-2019-19268 RESERVED CVE-2019-19267 @@ -4719,9 +4731,9 @@ CVE-2019-18253 CVE-2019-18252 RESERVED CVE-2019-18251 (In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervis ...) - TODO: check + NOT-FOR-US: Omron CVE-2019-18250 (In all versions of ABB Power Generation Information Manager (PGIM) and ...) - TODO: check + NOT-FOR-US: ABB CVE-2019-18249 RESERVED CVE-2019-18248 @@ -4739,7 +4751,7 @@ CVE-2019-18243 CVE-2019-18242 RESERVED CVE-2019-18241 (In Philips IntelliBridge EC40 and EC80, IntelliBridge EC40 Hub all ver ...) - TODO: check + NOT-FOR-US: Philips CVE-2019-18240 (In Fuji Electric V-Server 4.0.6 and prior, several heap-based buffer o ...) NOT-FOR-US: Fuji CVE-2019-18239 @@ -11429,23 +11441,23 @@ CVE-2019-16004 CVE-2019-16003 RESERVED CVE-2019-16002 (A vulnerability in the vManage web-based UI (web UI) of the Cisco SD-W ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-16001 (A vulnerability in the loading mechanism of specific dynamic link libr ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-16000 RESERVED CVE-2019-15999 RESERVED CVE-2019-15998 (A vulnerability in the access-control logic of the NETCONF over Secure ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15997 (A vulnerability in Cisco DNA Spaces: Connector could allow an authenti ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15996 (A vulnerability in Cisco DNA Spaces: Connector could allow an authenti ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15995 (A vulnerability in the web UI of Cisco DNA Spaces: Connector could all ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15994 (A vulnerability in the web-based management interface of Cisco Stealth ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15993 RESERVED CVE-2019-15992 @@ -11453,15 +11465,15 @@ CVE-2019-15992 CVE-2019-15991 RESERVED CVE-2019-15990 (A vulnerability in the web-based management interface of certain Cisco ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15989 RESERVED CVE-2019-15988 (A vulnerability in the antispam protection mechanisms of Cisco AsyncOS ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15987 (A vulnerability in web interface of the Cisco Webex Event Center, Cisc ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15986 (A vulnerability in the CLI of Cisco Unity Express could allow an authe ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15985 RESERVED CVE-2019-15984 @@ -11487,19 +11499,19 @@ CVE-2019-15975 CVE-2019-15974 RESERVED CVE-2019-15973 (A vulnerability in the web-based management interface of Cisco Industr ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15972 (A vulnerability in the web-based management interface of Cisco Unified ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15971 (A vulnerability in the MP3 detection engine of Cisco AsyncOS Software ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15970 RESERVED CVE-2019-15969 RESERVED CVE-2019-15968 (A vulnerability in the web-based management interface of Cisco Unified ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15967 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15966 (A vulnerability in the web application of Cisco TelePresence Advanced ...) NOT-FOR-US: Cisco TelePresence Advanced Media Gateway CVE-2019-15965 @@ -11517,15 +11529,15 @@ CVE-2019-15961 [stretch] - clamav <no-dsa> (ClamAV is updated via -updates) NOTE: https://blog.clamav.net/2019/11/clamav-01021-and-01015-patches-have.html CVE-2019-15960 (A vulnerability in the Webex Network Recording Admin page of Cisco Web ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15959 RESERVED CVE-2019-15958 (A vulnerability in the REST API of Cisco Prime Infrastructure (PI) and ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15957 RESERVED CVE-2019-15956 (A vulnerability in the web management interface of Cisco AsyncOS Softw ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15955 (An issue was discovered in Total.js CMS 12.0.0. A low privilege user c ...) NOT-FOR-US: Total.js CMS CVE-2019-15954 (An issue was discovered in Total.js CMS 12.0.0. An authenticated user ...) @@ -12532,7 +12544,7 @@ CVE-2019-15631 CVE-2019-15630 (Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider com ...) NOT-FOR-US: Mulesoft CVE-2019-15629 (Trend Micro Password Manager versions 3.x, 5.0, and 5.1 for Android is ...) - TODO: check + NOT-FOR-US: Trend Micro CVE-2019-15628 RESERVED CVE-2019-15627 (Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent ar ...) @@ -12600,7 +12612,7 @@ CVE-2019-15597 CVE-2019-15596 RESERVED CVE-2019-15595 (A privilege escalation exists in UniFi Video Controller =<3.10.6 th ...) - TODO: check + NOT-FOR-US: UniFi Video Controller CVE-2019-15594 RESERVED CVE-2019-15593 (GitLab 12.2.3 contains a security vulnerability that allows a user to ...) @@ -13444,15 +13456,15 @@ CVE-2019-15293 (An issue was discovered in ACDSee Photo Studio Standard 22.1 Bui CVE-2019-15289 RESERVED CVE-2019-15288 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15287 RESERVED CVE-2019-15286 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15285 RESERVED CVE-2019-15284 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15283 RESERVED CVE-2019-15282 (A vulnerability in the web-based management interface of Cisco Identit ...) @@ -13468,7 +13480,7 @@ CVE-2019-15278 CVE-2019-15277 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...) NOT-FOR-US: Cisco CVE-2019-15276 (A vulnerability in the web interface of Cisco Wireless LAN Controller ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15275 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...) NOT-FOR-US: Cisco CVE-2019-15274 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...) @@ -13478,7 +13490,7 @@ CVE-2019-15273 (Multiple vulnerabilities in the CLI of Cisco TelePresence Collab CVE-2019-15272 (A vulnerability in the web-based interface of Cisco Unified Communicat ...) NOT-FOR-US: Cisco CVE-2019-15271 (A vulnerability in the web-based management interface of certain Cisco ...) - TODO: check + NOT-FOR-US: Cisco CVE-2019-15270 (A vulnerability in the web-based management interface of Cisco Firepow ...) NOT-FOR-US: Cisco CVE-2019-15269 (Multiple vulnerabilities in the web-based management interface of Cisc ...) @@ -26376,7 +26388,7 @@ CVE-2019-11292 CVE-2019-11291 (Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior ...) TODO: check CVE-2019-11290 (Cloud Foundry UAA Release, versions prior to v74.8.0, logs all query p ...) - TODO: check + NOT-FOR-US: Cloud Foundry CVE-2019-11289 (Cloud Foundry Routing, all versions before 0.193.0, does not properly ...) NOT-FOR-US: Cloud Foundry Routing CVE-2019-11288 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a895beca9a05c1dd1eb7112c08842129b24a7c57 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a895beca9a05c1dd1eb7112c08842129b24a7c57 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits