[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Mon, 15 Jan 2018 13:11:02 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2abfa9d1 by security tracker role at 2018-01-15T21:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -475,8 +475,8 @@ CVE-2018-5481
        RESERVED
 CVE-2018-5480
        RESERVED
-CVE-2018-5479
-       RESERVED
+CVE-2018-5479 (FoxSash ImgHosting 1.5 (according to footer information) is 
vulnerable ...)
+       TODO: check
 CVE-2018-5478
        RESERVED
 CVE-2018-5477
@@ -703,7 +703,8 @@ CVE-2016-10706 (The Jetpack plugin before 4.0.3 for 
WordPress has XSS via a craf
        NOT-FOR-US: WordPress plugin jetpack
 CVE-2016-10705 (The Jetpack plugin before 4.0.4 for WordPress has XSS via the 
Likes ...)
        NOT-FOR-US: WordPress plugin jetpack
-CVE-2018-5702 [rpc session-id mechanism design flaw results in RCE]
+CVE-2018-5702 (Transmission through 2.92 relies on X-Transmission-Session-Id 
(which is ...)
+       {DSA-4087-1}
        - transmission <unfixed> (bug #886990)
        NOTE: http://www.openwall.com/lists/oss-security/2018/01/12/1
        NOTE: https://github.com/transmission/transmission/pull/468
@@ -4130,7 +4131,7 @@ CVE-2017-1000424 (Github Electron version 1.6.4 - 1.6.11 
and 1.7.0 - 1.7.5 is vu
 CVE-2017-1000423 (b2evolution version 6.6.0 - 6.8.10 is vulnerable to input 
validation ...)
        - b2evolution <removed>
 CVE-2017-1000422 (Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several 
integer ...)
-       {DLA-1234-1}
+       {DSA-4088-1 DLA-1234-1}
        - gdk-pixbuf 2.36.11-1
        NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=785973
        NOTE: Fixed by: 
https://git.gnome.org/browse/gdk-pixbuf/commit/?id=0012e066ba37439d402ce46afbc1311530a4ec61
@@ -40534,6 +40535,7 @@ CVE-2017-8316
 CVE-2017-8315
        RESERVED
 CVE-2017-8314 (Directory Traversal in Zip Extraction built-in function in Kodi 
17.1 ...)
+       {DLA-1243-1}
        - kodi 2:17.1+dfsg1-3 (bug #863230)
        - xbmc <removed>
        NOTE: http://blog.checkpoint.com/2017/05/23/hacked-in-translation/



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2abfa9d1462e7914f86ed6ea6d28d4ab585b0f0b

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2abfa9d1462e7914f86ed6ea6d28d4ab585b0f0b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to