Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dee5a6ba by security tracker role at 2018-01-17T09:10:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,25 @@
+CVE-2018-5731
+ RESERVED
+CVE-2018-5730
+ RESERVED
+CVE-2018-5729
+ RESERVED
+CVE-2018-5728 (Cobham Sea Tel 121 build 222701 devices allow remote attackers
to ...)
+ TODO: check
+CVE-2018-5727 (In OpenJPEG 2.3.0, there is an integer overflow vulnerability
in the ...)
+ TODO: check
+CVE-2018-5726 (MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to
obtain ...)
+ TODO: check
+CVE-2018-5725 (MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated ...)
+ TODO: check
+CVE-2018-5724 (MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated ...)
+ TODO: check
+CVE-2018-5723 (MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password
of ...)
+ TODO: check
+CVE-2018-5722
+ RESERVED
+CVE-2018-5721 (Stack-based buffer overflow in the ej_update_variables function
in ...)
+ TODO: check
CVE-2018-5720
RESERVED
CVE-2018-5719
@@ -15,12 +37,14 @@ CVE-2018-5714 (In Malwarefox Anti-Malware 2.72.169, the
driver file (zam64.sys)
CVE-2018-5713 (In Malwarefox Anti-Malware 2.72.169, the driver file
(zam64.sys) allows ...)
NOT-FOR-US: Malwarefox Anti-Malware
CVE-2018-5712 (An issue was discovered in PHP before 5.6.33, 7.0.x before
7.0.27, ...)
+ {DSA-4081-1 DSA-4080-1}
- php7.1 7.1.13-1
- php7.0 7.0.27-1
- php5 <removed>
NOTE: Fixed in 5.6.33, 7.0.27, 7.1.13, 7.2.1
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74782
CVE-2018-5711 (gd_gif_in.c in the GD Graphics Library (aka libgd), as used in
PHP ...)
+ {DSA-4081-1 DSA-4080-1}
- php7.1 7.1.13-1 (unimportant)
- php7.0 7.0.27-1 (unimportant)
- php5 <removed> (unimportant)
@@ -999,8 +1023,8 @@ CVE-2018-XXXX [Password protect the JSONRPC interface]
NOTE: http://www.openwall.com/lists/oss-security/2018/01/10/4
CVE-2018-5300
RESERVED
-CVE-2018-5299
- RESERVED
+CVE-2018-5299 (A stack-based Buffer Overflow Vulnerability exists in the web
server in ...)
+ TODO: check
CVE-2018-5298 (In the Procter & Gamble "Oral-B App" (aka
com.pg.oralb.oralbapp) ...)
NOT-FOR-US: Procter & Gamble "Oral-B App" for Android
CVE-2018-5297
@@ -4829,8 +4853,8 @@ CVE-2017-17949 (Cells Blog 3.5 has XSS via the
pub_readpost.php fmid parameter.
NOT-FOR-US: Cells Blog
CVE-2017-17948 (Cells Blog 3.5 has XSS via the jfdname parameter in an
act=showpic ...)
NOT-FOR-US: Cells Blog
-CVE-2017-17947
- RESERVED
+CVE-2017-17947 (A cross site scripting issue has been found in custompage.cgi
in Pulse ...)
+ TODO: check
CVE-2017-1000411
RESERVED
NOT-FOR-US: OpenDayLight
@@ -57342,6 +57366,7 @@ CVE-2017-3146
RESERVED
CVE-2017-3145 [Improper fetch cleanup sequencing in the resolver can cause
named to crash]
RESERVED
+ {DSA-4089-1}
- bind9 1:9.11.2.P1-1
NOTE: https://kb.isc.org/article/AA-01542
NOTE: Fixed by (master):
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=053b51c4dbd28f6e4de71ce4268a6f606025d76d
@@ -62552,7 +62577,7 @@ CVE-2017-0917 [Cross-site scripting (XSS) vulnerability
in CI job output]
NOTE:
https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
CVE-2017-0916 [Critical Vulnerability with Command Injection via Webhooks]
RESERVED
- - gitlab <unfixed>
+ - gitlab <unfixed>
NOTE:
https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
CVE-2017-0915 [Remote Code Execution Vulnerability in GitLab Projects Import]
RESERVED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/dee5a6ba357be6dfd94ef4ba1f16b55157c632f3
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/dee5a6ba357be6dfd94ef4ba1f16b55157c632f3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
