Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: dee5a6ba by security tracker role at 2018-01-17T09:10:22+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,25 @@ +CVE-2018-5731 + RESERVED +CVE-2018-5730 + RESERVED +CVE-2018-5729 + RESERVED +CVE-2018-5728 (Cobham Sea Tel 121 build 222701 devices allow remote attackers to ...) + TODO: check +CVE-2018-5727 (In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the ...) + TODO: check +CVE-2018-5726 (MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain ...) + TODO: check +CVE-2018-5725 (MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated ...) + TODO: check +CVE-2018-5724 (MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated ...) + TODO: check +CVE-2018-5723 (MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of ...) + TODO: check +CVE-2018-5722 + RESERVED +CVE-2018-5721 (Stack-based buffer overflow in the ej_update_variables function in ...) + TODO: check CVE-2018-5720 RESERVED CVE-2018-5719 @@ -15,12 +37,14 @@ CVE-2018-5714 (In Malwarefox Anti-Malware 2.72.169, the driver file (zam64.sys) CVE-2018-5713 (In Malwarefox Anti-Malware 2.72.169, the driver file (zam64.sys) allows ...) NOT-FOR-US: Malwarefox Anti-Malware CVE-2018-5712 (An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, ...) + {DSA-4081-1 DSA-4080-1} - php7.1 7.1.13-1 - php7.0 7.0.27-1 - php5 <removed> NOTE: Fixed in 5.6.33, 7.0.27, 7.1.13, 7.2.1 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74782 CVE-2018-5711 (gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP ...) + {DSA-4081-1 DSA-4080-1} - php7.1 7.1.13-1 (unimportant) - php7.0 7.0.27-1 (unimportant) - php5 <removed> (unimportant) @@ -999,8 +1023,8 @@ CVE-2018-XXXX [Password protect the JSONRPC interface] NOTE: http://www.openwall.com/lists/oss-security/2018/01/10/4 CVE-2018-5300 RESERVED -CVE-2018-5299 - RESERVED +CVE-2018-5299 (A stack-based Buffer Overflow Vulnerability exists in the web server in ...) + TODO: check CVE-2018-5298 (In the Procter & Gamble "Oral-B App" (aka com.pg.oralb.oralbapp) ...) NOT-FOR-US: Procter & Gamble "Oral-B App" for Android CVE-2018-5297 @@ -4829,8 +4853,8 @@ CVE-2017-17949 (Cells Blog 3.5 has XSS via the pub_readpost.php fmid parameter. NOT-FOR-US: Cells Blog CVE-2017-17948 (Cells Blog 3.5 has XSS via the jfdname parameter in an act=showpic ...) NOT-FOR-US: Cells Blog -CVE-2017-17947 - RESERVED +CVE-2017-17947 (A cross site scripting issue has been found in custompage.cgi in Pulse ...) + TODO: check CVE-2017-1000411 RESERVED NOT-FOR-US: OpenDayLight @@ -57342,6 +57366,7 @@ CVE-2017-3146 RESERVED CVE-2017-3145 [Improper fetch cleanup sequencing in the resolver can cause named to crash] RESERVED + {DSA-4089-1} - bind9 1:9.11.2.P1-1 NOTE: https://kb.isc.org/article/AA-01542 NOTE: Fixed by (master): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=053b51c4dbd28f6e4de71ce4268a6f606025d76d @@ -62552,7 +62577,7 @@ CVE-2017-0917 [Cross-site scripting (XSS) vulnerability in CI job output] NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/ CVE-2017-0916 [Critical Vulnerability with Command Injection via Webhooks] RESERVED - - gitlab <unfixed> + - gitlab <unfixed> NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/ CVE-2017-0915 [Remote Code Execution Vulnerability in GitLab Projects Import] RESERVED View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dee5a6ba357be6dfd94ef4ba1f16b55157c632f3 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dee5a6ba357be6dfd94ef4ba1f16b55157c632f3 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits