Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: b940d59e by security tracker role at 2018-01-17T21:10:24+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,43 @@ +CVE-2018-5750 + RESERVED +CVE-2018-5749 + RESERVED +CVE-2018-5748 + RESERVED +CVE-2018-5747 (In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ...) + TODO: check +CVE-2018-5746 + RESERVED +CVE-2018-5745 + RESERVED +CVE-2018-5744 + RESERVED +CVE-2018-5743 + RESERVED +CVE-2018-5742 + RESERVED +CVE-2018-5741 + RESERVED +CVE-2018-5740 + RESERVED +CVE-2018-5739 + RESERVED +CVE-2018-5738 + RESERVED +CVE-2018-5737 + RESERVED +CVE-2018-5736 + RESERVED +CVE-2018-5735 + RESERVED +CVE-2018-5734 + RESERVED +CVE-2018-5733 + RESERVED +CVE-2018-5732 + RESERVED +CVE-2018-1000005 + RESERVED CVE-2018-5731 RESERVED CVE-2018-5730 @@ -1117,8 +1157,8 @@ CVE-2018-5260 RESERVED CVE-2018-5259 (Discuz! DiscuzX X3.4 allows remote authenticated users to bypass ...) NOT-FOR-US: Discuz! DiscuzX -CVE-2018-5258 - RESERVED +CVE-2018-5258 (The Neon app 1.6.14 iOS does not verify X.509 certificates from SSL ...) + TODO: check CVE-2018-5257 RESERVED CVE-2018-5256 @@ -1270,8 +1310,8 @@ CVE-2018-5197 RESERVED CVE-2018-5196 RESERVED -CVE-2018-5195 - RESERVED +CVE-2018-5195 (Hancom NEO versions 9.6.1.5183 and earlier have a buffer Overflow ...) + TODO: check CVE-2018-5194 RESERVED CVE-2018-5193 @@ -13118,22 +13158,22 @@ CVE-2018-0741 (The Color Management Module (Icm32.dll) in Windows 7 SP1 and Wind CVE-2017-17089 (custom/run.cgi in Webmin before 1.870 allows remote authenticated ...) - webmin <removed> CVE-2017-17091 (wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser ...) - {DLA-1216-1} + {DSA-4090-1 DLA-1216-1} - wordpress 4.9.1+dfsg-1 (bug #883314) NOTE: https://github.com/WordPress/WordPress/commit/eaf1cfdc1fe0bdffabd8d879c591b864d833326c NOTE: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/ CVE-2017-17093 (wp-includes/general-template.php in WordPress before 4.9.1 does not ...) - {DLA-1216-1} + {DSA-4090-1 DLA-1216-1} - wordpress 4.9.1+dfsg-1 (bug #883314) NOTE: https://github.com/WordPress/WordPress/commit/3713ac5ebc90fb2011e98dfd691420f43da6c09a NOTE: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/ CVE-2017-17094 (wp-includes/feed.php in WordPress before 4.9.1 does not properly ...) - {DLA-1216-1} + {DSA-4090-1 DLA-1216-1} - wordpress 4.9.1+dfsg-1 (bug #883314) NOTE: https://github.com/WordPress/WordPress/commit/f1de7e42df29395c3314bf85bff3d1f4f90541de NOTE: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/ CVE-2017-17092 (wp-includes/functions.php in WordPress before 4.9.1 does not require ...) - {DLA-1216-1} + {DSA-4090-1 DLA-1216-1} - wordpress 4.9.1+dfsg-1 (bug #883314) NOTE: https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509 NOTE: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/ @@ -15546,8 +15586,8 @@ CVE-2018-0001 (A remote, unauthenticated attacker may be able to execute code by NOT-FOR-US: Juniper CVE-2017-16866 (dayrui FineCms 5.2.0 before 2017.11.16 has Cross Site Scripting (XSS) ...) NOT-FOR-US: dayrui FineCms -CVE-2017-16865 - RESERVED +CVE-2017-16865 (The Trello importer in Atlassian Jira before version 7.6.1 allows ...) + TODO: check CVE-2017-16864 (The issue search resource in Atlassian Jira before version 7.4.2 ...) NOT-FOR-US: Atlassian Jira CVE-2017-16863 @@ -16607,7 +16647,7 @@ CVE-2017-1000132 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1 CVE-2017-1000131 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before ...) - mahara <removed> CVE-2017-16510 (WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() ...) - {DLA-1160-1} + {DSA-4090-1 DLA-1160-1} - wordpress 4.8.3+dfsg-1 (bug #880528) NOTE: https://wpvulndb.com/vulnerabilities/8941 NOTE: https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b940d59e18b53c0bbb5bfc3d7ec5b244abb5d507 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b940d59e18b53c0bbb5bfc3d7ec5b244abb5d507 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits