Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 14f4ffc6 by security tracker role at 2018-01-30T09:10:15+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,21 @@ +CVE-2018-6402 + RESERVED +CVE-2018-6401 + RESERVED +CVE-2018-6400 + RESERVED +CVE-2018-6399 + RESERVED +CVE-2018-6398 + RESERVED +CVE-2018-6397 + RESERVED +CVE-2018-6396 + RESERVED +CVE-2018-6395 + RESERVED +CVE-2018-6394 + RESERVED CVE-2018-6393 (FreePBX 10.13.66-32bit allows post-authentication SQL injection via the ...) NOT-FOR-US: FreePBX CVE-2018-6392 (The filter_slice function in libavfilter/vf_transpose.c in FFmpeg ...) @@ -20,8 +38,8 @@ CVE-2018-6384 RESERVED CVE-2018-6383 (Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that ...) NOT-FOR-US: Monstra CMS -CVE-2018-6382 - RESERVED +CVE-2018-6382 (MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via ...) + TODO: check CVE-2018-6381 (In ZZIPlib 0.13.67, there is a segmentation fault caused by invalid ...) - zziplib <unfixed> NOTE: https://github.com/gdraheim/zziplib/issues/12 @@ -1060,7 +1078,7 @@ CVE-2018-5998 CVE-2018-5997 (An issue was discovered in the HTTP Server in RAVPower Filehub ...) NOT-FOR-US: RAVPower Filehub CVE-2018-1000007 (libcurl 7.1 through 7.57.0 might accidentally leak authentication data ...) - {DSA-4098-1} + {DSA-4098-1 DLA-1263-1} - curl 7.58.0-1 NOTE: https://curl.haxx.se/docs/adv_2018-b3bf.html NOTE: Patch: https://github.com/curl/curl/commit/af32cd3859336ab.patch View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/14f4ffc64e756cce1f2707b6afac8fe69b9aaab8 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/14f4ffc64e756cce1f2707b6afac8fe69b9aaab8 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits