Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9949af02 by security tracker role at 2018-02-15T21:10:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,32 +1,257 @@
-CVE-2018-7057
+CVE-2018-7172
RESERVED
-CVE-2018-7056
+CVE-2018-7171
RESERVED
-CVE-2018-7055
+CVE-2018-7170
RESERVED
-CVE-2018-7054 [Use after free when server is disconnected during netsplits]
+CVE-2018-7169 (An issue was discovered in shadow 4.5. newgidmap (in
shadow-utils) is ...)
+ TODO: check
+CVE-2018-7168
+ RESERVED
+CVE-2018-7167
+ RESERVED
+CVE-2018-7166
+ RESERVED
+CVE-2018-7165
+ RESERVED
+CVE-2018-7164
+ RESERVED
+CVE-2018-7163
+ RESERVED
+CVE-2018-7162
+ RESERVED
+CVE-2018-7161
+ RESERVED
+CVE-2018-7160
+ RESERVED
+CVE-2018-7159
+ RESERVED
+CVE-2018-7158
+ RESERVED
+CVE-2018-7157
+ RESERVED
+CVE-2018-7156
+ RESERVED
+CVE-2018-7155
+ RESERVED
+CVE-2018-7154
+ RESERVED
+CVE-2018-7153
+ RESERVED
+CVE-2018-7152
+ RESERVED
+CVE-2018-7151
+ RESERVED
+CVE-2018-7150
+ RESERVED
+CVE-2018-7149
+ RESERVED
+CVE-2018-7148
+ RESERVED
+CVE-2018-7147
+ RESERVED
+CVE-2018-7146
+ RESERVED
+CVE-2018-7145
+ RESERVED
+CVE-2018-7144
+ RESERVED
+CVE-2018-7143
+ RESERVED
+CVE-2018-7142
+ RESERVED
+CVE-2018-7141
+ RESERVED
+CVE-2018-7140
+ RESERVED
+CVE-2018-7139
+ RESERVED
+CVE-2018-7138
+ RESERVED
+CVE-2018-7137
+ RESERVED
+CVE-2018-7136
+ RESERVED
+CVE-2018-7135
+ RESERVED
+CVE-2018-7134
+ RESERVED
+CVE-2018-7133
+ RESERVED
+CVE-2018-7132
+ RESERVED
+CVE-2018-7131
+ RESERVED
+CVE-2018-7130
+ RESERVED
+CVE-2018-7129
+ RESERVED
+CVE-2018-7128
+ RESERVED
+CVE-2018-7127
+ RESERVED
+CVE-2018-7126
+ RESERVED
+CVE-2018-7125
+ RESERVED
+CVE-2018-7124
+ RESERVED
+CVE-2018-7123
+ RESERVED
+CVE-2018-7122
+ RESERVED
+CVE-2018-7121
+ RESERVED
+CVE-2018-7120
+ RESERVED
+CVE-2018-7119
+ RESERVED
+CVE-2018-7118
+ RESERVED
+CVE-2018-7117
+ RESERVED
+CVE-2018-7116
+ RESERVED
+CVE-2018-7115
+ RESERVED
+CVE-2018-7114
+ RESERVED
+CVE-2018-7113
+ RESERVED
+CVE-2018-7112
+ RESERVED
+CVE-2018-7111
+ RESERVED
+CVE-2018-7110
+ RESERVED
+CVE-2018-7109
+ RESERVED
+CVE-2018-7108
+ RESERVED
+CVE-2018-7107
+ RESERVED
+CVE-2018-7106
+ RESERVED
+CVE-2018-7105
+ RESERVED
+CVE-2018-7104
+ RESERVED
+CVE-2018-7103
+ RESERVED
+CVE-2018-7102
+ RESERVED
+CVE-2018-7101
+ RESERVED
+CVE-2018-7100
+ RESERVED
+CVE-2018-7099
+ RESERVED
+CVE-2018-7098
+ RESERVED
+CVE-2018-7097
RESERVED
+CVE-2018-7096
+ RESERVED
+CVE-2018-7095
+ RESERVED
+CVE-2018-7094
+ RESERVED
+CVE-2018-7093
+ RESERVED
+CVE-2018-7092
+ RESERVED
+CVE-2018-7091
+ RESERVED
+CVE-2018-7090
+ RESERVED
+CVE-2018-7089
+ RESERVED
+CVE-2018-7088
+ RESERVED
+CVE-2018-7087
+ RESERVED
+CVE-2018-7086
+ RESERVED
+CVE-2018-7085
+ RESERVED
+CVE-2018-7084
+ RESERVED
+CVE-2018-7083
+ RESERVED
+CVE-2018-7082
+ RESERVED
+CVE-2018-7081
+ RESERVED
+CVE-2018-7080
+ RESERVED
+CVE-2018-7079
+ RESERVED
+CVE-2018-7078
+ RESERVED
+CVE-2018-7077
+ RESERVED
+CVE-2018-7076
+ RESERVED
+CVE-2018-7075
+ RESERVED
+CVE-2018-7074
+ RESERVED
+CVE-2018-7073
+ RESERVED
+CVE-2018-7072
+ RESERVED
+CVE-2018-7071
+ RESERVED
+CVE-2018-7070
+ RESERVED
+CVE-2018-7069
+ RESERVED
+CVE-2018-7068
+ RESERVED
+CVE-2018-7067
+ RESERVED
+CVE-2018-7066
+ RESERVED
+CVE-2018-7065
+ RESERVED
+CVE-2018-7064
+ RESERVED
+CVE-2018-7063
+ RESERVED
+CVE-2018-7062
+ RESERVED
+CVE-2018-7061
+ RESERVED
+CVE-2018-7060
+ RESERVED
+CVE-2018-7059
+ RESERVED
+CVE-2018-7058
+ RESERVED
+CVE-2018-7057 (RoomWizard before 4.4.x allows XSS via the HelpAction.action
pageName ...)
+ TODO: check
+CVE-2018-7056 (RoomWizard before 4.4.x allows remote attackers to obtain
potentially ...)
+ TODO: check
+CVE-2018-7055 (GroupViewProxyServlet in RoomWizard before 4.4.x allows SSRF
via the ...)
+ TODO: check
+CVE-2018-7054 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before
1.1.1. ...)
- irssi <unfixed>
NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
-CVE-2018-7053 [Use after free when SASL messages are received in unexpected
order]
- RESERVED
+CVE-2018-7053 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before
1.1.1. ...)
- irssi <unfixed>
NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
-CVE-2018-7052 [Null pointer dereference]
- RESERVED
+CVE-2018-7052 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before
1.1.1. ...)
- irssi <unfixed>
NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
-CVE-2018-7051 [out of bounds access when printing theme strings]
- RESERVED
+CVE-2018-7051 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before
1.1.1. ...)
- irssi <unfixed>
NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
-CVE-2018-7050 [Null pointer dereference when an "empty" nick has been observed
by Irssi]
- RESERVED
+CVE-2018-7050 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before
1.1.1. A ...)
- irssi <unfixed>
NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
NOTE: Fixed by:
https://github.com/irssi/irssi/commit/e91da9e4098e449dc36eaa15354aff67650e7703
-CVE-2017-18189
- RESERVED
+CVE-2017-18189 (In the startread function in xa.c in Sound eXchange (SoX)
through ...)
+ TODO: check
CVE-2018-7049
RESERVED
CVE-2018-7048
@@ -1647,10 +1872,10 @@ CVE-2017-18090
RESERVED
CVE-2017-18089
RESERVED
-CVE-2017-18088
- RESERVED
-CVE-2017-18087
- RESERVED
+CVE-2017-18088 (Various plugin servlet resources in Atlassian Bitbucket Server
before ...)
+ TODO: check
+CVE-2017-18087 (The download commit resource in Atlassian Bitbucket Server
from ...)
+ TODO: check
CVE-2017-18086 (Various resources in Atlassian Confluence Server before
version 6.4.2 ...)
NOT-FOR-US: Atlassian Confluence
CVE-2017-18085 (The viewdefaultdecorator resource in Atlassian Confluence
Server ...)
@@ -4345,8 +4570,8 @@ CVE-2018-5442 (A Stack-based Buffer Overflow issue was
discovered in Fuji Electr
NOT-FOR-US: Fuji Electric V-Server VPR
CVE-2018-5441 (An Improper Validation of Integrity Check Value issue was
discovered in ...)
NOT-FOR-US: PHOENIX CONTACT mGuard firmware
-CVE-2018-5440
- RESERVED
+CVE-2018-5440 (A Stack-based Buffer Overflow issue was discovered in 3S-Smart
CODESYS ...)
+ TODO: check
CVE-2018-5439
RESERVED
CVE-2018-5438
@@ -7994,6 +8219,7 @@ CVE-2018-3837
RESERVED
CVE-2018-3836 [gplotMakeOutput Command Injection Vulnerability]
RESERVED
+ {DLA-1284-1}
- leptonlib 1.75.3-1 (bug #889759)
NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0516
NOTE: https://github.com/DanBloomberg/leptonica/issues/303
@@ -15853,8 +16079,7 @@ CVE-2018-1043 (In Moodle 3.x, the setting for blocked
hosts list can be bypassed
- moodle <removed>
CVE-2018-1042 (Moodle 3.x has Server Side Request Forgery in the filepicker.
...)
- moodle <removed>
-CVE-2018-1041 [High CPU Denial of Service]
- RESERVED
+CVE-2018-1041 (A vulnerability was found in the way RemoteMessageChannel,
introduced ...)
- libjboss-remoting-java <removed>
[wheezy] - libjboss-remoting-java <ignored> (unimportant leaf package)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1530457
@@ -16014,46 +16239,46 @@ CVE-2017-17304
RESERVED
CVE-2017-17303
RESERVED
-CVE-2017-17302
- RESERVED
-CVE-2017-17301
- RESERVED
-CVE-2017-17300
- RESERVED
-CVE-2017-17299
- RESERVED
-CVE-2017-17298
- RESERVED
-CVE-2017-17297
- RESERVED
-CVE-2017-17296
- RESERVED
-CVE-2017-17295
- RESERVED
-CVE-2017-17294
- RESERVED
-CVE-2017-17293
- RESERVED
-CVE-2017-17292
- RESERVED
-CVE-2017-17291
- RESERVED
-CVE-2017-17290
- RESERVED
-CVE-2017-17289
- RESERVED
-CVE-2017-17288
- RESERVED
-CVE-2017-17287
- RESERVED
-CVE-2017-17286
- RESERVED
-CVE-2017-17285
- RESERVED
-CVE-2017-17284
- RESERVED
-CVE-2017-17283
- RESERVED
+CVE-2017-17302 (Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10,
...)
+ TODO: check
+CVE-2017-17301 (Huawei AR120-S V200R005C32, V200R006C10, V200R007C00,
V200R008C20, ...)
+ TODO: check
+CVE-2017-17300 (Huawei S12700 V200R008C00, V200R009C00, S5700 V200R007C00, ...)
+ TODO: check
+CVE-2017-17299 (Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10,
...)
+ TODO: check
+CVE-2017-17298 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20,
V200R008C30, ...)
+ TODO: check
+CVE-2017-17297 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20,
V200R008C30, ...)
+ TODO: check
+CVE-2017-17296 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20,
V200R008C30, ...)
+ TODO: check
+CVE-2017-17295 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20,
V200R008C30, ...)
+ TODO: check
+CVE-2017-17294 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20,
V200R008C30, ...)
+ TODO: check
+CVE-2017-17293 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20,
V200R008C30, ...)
+ TODO: check
+CVE-2017-17292 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20,
V200R008C30, ...)
+ TODO: check
+CVE-2017-17291 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20,
V200R008C30, ...)
+ TODO: check
+CVE-2017-17290 (The Light Directory Access Protocol (LDAP) clients of Huawei
TE60 with ...)
+ TODO: check
+CVE-2017-17289 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30
...)
+ TODO: check
+CVE-2017-17288 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30
...)
+ TODO: check
+CVE-2017-17287 (Huawei AR120-S V200R005C32, V200R006C10, V200R007C00,
V200R008C20, ...)
+ TODO: check
+CVE-2017-17286 (Huawei AR120-S V200R005C32, V200R006C10, V200R007C00,
V200R008C20, ...)
+ TODO: check
+CVE-2017-17285 (Bluetooth module in some Huawei mobile phones with software
...)
+ TODO: check
+CVE-2017-17284 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30
...)
+ TODO: check
+CVE-2017-17283 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30
...)
+ TODO: check
CVE-2017-17282
RESERVED
CVE-2017-17281
@@ -16214,10 +16439,10 @@ CVE-2017-17204
RESERVED
CVE-2017-17203
RESERVED
-CVE-2017-17202
- RESERVED
-CVE-2017-17201
- RESERVED
+CVE-2017-17202 (Huawei AR120-S V200R005C32, V200R006C10, V200R007C00,
V200R008C20, ...)
+ TODO: check
+CVE-2017-17201 (Some huawei smartphones with software BTV-DL09C233B350, ...)
+ TODO: check
CVE-2017-17200
RESERVED
CVE-2017-17199
@@ -16244,18 +16469,18 @@ CVE-2017-17189
RESERVED
CVE-2017-17188
RESERVED
-CVE-2017-17187
- RESERVED
-CVE-2017-17186
- RESERVED
-CVE-2017-17185
- RESERVED
-CVE-2017-17184
- RESERVED
-CVE-2017-17183
- RESERVED
-CVE-2017-17182
- RESERVED
+CVE-2017-17187 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30
...)
+ TODO: check
+CVE-2017-17186 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30
...)
+ TODO: check
+CVE-2017-17185 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30
...)
+ TODO: check
+CVE-2017-17184 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30
...)
+ TODO: check
+CVE-2017-17183 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30
...)
+ TODO: check
+CVE-2017-17182 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30
...)
+ TODO: check
CVE-2017-17181
RESERVED
CVE-2017-17180
@@ -16286,38 +16511,38 @@ CVE-2017-17168
RESERVED
CVE-2017-17167
RESERVED
-CVE-2017-17166
- RESERVED
-CVE-2017-17165
- RESERVED
-CVE-2017-17164
- RESERVED
-CVE-2017-17163
- RESERVED
-CVE-2017-17162
- RESERVED
-CVE-2017-17161
- RESERVED
-CVE-2017-17160
- RESERVED
-CVE-2017-17159
- RESERVED
+CVE-2017-17166 (Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00,
V500R001C20, ...)
+ TODO: check
+CVE-2017-17165 (IPv6 function in Huawei Quidway S2700 V200R003C00SPC300,
Quidway S5300 ...)
+ TODO: check
+CVE-2017-17164 (Huawei Secospace AntiDDoS8000 V500R001C20SPC500 have a memory
leak ...)
+ TODO: check
+CVE-2017-17163 (Huawei Secospace USG6600 V500R001C30SPC100 has an
Out-of-Bounds memory ...)
+ TODO: check
+CVE-2017-17162 (Huawei Secospace USG6600 V500R001C30SPC100, Secospace USG6600
...)
+ TODO: check
+CVE-2017-17161 (The 'Find Phone' function in some Huawei smart phones with
software ...)
+ TODO: check
+CVE-2017-17160 (Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10,
...)
+ TODO: check
+CVE-2017-17159 (Some Huawei smart phones with software of NXT-AL10C00B386, ...)
+ TODO: check
CVE-2017-17158
RESERVED
-CVE-2017-17157
- RESERVED
-CVE-2017-17156
- RESERVED
-CVE-2017-17155
- RESERVED
-CVE-2017-17154
- RESERVED
-CVE-2017-17153
- RESERVED
-CVE-2017-17152
- RESERVED
-CVE-2017-17151
- RESERVED
+CVE-2017-17157 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, ...)
+ TODO: check
+CVE-2017-17156 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, ...)
+ TODO: check
+CVE-2017-17155 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, ...)
+ TODO: check
+CVE-2017-17154 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, ...)
+ TODO: check
+CVE-2017-17153 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, ...)
+ TODO: check
+CVE-2017-17152 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, ...)
+ TODO: check
+CVE-2017-17151 (Huawei AR100, AR100-S, AR110-S, AR120, AR120-S, AR1200,
AR1200-S, ...)
+ TODO: check
CVE-2017-17150
RESERVED
CVE-2017-17149
@@ -23799,62 +24024,62 @@ CVE-2017-15358
RESERVED
CVE-2017-15357 (The setpermissions function in the auto-updater in Arq before
5.9.7 ...)
NOT-FOR-US: Arq
-CVE-2017-15356
- RESERVED
-CVE-2017-15355
- RESERVED
-CVE-2017-15354
- RESERVED
-CVE-2017-15353
- RESERVED
-CVE-2017-15352
- RESERVED
-CVE-2017-15351
- RESERVED
-CVE-2017-15350
- RESERVED
-CVE-2017-15349
- RESERVED
-CVE-2017-15348
- RESERVED
-CVE-2017-15347
- RESERVED
-CVE-2017-15346
- RESERVED
-CVE-2017-15345
- RESERVED
-CVE-2017-15344
- RESERVED
-CVE-2017-15343
- RESERVED
-CVE-2017-15342
- RESERVED
-CVE-2017-15341
- RESERVED
-CVE-2017-15340
- RESERVED
-CVE-2017-15339
- RESERVED
-CVE-2017-15338
- RESERVED
-CVE-2017-15337
- RESERVED
-CVE-2017-15336
- RESERVED
-CVE-2017-15335
- RESERVED
-CVE-2017-15334
- RESERVED
-CVE-2017-15333
- RESERVED
-CVE-2017-15332
- RESERVED
-CVE-2017-15331
- RESERVED
-CVE-2017-15330
- RESERVED
-CVE-2017-15329
- RESERVED
+CVE-2017-15356 (Huawei DP300, V500R002C00, RP200, V600R006C00, TE30,
V100R001C10, ...)
+ TODO: check
+CVE-2017-15355 (Huawei DP300, V500R002C00, RP200, V600R006C00, TE30,
V100R001C10, ...)
+ TODO: check
+CVE-2017-15354 (Huawei DP300, V500R002C00, RP200, V600R006C00, TE30,
V100R001C10, ...)
+ TODO: check
+CVE-2017-15353 (Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00,
RSE6500, ...)
+ TODO: check
+CVE-2017-15352 (Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor
5300 V3, ...)
+ TODO: check
+CVE-2017-15351 (The 'Find Phone' function in Huawei Honor V9 play smart phones
with ...)
+ TODO: check
+CVE-2017-15350 (The Common Open Policy Service Protocol (COPS) module in
Huawei DP300 ...)
+ TODO: check
+CVE-2017-15349 (Huawei CloudEngine 12800 V100R003C00, V100R005C00,
V100R005C10, ...)
+ TODO: check
+CVE-2017-15348 (Huawei IPS Module V500R001C00, NGFW Module V500R001C00,
NIP6300 ...)
+ TODO: check
+CVE-2017-15347 (Huawei Mate 9 Pro mobile phones with software of versions
earlier than ...)
+ TODO: check
+CVE-2017-15346 (XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, ...)
+ TODO: check
+CVE-2017-15345 (Huawei Smartphones with software LON-L29DC721B186 have a
denial of ...)
+ TODO: check
+CVE-2017-15344 (Huawei AR3200 with software V200R006C10, V200R006C11,
V200R007C00, ...)
+ TODO: check
+CVE-2017-15343 (Huawei AR3200 with software V200R006C10, V200R006C11,
V200R007C00, ...)
+ TODO: check
+CVE-2017-15342 (Huawei DP300 V500R002C00, TE60 V600R006C00, TP3106
V100R002C00, eSpace ...)
+ TODO: check
+CVE-2017-15341 (Huawei AR3200 V200R008C20, V200R008C30, TE40 V600R006C00, TE50
...)
+ TODO: check
+CVE-2017-15340 (Huawei smartphones with software of TAG-AL00C92B168 have an
...)
+ TODO: check
+CVE-2017-15339 (The SIP module in Huawei DP300 V500R002C00, IPS Module
V100R001C10, ...)
+ TODO: check
+CVE-2017-15338 (The SIP module in Huawei DP300 V500R002C00, IPS Module
V100R001C10, ...)
+ TODO: check
+CVE-2017-15337 (The SIP module in Huawei DP300 V500R002C00, IPS Module
V100R001C10, ...)
+ TODO: check
+CVE-2017-15336 (The SIP backup feature in Huawei DP300 V500R002C00, IPS Module
...)
+ TODO: check
+CVE-2017-15335 (The SIP backup feature in Huawei DP300 V500R002C00, IPS Module
...)
+ TODO: check
+CVE-2017-15334 (The SIP backup feature in Huawei DP300 V500R002C00, IPS Module
...)
+ TODO: check
+CVE-2017-15333 (XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, ...)
+ TODO: check
+CVE-2017-15332 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20,
V200R008C30, ...)
+ TODO: check
+CVE-2017-15331 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20,
V200R008C30, ...)
+ TODO: check
+CVE-2017-15330 (The Flp Driver in some Huawei smartphones of the software ...)
+ TODO: check
+CVE-2017-15329 (Huawei UMA V200R001C00 has a SQL injection vulnerability in
the ...)
+ TODO: check
CVE-2017-15328 (Huawei HG8245H version earlier than V300R018C00SPC110 has an
...)
NOT-FOR-US: Huawei
CVE-2017-15327
@@ -24691,8 +24916,7 @@ CVE-2017-15090 (An issue has been found in the DNSSEC
validation component of Po
[wheezy] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
NOTE:
https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-03.html
NOTE: https://downloads.powerdns.com/patches/2017-03/
-CVE-2017-15089
- RESERVED
+CVE-2017-15089 (It was found that the Hotrod client in Infinispan before
9.2.0.CR1 ...)
NOT-FOR-US: infinispan
CVE-2017-15088 (plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos
5 (aka ...)
- krb5 1.15.2-2 (unimportant; bug #871698)
@@ -32019,24 +32243,24 @@ CVE-2017-12728 (An Improper Privilege Management
issue was discovered in SpiderC
NOT-FOR-US: SpiderControl SCADA Web Server
CVE-2017-12727
RESERVED
-CVE-2017-12726
- RESERVED
-CVE-2017-12725
- RESERVED
-CVE-2017-12724
- RESERVED
-CVE-2017-12723
- RESERVED
-CVE-2017-12722
- RESERVED
-CVE-2017-12721
- RESERVED
-CVE-2017-12720
- RESERVED
+CVE-2017-12726 (A Use of Hard-coded Password issue was discovered in Smiths
Medical ...)
+ TODO: check
+CVE-2017-12725 (A Use of Hard-coded Credentials issue was discovered in Smiths
Medical ...)
+ TODO: check
+CVE-2017-12724 (A Use of Hard-coded Credentials issue was discovered in Smiths
Medical ...)
+ TODO: check
+CVE-2017-12723 (A Password in Configuration File issue was discovered in
Smiths Medical ...)
+ TODO: check
+CVE-2017-12722 (An Out-of-bounds Read issue was discovered in Smiths Medical
Medfusion ...)
+ TODO: check
+CVE-2017-12721 (An Improper Certificate Validation issue was discovered in
Smiths ...)
+ TODO: check
+CVE-2017-12720 (An Improper Access Control issue was discovered in Smiths
Medical ...)
+ TODO: check
CVE-2017-12719 (An Untrusted Pointer Dereference issue was discovered in
Advantech ...)
NOT-FOR-US: Advantech
-CVE-2017-12718
- RESERVED
+CVE-2017-12718 (A Classic Buffer Overflow issue was discovered in Smiths
Medical ...)
+ TODO: check
CVE-2017-12717 (An Uncontrolled Search Path Element issue was discovered in
Advantech ...)
NOT-FOR-US: Advantech WebAccess
CVE-2017-12716
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9949af02e5aa6d43099de504d4ae8f679d1749f3
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9949af02e5aa6d43099de504d4ae8f679d1749f3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
