Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: cd3808da by security tracker role at 2018-02-21T09:10:21+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,5 +1,39 @@ -CVE-2018-7263 +CVE-2018-7279 RESERVED +CVE-2018-7278 (An issue was discovered on RLE Protocol Converter FDS-PC / FDS-PC-DP ...) + TODO: check +CVE-2018-7277 (An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent ...) + TODO: check +CVE-2018-7276 (An issue was discovered on Lutron Quantum BACnet Integration 2.0 ...) + TODO: check +CVE-2018-7275 + RESERVED +CVE-2018-7274 (Yab Quarx through 2.4.3 is prone to multiple persistent cross-site ...) + TODO: check +CVE-2018-7273 (In the Linux kernel through 4.15.4, the floppy driver reveals the ...) + TODO: check +CVE-2018-7272 (The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs as part ...) + TODO: check +CVE-2018-7271 (An issue was discovered in MetInfo 6.0.0. In install/install.php in the ...) + TODO: check +CVE-2018-7270 + RESERVED +CVE-2018-7269 + RESERVED +CVE-2018-7268 + RESERVED +CVE-2018-7267 + RESERVED +CVE-2018-7266 + RESERVED +CVE-2018-7265 (Shimmie 2 2.6.0 allows an attacker to upload a crafted SVG file that ...) + TODO: check +CVE-2018-7264 + RESERVED +CVE-2004-2779 (id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b ...) + TODO: check +CVE-2018-7263 (The mad_decoder_run() function in decoder.c in Underbit libmad through ...) + TODO: check CVE-2018-7262 RESERVED CVE-2018-7261 @@ -995,6 +1029,7 @@ CVE-2018-6871 (LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attac CVE-2018-6870 RESERVED CVE-2018-6869 (In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a ...) + {DLA-1287-1} - zziplib <unfixed> [stretch] - zziplib <no-dsa> (Minor issue) [jessie] - zziplib <no-dsa> (Minor issue) @@ -2099,8 +2134,8 @@ CVE-2018-6489 RESERVED CVE-2018-6488 RESERVED -CVE-2018-6487 - RESERVED +CVE-2018-6487 (Remote Disclosure of Information in Micro Focus Universal CMDB ...) + TODO: check CVE-2018-6486 (XML External Entity (XXE) vulnerability in Micro Focus Fortify Audit ...) NOT-FOR-US: Micro Focus Fortify Audit Workbench CVE-2017-18119 @@ -15640,10 +15675,10 @@ CVE-2017-17456 (The function d2alaw_array() in alaw.c of libsndfile 1.0.29pre1 m [jessie] - libsndfile <no-dsa> (Minor issue) [wheezy] - libsndfile <no-dsa> (Minor issue) NOTE: https://github.com/erikd/libsndfile/issues/344 -CVE-2017-17455 - RESERVED -CVE-2017-17454 - RESERVED +CVE-2017-17455 (Mahara 16.10 before 16.10.7, 17.04 before 17.04.5, and 17.10 before ...) + TODO: check +CVE-2017-17454 (Mahara 16.10 before 16.10.7 and 17.04 before 17.04.5 and 17.10 before ...) + TODO: check CVE-2017-17453 RESERVED CVE-2017-17452 @@ -25604,8 +25639,8 @@ CVE-2017-14994 (ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows rem - graphicsmagick 1.3.26-13 NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=b3eca3eaa264 NOTE: https://sourceforge.net/p/graphicsmagick/bugs/512/ -CVE-2017-14993 - RESERVED +CVE-2017-14993 (OXID eShop Community Edition before 6.0.0 RC3 (development), 4.10.x ...) + TODO: check CVE-2017-14992 (Lack of content verification in Docker-CE (Also known as Moby) ...) - docker.io <undetermined> CVE-2017-14991 (The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before ...) @@ -33431,8 +33466,8 @@ CVE-2017-12417 RESERVED CVE-2017-12416 (Cross-site scripting (XSS) vulnerability in the GlobalProtect internal ...) NOT-FOR-US: Palo Alto Networks PAN-OS -CVE-2017-12415 - RESERVED +CVE-2017-12415 (OXID eShop Community Edition before 6.0.0 RC2 (development), 4.10.x ...) + TODO: check CVE-2015-9107 (Zoho ManageEngine OpManager 11 through 12.2 uses a custom encryption ...) NOT-FOR-US: Zoho ManageEngine OpManager CVE-2017-12414 (Format Factory 4.1.0 has a DLL Hijacking Vulnerability because an ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cd3808da52ae8acfbbddd57185260d493b18002d --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cd3808da52ae8acfbbddd57185260d493b18002d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits