[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Wed, 21 Feb 2018 01:11:15 -0800

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
cd3808da by security tracker role at 2018-02-21T09:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,5 +1,39 @@
-CVE-2018-7263
+CVE-2018-7279
        RESERVED
+CVE-2018-7278 (An issue was discovered on RLE Protocol Converter FDS-PC / 
FDS-PC-DP ...)
+       TODO: check
+CVE-2018-7277 (An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. 
Persistent ...)
+       TODO: check
+CVE-2018-7276 (An issue was discovered on Lutron Quantum BACnet Integration 
2.0 ...)
+       TODO: check
+CVE-2018-7275
+       RESERVED
+CVE-2018-7274 (Yab Quarx through 2.4.3 is prone to multiple persistent 
cross-site ...)
+       TODO: check
+CVE-2018-7273 (In the Linux kernel through 4.15.4, the floppy driver reveals 
the ...)
+       TODO: check
+CVE-2018-7272 (The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs 
as part ...)
+       TODO: check
+CVE-2018-7271 (An issue was discovered in MetInfo 6.0.0. In 
install/install.php in the ...)
+       TODO: check
+CVE-2018-7270
+       RESERVED
+CVE-2018-7269
+       RESERVED
+CVE-2018-7268
+       RESERVED
+CVE-2018-7267
+       RESERVED
+CVE-2018-7266
+       RESERVED
+CVE-2018-7265 (Shimmie 2 2.6.0 allows an attacker to upload a crafted SVG file 
that ...)
+       TODO: check
+CVE-2018-7264
+       RESERVED
+CVE-2004-2779 (id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b 
...)
+       TODO: check
+CVE-2018-7263 (The mad_decoder_run() function in decoder.c in Underbit libmad 
through ...)
+       TODO: check
 CVE-2018-7262
        RESERVED
 CVE-2018-7261
@@ -995,6 +1029,7 @@ CVE-2018-6871 (LibreOffice before 5.4.5 and 6.x before 
6.0.1 allows remote attac
 CVE-2018-6870
        RESERVED
 CVE-2018-6869 (In ZZIPlib 0.13.68, there is an uncontrolled memory allocation 
and a ...)
+       {DLA-1287-1}
        - zziplib <unfixed>
        [stretch] - zziplib <no-dsa> (Minor issue)
        [jessie] - zziplib <no-dsa> (Minor issue)
@@ -2099,8 +2134,8 @@ CVE-2018-6489
        RESERVED
 CVE-2018-6488
        RESERVED
-CVE-2018-6487
-       RESERVED
+CVE-2018-6487 (Remote Disclosure of Information in Micro Focus Universal CMDB 
...)
+       TODO: check
 CVE-2018-6486 (XML External Entity (XXE) vulnerability in Micro Focus Fortify 
Audit ...)
        NOT-FOR-US: Micro Focus Fortify Audit Workbench
 CVE-2017-18119
@@ -15640,10 +15675,10 @@ CVE-2017-17456 (The function d2alaw_array() in alaw.c 
of libsndfile 1.0.29pre1 m
        [jessie] - libsndfile <no-dsa> (Minor issue)
        [wheezy] - libsndfile <no-dsa> (Minor issue)
        NOTE: https://github.com/erikd/libsndfile/issues/344
-CVE-2017-17455
-       RESERVED
-CVE-2017-17454
-       RESERVED
+CVE-2017-17455 (Mahara 16.10 before 16.10.7, 17.04 before 17.04.5, and 17.10 
before ...)
+       TODO: check
+CVE-2017-17454 (Mahara 16.10 before 16.10.7 and 17.04 before 17.04.5 and 17.10 
before ...)
+       TODO: check
 CVE-2017-17453
        RESERVED
 CVE-2017-17452
@@ -25604,8 +25639,8 @@ CVE-2017-14994 (ReadDCMImage in coders/dcm.c in 
GraphicsMagick 1.3.26 allows rem
        - graphicsmagick 1.3.26-13
        NOTE: 
http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=b3eca3eaa264
        NOTE: https://sourceforge.net/p/graphicsmagick/bugs/512/
-CVE-2017-14993
-       RESERVED
+CVE-2017-14993 (OXID eShop Community Edition before 6.0.0 RC3 (development), 
4.10.x ...)
+       TODO: check
 CVE-2017-14992 (Lack of content verification in Docker-CE (Also known as Moby) 
...)
        - docker.io <undetermined>
 CVE-2017-14991 (The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel 
before ...)
@@ -33431,8 +33466,8 @@ CVE-2017-12417
        RESERVED
 CVE-2017-12416 (Cross-site scripting (XSS) vulnerability in the GlobalProtect 
internal ...)
        NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-12415
-       RESERVED
+CVE-2017-12415 (OXID eShop Community Edition before 6.0.0 RC2 (development), 
4.10.x ...)
+       TODO: check
 CVE-2015-9107 (Zoho ManageEngine OpManager 11 through 12.2 uses a custom 
encryption ...)
        NOT-FOR-US: Zoho ManageEngine OpManager
 CVE-2017-12414 (Format Factory 4.1.0 has a DLL Hijacking Vulnerability because 
an ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cd3808da52ae8acfbbddd57185260d493b18002d

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cd3808da52ae8acfbbddd57185260d493b18002d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to