[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Sun, 04 Mar 2018 01:10:52 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e8927736 by security tracker role at 2018-03-04T09:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,19 @@
+CVE-2018-7658
+       RESERVED
+CVE-2018-7657
+       RESERVED
+CVE-2018-7656
+       RESERVED
+CVE-2018-7655
+       RESERVED
+CVE-2018-7654 (On 3CX 15.5.6354.2 devices, the parameter "file" in 
the request ...)
+       TODO: check
+CVE-2018-7653
+       RESERVED
+CVE-2018-7652 (lib/Zonemaster/GUI/Dancer/Export.pm in Zonemaster Web GUI 
before 1.0.11 ...)
+       TODO: check
+CVE-2017-18213 (In Exponent CMS before 2.4.1 Patch #6, certain admin users can 
elevate ...)
+       TODO: check
 CVE-2018-XXXX [Regular Expression Denial of Service]
        - node-moment 2.19.3+ds-1 (unimportant)
        NOTE: fixed in 2.19.3 upstream
@@ -6,7 +22,7 @@ CVE-2018-XXXX [Regular Expression Denial of Service]
        NOTE: https://github.com/moment/moment/issues/4163
        NOTE: https://nodesecurity.io/advisories/532
        NOTE: nodejs not covered by security support
-CVE-2018-7651 [Regular Expression Denial of Service vulnerability in the 
strict mode functionality]
+CVE-2018-7651 (index.js in the ssri module before 5.2.2 for Node.js is prone 
to a ...)
        - node-ssri <unfixed> (unimportant; bug #891980)
        NOTE: fixed in 5.2.2
        NOTE: 
https://github.com/zkat/ssri/commit/d0ebcdc22cb5c8f47f89716d08b3518b2485d65d
@@ -189,8 +205,8 @@ CVE-2018-7584 (In PHP through 5.6.33, 7.0.x before 7.0.28, 
7.1.x through 7.1.14,
        NOTE: Fixed in 7.0.28, 7.2.3
        NOTE: PHP Bug: https://bugs.php.net/bug.php?id=75981
        NOTE: 
https://github.com/php/php-src/commit/523f230c831d7b33353203fa34aee4e92ac12bba
-CVE-2018-7583
-       RESERVED
+CVE-2018-7583 (Proxy.exe in DualDesk 20 allows Remote Denial Of Service 
(daemon crash) ...)
+       TODO: check
 CVE-2018-7582
        RESERVED
 CVE-2018-7581
@@ -639,8 +655,8 @@ CVE-2018-7451
        RESERVED
 CVE-2018-7450
        RESERVED
-CVE-2018-7449
-       RESERVED
+CVE-2018-7449 (SEGGER embOS/IP FTP Server 3.22 allows remote attackers to 
cause a ...)
+       TODO: check
 CVE-2018-7448 (Remote code execution vulnerability in ...)
        NOT-FOR-US: CMS Made Simple
 CVE-2018-7447 (mojoPortal through 2.6.0.0 is prone to multiple persistent 
cross-site ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e892773628081d1867e6f508b46e20894ee22401

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e892773628081d1867e6f508b46e20894ee22401
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to