Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7a5fd055 by security tracker role at 2018-03-11T21:10:20+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,31 @@ +CVE-2018-8064 + RESERVED +CVE-2018-8063 + RESERVED +CVE-2018-8062 + RESERVED +CVE-2018-8061 + RESERVED +CVE-2018-8060 + RESERVED +CVE-2018-8059 (The Djelibeybi configuration examples for use of NGINX in SUSE Portus ...) + TODO: check +CVE-2018-8058 + RESERVED +CVE-2018-8057 (A SQL Injection vulnerability exists in Western Bridge Cobub Razor ...) + TODO: check +CVE-2018-8056 (Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via an ...) + TODO: check +CVE-2018-8055 + RESERVED +CVE-2018-8054 + RESERVED +CVE-2018-8053 + RESERVED +CVE-2018-8052 + RESERVED +CVE-2018-8051 + RESERVED CVE-2018-8050 (The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka ...) - afflib <unfixed> (bug #892599) NOTE: https://github.com/sshock/AFFLIBv3/commit/435a2ca802358a3debb6d164d2c33049131df81c @@ -120,6 +148,7 @@ CVE-2018-7999 (In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference . NOTE: https://github.com/silnrsi/graphite/commit/db132b4731a9b4c9534144ba3a18e65b390e9ff6 NOTE: https://github.com/silnrsi/graphite/issues/22 CVE-2018-7998 (In libvips before 8.6.3, a NULL function pointer dereference ...) + {DLA-1306-1} - vips 8.4.5-2 (bug #892589) [stretch] - vips <no-dsa> (Minor issue) [jessie] - vips <no-dsa> (Minor issue) @@ -4955,6 +4984,7 @@ CVE-2018-6360 (mpv through 0.28.0 allows remote attackers to execute arbitrary c NOTE: https://github.com/mpv-player/mpv/issues/5456 NOTE: https://github.com/mpv-player/mpv/commit/e6e6b0dcc7e9b0dbf35154a179b3dc1fcfcaff43 CVE-2018-6359 (The decompileIF function (util/decompile.c) in libming through 0.4.8 is ...) + {DLA-1305-1} - ming <removed> NOTE: https://github.com/libming/libming/issues/105 CVE-2018-6358 (The printDefineFont2 function (util/listfdb.c) in libming through 0.4.8 ...) @@ -5070,6 +5100,7 @@ CVE-2018-6317 (The remote management interface in Claymore Dual Miner 10.5 and . CVE-2018-6316 (Ivanti Endpoint Security (formerly HEAT Endpoint Management and ...) NOT-FOR-US: Ivanti Endpoint Security CVE-2018-6315 (The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming ...) + {DLA-1305-1} - ming <removed> NOTE: https://github.com/libming/libming/issues/101 CVE-2018-6314 @@ -7857,6 +7888,7 @@ CVE-2018-5295 (In PoDoFo 0.9.5, there is an integer overflow in the ...) NOTE: upstream thread: https://sourceforge.net/p/podofo/mailman/message/36180168/ NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1889 CVE-2018-5294 (In libming 0.4.8, there is an integer overflow (caused by an ...) + {DLA-1305-1} - ming <removed> NOTE: https://github.com/libming/libming/issues/98 CVE-2018-5293 (The GD Rating System plugin 2.3 for WordPress has XSS via the ...) @@ -7948,6 +7980,7 @@ CVE-2018-5253 (The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 CVE-2018-5252 (libimageworsener.a in ImageWorsener 1.3.2, when libjpeg 8d is used, has ...) NOT-FOR-US: ImageWorsener CVE-2018-5251 (In libming 0.4.8, there is an integer signedness error vulnerability ...) + {DLA-1305-1} - ming <removed> NOTE: https://github.com/libming/libming/issues/97 CVE-2018-5250 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a5fd05573f1b351857c0770566281489cd80e47 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a5fd05573f1b351857c0770566281489cd80e47 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits