Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7a5fd055 by security tracker role at 2018-03-11T21:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,31 @@
+CVE-2018-8064
+ RESERVED
+CVE-2018-8063
+ RESERVED
+CVE-2018-8062
+ RESERVED
+CVE-2018-8061
+ RESERVED
+CVE-2018-8060
+ RESERVED
+CVE-2018-8059 (The Djelibeybi configuration examples for use of NGINX in SUSE
Portus ...)
+ TODO: check
+CVE-2018-8058
+ RESERVED
+CVE-2018-8057 (A SQL Injection vulnerability exists in Western Bridge Cobub
Razor ...)
+ TODO: check
+CVE-2018-8056 (Physical path Leakage exists in Western Bridge Cobub Razor
0.8.0 via an ...)
+ TODO: check
+CVE-2018-8055
+ RESERVED
+CVE-2018-8054
+ RESERVED
+CVE-2018-8053
+ RESERVED
+CVE-2018-8052
+ RESERVED
+CVE-2018-8051
+ RESERVED
CVE-2018-8050 (The af_get_page() function in lib/afflib_pages.cpp in AFFLIB
(aka ...)
- afflib <unfixed> (bug #892599)
NOTE:
https://github.com/sshock/AFFLIBv3/commit/435a2ca802358a3debb6d164d2c33049131df81c
@@ -120,6 +148,7 @@ CVE-2018-7999 (In libgraphite2 in graphite2 1.3.11, a NULL
pointer dereference .
NOTE:
https://github.com/silnrsi/graphite/commit/db132b4731a9b4c9534144ba3a18e65b390e9ff6
NOTE: https://github.com/silnrsi/graphite/issues/22
CVE-2018-7998 (In libvips before 8.6.3, a NULL function pointer dereference
...)
+ {DLA-1306-1}
- vips 8.4.5-2 (bug #892589)
[stretch] - vips <no-dsa> (Minor issue)
[jessie] - vips <no-dsa> (Minor issue)
@@ -4955,6 +4984,7 @@ CVE-2018-6360 (mpv through 0.28.0 allows remote attackers
to execute arbitrary c
NOTE: https://github.com/mpv-player/mpv/issues/5456
NOTE:
https://github.com/mpv-player/mpv/commit/e6e6b0dcc7e9b0dbf35154a179b3dc1fcfcaff43
CVE-2018-6359 (The decompileIF function (util/decompile.c) in libming through
0.4.8 is ...)
+ {DLA-1305-1}
- ming <removed>
NOTE: https://github.com/libming/libming/issues/105
CVE-2018-6358 (The printDefineFont2 function (util/listfdb.c) in libming
through 0.4.8 ...)
@@ -5070,6 +5100,7 @@ CVE-2018-6317 (The remote management interface in
Claymore Dual Miner 10.5 and .
CVE-2018-6316 (Ivanti Endpoint Security (formerly HEAT Endpoint Management and
...)
NOT-FOR-US: Ivanti Endpoint Security
CVE-2018-6315 (The outputSWF_TEXT_RECORD function (util/outputscript.c) in
libming ...)
+ {DLA-1305-1}
- ming <removed>
NOTE: https://github.com/libming/libming/issues/101
CVE-2018-6314
@@ -7857,6 +7888,7 @@ CVE-2018-5295 (In PoDoFo 0.9.5, there is an integer
overflow in the ...)
NOTE: upstream thread:
https://sourceforge.net/p/podofo/mailman/message/36180168/
NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1889
CVE-2018-5294 (In libming 0.4.8, there is an integer overflow (caused by an
...)
+ {DLA-1305-1}
- ming <removed>
NOTE: https://github.com/libming/libming/issues/98
CVE-2018-5293 (The GD Rating System plugin 2.3 for WordPress has XSS via the
...)
@@ -7948,6 +7980,7 @@ CVE-2018-5253 (The AP4_FtypAtom class in
Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0
CVE-2018-5252 (libimageworsener.a in ImageWorsener 1.3.2, when libjpeg 8d is
used, has ...)
NOT-FOR-US: ImageWorsener
CVE-2018-5251 (In libming 0.4.8, there is an integer signedness error
vulnerability ...)
+ {DLA-1305-1}
- ming <removed>
NOTE: https://github.com/libming/libming/issues/97
CVE-2018-5250
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a5fd05573f1b351857c0770566281489cd80e47
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a5fd05573f1b351857c0770566281489cd80e47
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
