Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 441f7458 by security tracker role at 2018-03-30T08:10:29+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,39 @@ +CVE-2018-9143 + RESERVED +CVE-2018-9142 + RESERVED +CVE-2018-9141 + RESERVED +CVE-2018-9140 + RESERVED +CVE-2018-9139 + RESERVED +CVE-2018-9138 + RESERVED +CVE-2018-9137 + RESERVED +CVE-2018-9136 + RESERVED +CVE-2018-9135 + RESERVED +CVE-2018-9134 + RESERVED +CVE-2018-9133 + RESERVED +CVE-2018-9132 + RESERVED +CVE-2018-9131 + RESERVED +CVE-2018-9130 + RESERVED +CVE-2018-9129 + RESERVED +CVE-2018-9128 + RESERVED +CVE-2018-9127 + RESERVED +CVE-2018-9126 + RESERVED CVE-2018-9125 RESERVED CVE-2018-9124 @@ -2355,6 +2391,7 @@ CVE-2018-8095 CVE-2018-1000128 REJECTED CVE-2018-1000127 (memcached version prior to 1.4.37 contains an Integer Overflow ...) + {DLA-1329-1} - memcached 1.5.0-1 (bug #894404) NOTE: https://github.com/memcached/memcached/commit/a8c4a82787b8b6c256d61bd5c42fb7f92d1bae00 NOTE: https://github.com/memcached/memcached/issues/271 @@ -21202,8 +21239,8 @@ CVE-2018-1193 RESERVED CVE-2018-1192 (In Cloud Foundry Foundation cf-release versions prior to v285; ...) NOT-FOR-US: Cloud Foundry -CVE-2018-1191 - RESERVED +CVE-2018-1191 (Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an ...) + TODO: check CVE-2018-1190 (An issue was discovered in these Pivotal Cloud Foundry products: all ...) NOT-FOR-US: Pivotal CVE-2018-1189 (Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, ...) @@ -23097,6 +23134,7 @@ CVE-2017-17080 (elf.c in the Binary File Descriptor (BFD) library (aka libbfd), CVE-2018-0740 RESERVED CVE-2018-0739 (Constructed ASN.1 types with a recursive definition (such as can be ...) + {DSA-4158-1 DSA-4157-1} - openssl 1.1.0h-1 - openssl1.0 1.0.2o-1 NOTE: https://www.openssl.org/news/secadv/20180327.txt @@ -25137,8 +25175,8 @@ CVE-2017-16875 (An issue was discovered in Teluu pjproject (pjlib and pjlib-util NOTE: https://trac.pjsip.org/repos/changeset/5680 CVE-2017-16874 RESERVED -CVE-2017-16873 - RESERVED +CVE-2017-16873 (It is possible to exploit an unsanitized PATH in the suid binary that ...) + TODO: check CVE-2017-1000233 REJECTED CVE-2017-1000222 @@ -25564,8 +25602,8 @@ CVE-2017-16840 (The VC-2 Video Compression encoder in FFmpeg 3.4 allows remote . {DSA-4049-1} - ffmpeg 7:3.4.1-1 NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=a94cb36ab2ad99d3a1331c9f91831ef593d94f74 -CVE-2017-16839 - RESERVED +CVE-2017-16839 (Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root ...) + TODO: check CVE-2017-16838 RESERVED CVE-2017-16837 (Certain function pointers in Trusted Boot (tboot) through 1.9.6 are not ...) @@ -26510,8 +26548,8 @@ CVE-2017-16514 (Multiple persistent stored Cross-Site-Scripting (XSS) vulnerabil NOT-FOR-US: WebsiteBaker CVE-2017-16513 (Ipswitch WS_FTP Professional before 12.6.0.3 has buffer overflows in ...) NOT-FOR-US: Ipswitch WS_FTP Professional -CVE-2017-16512 - RESERVED +CVE-2017-16512 (The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 ...) + TODO: check CVE-2017-16511 RESERVED CVE-2017-1000171 (Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to ...) @@ -38341,6 +38379,7 @@ CVE-2017-12629 (Remote code execution occurs in Apache Solr before 7.1 with Apac CVE-2017-12628 (The JMX server embedded in Apache James, also used by the command line ...) NOT-FOR-US: Apache James CVE-2017-12627 (In Apache Xerces-C XML Parser library before 3.2.1, processing of ...) + {DLA-1328-1} - xerces-c 3.2.1+debian-1 (bug #894050) NOTE: https://svn.apache.org/viewvc?view=revision&revision=1819998 NOTE: https://xerces.apache.org/xerces-c/secadv/CVE-2017-12627.txt @@ -84345,8 +84384,8 @@ CVE-2016-6660 REJECTED CVE-2016-6659 (Cloud Foundry before 248; UAA 2.x before 2.7.4.12, 3.x before 3.6.5, ...) NOT-FOR-US: Pivotal -CVE-2016-6658 - RESERVED +CVE-2016-6658 (Applications in cf-release before 245 can be configured and pushed ...) + TODO: check CVE-2016-6657 (An open redirect vulnerability has been detected with some Pivotal ...) NOT-FOR-US: Pivotal CVE-2016-6656 (An issue was discovered in Pivotal Greenplum before 4.3.10.0. Creation ...) @@ -104023,8 +104062,8 @@ CVE-2016-0900 (Cross-site scripting (XSS) vulnerability in EMC RSA Authenticatio NOT-FOR-US: RSA Authentication Manager CVE-2016-0899 (EMC RSA Archer GRC 5.5.x before 5.5.3.4 allows remote authenticated ...) NOT-FOR-US: RSA Archer GRC Platform -CVE-2016-0898 - RESERVED +CVE-2016-0898 (MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS ...) + TODO: check CVE-2016-0897 (Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 and 1.7.x before ...) NOT-FOR-US: Pivotal Cloud Foundry CVE-2016-0896 (Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.34 and 1.7.x ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/441f745838966feb3b468b72c8406269fed6bd58 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/441f745838966feb3b468b72c8406269fed6bd58 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits