Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 36701f66 by security tracker role at 2018-04-03T20:10:19+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,5 @@ +CVE-2018-9234 + RESERVED CVE-2018-XXXX [Crash in chat screen when another client sends a long line] - ncmpc <unfixed> (low; bug #894724) [stretch] - ncmpc <no-dsa> (Minor issue) @@ -962,8 +964,8 @@ CVE-2018-8838 RESERVED CVE-2018-8837 RESERVED -CVE-2018-8836 - RESERVED +CVE-2018-8836 (Wago 750 Series PLCs with firmware version 10 and prior include a ...) + TODO: check CVE-2018-8835 RESERVED CVE-2018-8834 @@ -6937,8 +6939,8 @@ CVE-2017-18149 RESERVED CVE-2017-18148 RESERVED -CVE-2017-18147 - RESERVED +CVE-2017-18147 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check CVE-2017-18146 RESERVED CVE-2017-18145 @@ -9341,24 +9343,24 @@ CVE-2018-5830 RESERVED CVE-2018-5829 RESERVED -CVE-2018-5828 - RESERVED +CVE-2018-5828 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check CVE-2018-5827 RESERVED -CVE-2018-5826 - RESERVED -CVE-2018-5825 - RESERVED -CVE-2018-5824 - RESERVED -CVE-2018-5823 - RESERVED -CVE-2018-5822 - RESERVED -CVE-2018-5821 - RESERVED -CVE-2018-5820 - RESERVED +CVE-2018-5826 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check +CVE-2018-5825 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check +CVE-2018-5824 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check +CVE-2018-5823 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check +CVE-2018-5822 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check +CVE-2018-5821 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check +CVE-2018-5820 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check CVE-2018-5819 RESERVED CVE-2018-5818 @@ -14714,8 +14716,8 @@ CVE-2018-3691 RESERVED CVE-2018-3690 RESERVED -CVE-2018-3689 - RESERVED +CVE-2018-3689 (AESM daemon in Intel Software Guard Extensions Platform Software ...) + TODO: check CVE-2018-3688 RESERVED CVE-2018-3687 @@ -15420,14 +15422,14 @@ CVE-2017-17809 (In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpn NOT-FOR-US: Golden Frog VyprVPN CVE-2017-17808 RESERVED -CVE-2018-3599 - RESERVED -CVE-2018-3598 - RESERVED +CVE-2018-3599 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check +CVE-2018-3598 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check CVE-2018-3597 RESERVED -CVE-2018-3596 - RESERVED +CVE-2018-3596 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check CVE-2018-3595 RESERVED CVE-2018-3594 @@ -15450,8 +15452,8 @@ CVE-2018-3586 RESERVED CVE-2018-3585 RESERVED -CVE-2018-3584 - RESERVED +CVE-2018-3584 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check CVE-2018-3583 RESERVED CVE-2018-3582 @@ -15486,14 +15488,14 @@ CVE-2018-3568 RESERVED CVE-2018-3567 RESERVED -CVE-2018-3566 - RESERVED +CVE-2018-3566 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check CVE-2018-3565 RESERVED CVE-2018-3564 RESERVED -CVE-2018-3563 - RESERVED +CVE-2018-3563 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check CVE-2018-3562 RESERVED CVE-2018-3561 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) @@ -15586,8 +15588,7 @@ CVE-2017-17772 RESERVED CVE-2017-17771 (In msm_isp_prepare_v4l2_buf in Android for MSM, Firefox OS for MSM, ...) NOT-FOR-US: Qualcomm component for Android -CVE-2017-17770 - RESERVED +CVE-2017-17770 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) NOT-FOR-US: Android Linux component (source code not availalable, so probably Android-specific) CVE-2017-17769 (Information leakage in Android for MSM, Firefox OS for MSM, and QRD ...) NOT-FOR-US: Qualcomm component for Android @@ -21169,6 +21170,7 @@ CVE-2018-1314 CVE-2018-1313 RESERVED CVE-2018-1312 (In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest ...) + {DSA-4164-1} - apache2 2.4.33-1 NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/7 CVE-2018-1311 @@ -21210,6 +21212,7 @@ CVE-2018-1304 (The URL pattern of "" (the empty string) which exactly NOTE: https://svn.apache.org/r1823309 (7.0.x) NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62067 CVE-2018-1303 (A specially crafted HTTP request header could have crashed the Apache ...) + {DSA-4164-1} - apache2 2.4.33-1 NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/3 CVE-2018-1302 (When an HTTP/2 stream was destroyed after being handled, the Apache ...) @@ -21220,6 +21223,7 @@ CVE-2018-1302 (When an HTTP/2 stream was destroyed after being handled, the Apac NOTE: HTTP/2 support introduced in 2.4.17 NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/5 CVE-2018-1301 (A specially crafted request could have crashed the Apache HTTP Server ...) + {DSA-4164-1} - apache2 2.4.33-1 NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/2 CVE-2018-1300 @@ -21273,6 +21277,7 @@ CVE-2018-1285 CVE-2018-1284 RESERVED CVE-2018-1283 (In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to ...) + {DSA-4164-1} - apache2 2.4.33-1 NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/4 CVE-2018-1282 @@ -21904,13 +21909,11 @@ CVE-2018-1101 RESERVED CVE-2018-1100 RESERVED -CVE-2018-1099 [etcd: DNS rebinding vulnerability in etcd server] - RESERVED +CVE-2018-1099 (DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An ...) - etcd <unfixed> NOTE: https://github.com/coreos/etcd/issues/9353 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1552717 -CVE-2018-1098 [etcd: Cross-site request forgery via crafted local POST forms] - RESERVED +CVE-2018-1098 (A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. ...) - etcd <unfixed> NOTE: https://github.com/coreos/etcd/issues/9353 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1552714 @@ -28794,8 +28797,8 @@ CVE-2017-15855 NOT-FOR-US: Qualcomm components for Android CVE-2017-15854 RESERVED -CVE-2017-15853 - RESERVED +CVE-2017-15853 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check CVE-2017-15852 (Information leak of the ISPIF base address in Android for MSM, Firefox ...) NOT-FOR-US: Qualcomm component for Android CVE-2017-15851 @@ -28826,10 +28829,10 @@ CVE-2017-15839 RESERVED CVE-2017-15838 RESERVED -CVE-2017-15837 - RESERVED -CVE-2017-15836 - RESERVED +CVE-2017-15837 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check +CVE-2017-15836 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check CVE-2017-15835 RESERVED CVE-2017-15834 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) @@ -28856,8 +28859,8 @@ CVE-2017-15824 RESERVED CVE-2017-15823 (In spectral_create_samp_msg() in Android for MSM, Firefox OS for MSM, ...) NOT-FOR-US: Qualcomm component for Android -CVE-2017-15822 - RESERVED +CVE-2017-15822 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check CVE-2017-15821 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) NOT-FOR-US: Qualcomm components for Android CVE-2017-15820 (In all Qualcomm products with Android releases from CAF using the ...) @@ -29098,6 +29101,7 @@ CVE-2017-15717 (A flaw in the way URLs are escaped and encoded in the ...) CVE-2017-15716 RESERVED CVE-2017-15715 (In Apache httpd 2.4.0 to 2.4.29, the expression specified in ...) + {DSA-4164-1} - apache2 2.4.33-1 NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/6 CVE-2017-15714 (The BIRT plugin in Apache OFBiz 16.11.01 to 16.11.03 does not escape ...) @@ -29109,6 +29113,7 @@ CVE-2017-15712 (Vulnerability allows a user of Apache Oozie 3.1.3-incubating to CVE-2017-15711 REJECTED CVE-2017-15710 (In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to ...) + {DSA-4164-1} - apache2 2.4.33-1 NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/8 CVE-2017-15709 (When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 ...) @@ -31734,16 +31739,16 @@ CVE-2017-14896 (In Android for MSM, Firefox OS for MSM, QRD Android, with all An NOT-FOR-US: Qualcomm components for Android CVE-2017-14895 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) NOT-FOR-US: Android -CVE-2017-14894 - RESERVED +CVE-2017-14894 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check CVE-2017-14893 RESERVED CVE-2017-14892 (In the function msm_pcm_hw_params() in Android for MSM, Firefox OS for ...) NOT-FOR-US: Qualcomm component for Android CVE-2017-14891 (In the KGSL driver function _gpuobj_map_useraddr() in Android for MSM, ...) NOT-FOR-US: Qualcomm component for Android -CVE-2017-14890 - RESERVED +CVE-2017-14890 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check CVE-2017-14889 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) NOT-FOR-US: Qualcomm components for Android CVE-2017-14888 @@ -31762,8 +31767,8 @@ CVE-2017-14882 (In Android for MSM, Firefox OS for MSM, QRD Android, with all An NOT-FOR-US: Qualcomm component for Android CVE-2017-14881 (While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in ...) NOT-FOR-US: Qualcomm component for Android -CVE-2017-14880 - RESERVED +CVE-2017-14880 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check CVE-2017-14879 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) NOT-FOR-US: Qualcomm components for Android CVE-2017-14878 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) @@ -43286,8 +43291,8 @@ CVE-2017-11077 RESERVED CVE-2017-11076 RESERVED -CVE-2017-11075 - RESERVED +CVE-2017-11075 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...) + TODO: check CVE-2017-11074 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) NOT-FOR-US: Qualcomm components for Android CVE-2017-11073 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) @@ -65672,7 +65677,7 @@ CVE-2017-3775 CVE-2017-3774 RESERVED CVE-2017-3773 - RESERVED + REJECTED CVE-2017-3772 RESERVED CVE-2017-3771 (System boot process is not adequately secured In Lenovo E95 and ...) @@ -79327,8 +79332,8 @@ CVE-2016-8367 (An issue was discovered in Schneider Electric Magelis HMI Magelis NOT-FOR-US: Schneider CVE-2016-8366 RESERVED -CVE-2016-8365 - RESERVED +CVE-2016-8365 (OSIsoft PI System software (Applications using PI Asset Framework (AF) ...) + TODO: check CVE-2016-8364 (An issue was discovered in IBHsoftec S7-SoftPLC prior to 4.12b. Object ...) NOT-FOR-US: IBHsoftec CVE-2016-8363 (An issue was discovered in Moxa OnCell OnCellG3470A-LTE, ...) @@ -82163,8 +82168,8 @@ CVE-2016-7474 (In some cases the MCPD binary cache in F5 BIG-IP devices may allo NOT-FOR-US: F5 BIG-IP CVE-2016-7473 RESERVED -CVE-2016-7472 - RESERVED +CVE-2016-7472 (F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to ...) + TODO: check CVE-2016-7471 RESERVED CVE-2016-7470 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/36701f669d848662e719b04c042de3199c4e8aae --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/36701f669d848662e719b04c042de3199c4e8aae You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits