[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Tue Apr 3 20:10:26 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
36701f66 by security tracker role at 2018-04-03T20:10:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,5 @@
+CVE-2018-9234
+ RESERVED
CVE-2018-XXXX [Crash in chat screen when another client sends a long line]
- ncmpc <unfixed> (low; bug #894724)
[stretch] - ncmpc <no-dsa> (Minor issue)
@@ -962,8 +964,8 @@ CVE-2018-8838
RESERVED
CVE-2018-8837
RESERVED
-CVE-2018-8836
- RESERVED
+CVE-2018-8836 (Wago 750 Series PLCs with firmware version 10 and prior include a ...)
+ TODO: check
CVE-2018-8835
RESERVED
CVE-2018-8834
@@ -6937,8 +6939,8 @@ CVE-2017-18149
RESERVED
CVE-2017-18148
RESERVED
-CVE-2017-18147
- RESERVED
+CVE-2017-18147 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
CVE-2017-18146
RESERVED
CVE-2017-18145
@@ -9341,24 +9343,24 @@ CVE-2018-5830
RESERVED
CVE-2018-5829
RESERVED
-CVE-2018-5828
- RESERVED
+CVE-2018-5828 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
CVE-2018-5827
RESERVED
-CVE-2018-5826
- RESERVED
-CVE-2018-5825
- RESERVED
-CVE-2018-5824
- RESERVED
-CVE-2018-5823
- RESERVED
-CVE-2018-5822
- RESERVED
-CVE-2018-5821
- RESERVED
-CVE-2018-5820
- RESERVED
+CVE-2018-5826 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
+CVE-2018-5825 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
+CVE-2018-5824 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
+CVE-2018-5823 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
+CVE-2018-5822 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
+CVE-2018-5821 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
+CVE-2018-5820 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
CVE-2018-5819
RESERVED
CVE-2018-5818
@@ -14714,8 +14716,8 @@ CVE-2018-3691
RESERVED
CVE-2018-3690
RESERVED
-CVE-2018-3689
- RESERVED
+CVE-2018-3689 (AESM daemon in Intel Software Guard Extensions Platform Software ...)
+ TODO: check
CVE-2018-3688
RESERVED
CVE-2018-3687
@@ -15420,14 +15422,14 @@ CVE-2017-17809 (In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpn
NOT-FOR-US: Golden Frog VyprVPN
CVE-2017-17808
RESERVED
-CVE-2018-3599
- RESERVED
-CVE-2018-3598
- RESERVED
+CVE-2018-3599 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
+CVE-2018-3598 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
CVE-2018-3597
RESERVED
-CVE-2018-3596
- RESERVED
+CVE-2018-3596 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
CVE-2018-3595
RESERVED
CVE-2018-3594
@@ -15450,8 +15452,8 @@ CVE-2018-3586
RESERVED
CVE-2018-3585
RESERVED
-CVE-2018-3584
- RESERVED
+CVE-2018-3584 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
CVE-2018-3583
RESERVED
CVE-2018-3582
@@ -15486,14 +15488,14 @@ CVE-2018-3568
RESERVED
CVE-2018-3567
RESERVED
-CVE-2018-3566
- RESERVED
+CVE-2018-3566 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
CVE-2018-3565
RESERVED
CVE-2018-3564
RESERVED
-CVE-2018-3563
- RESERVED
+CVE-2018-3563 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
CVE-2018-3562
RESERVED
CVE-2018-3561 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
@@ -15586,8 +15588,7 @@ CVE-2017-17772
RESERVED
CVE-2017-17771 (In msm_isp_prepare_v4l2_buf in Android for MSM, Firefox OS for MSM, ...)
NOT-FOR-US: Qualcomm component for Android
-CVE-2017-17770
- RESERVED
+CVE-2017-17770 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
NOT-FOR-US: Android Linux component (source code not availalable, so probably Android-specific)
CVE-2017-17769 (Information leakage in Android for MSM, Firefox OS for MSM, and QRD ...)
NOT-FOR-US: Qualcomm component for Android
@@ -21169,6 +21170,7 @@ CVE-2018-1314
CVE-2018-1313
RESERVED
CVE-2018-1312 (In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest ...)
+ {DSA-4164-1}
- apache2 2.4.33-1
NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/7
CVE-2018-1311
@@ -21210,6 +21212,7 @@ CVE-2018-1304 (The URL pattern of "" (the empty string) which exactly
NOTE: https://svn.apache.org/r1823309 (7.0.x)
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62067
CVE-2018-1303 (A specially crafted HTTP request header could have crashed the Apache ...)
+ {DSA-4164-1}
- apache2 2.4.33-1
NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/3
CVE-2018-1302 (When an HTTP/2 stream was destroyed after being handled, the Apache ...)
@@ -21220,6 +21223,7 @@ CVE-2018-1302 (When an HTTP/2 stream was destroyed after being handled, the Apac
NOTE: HTTP/2 support introduced in 2.4.17
NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/5
CVE-2018-1301 (A specially crafted request could have crashed the Apache HTTP Server ...)
+ {DSA-4164-1}
- apache2 2.4.33-1
NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/2
CVE-2018-1300
@@ -21273,6 +21277,7 @@ CVE-2018-1285
CVE-2018-1284
RESERVED
CVE-2018-1283 (In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to ...)
+ {DSA-4164-1}
- apache2 2.4.33-1
NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/4
CVE-2018-1282
@@ -21904,13 +21909,11 @@ CVE-2018-1101
RESERVED
CVE-2018-1100
RESERVED
-CVE-2018-1099 [etcd: DNS rebinding vulnerability in etcd server]
- RESERVED
+CVE-2018-1099 (DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An ...)
- etcd <unfixed>
NOTE: https://github.com/coreos/etcd/issues/9353
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1552717
-CVE-2018-1098 [etcd: Cross-site request forgery via crafted local POST forms]
- RESERVED
+CVE-2018-1098 (A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. ...)
- etcd <unfixed>
NOTE: https://github.com/coreos/etcd/issues/9353
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1552714
@@ -28794,8 +28797,8 @@ CVE-2017-15855
NOT-FOR-US: Qualcomm components for Android
CVE-2017-15854
RESERVED
-CVE-2017-15853
- RESERVED
+CVE-2017-15853 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
CVE-2017-15852 (Information leak of the ISPIF base address in Android for MSM, Firefox ...)
NOT-FOR-US: Qualcomm component for Android
CVE-2017-15851
@@ -28826,10 +28829,10 @@ CVE-2017-15839
RESERVED
CVE-2017-15838
RESERVED
-CVE-2017-15837
- RESERVED
-CVE-2017-15836
- RESERVED
+CVE-2017-15837 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
+CVE-2017-15836 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
CVE-2017-15835
RESERVED
CVE-2017-15834 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
@@ -28856,8 +28859,8 @@ CVE-2017-15824
RESERVED
CVE-2017-15823 (In spectral_create_samp_msg() in Android for MSM, Firefox OS for MSM, ...)
NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15822
- RESERVED
+CVE-2017-15822 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
CVE-2017-15821 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2017-15820 (In all Qualcomm products with Android releases from CAF using the ...)
@@ -29098,6 +29101,7 @@ CVE-2017-15717 (A flaw in the way URLs are escaped and encoded in the ...)
CVE-2017-15716
RESERVED
CVE-2017-15715 (In Apache httpd 2.4.0 to 2.4.29, the expression specified in ...)
+ {DSA-4164-1}
- apache2 2.4.33-1
NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/6
CVE-2017-15714 (The BIRT plugin in Apache OFBiz 16.11.01 to 16.11.03 does not escape ...)
@@ -29109,6 +29113,7 @@ CVE-2017-15712 (Vulnerability allows a user of Apache Oozie 3.1.3-incubating to
CVE-2017-15711
REJECTED
CVE-2017-15710 (In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to ...)
+ {DSA-4164-1}
- apache2 2.4.33-1
NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/8
CVE-2017-15709 (When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 ...)
@@ -31734,16 +31739,16 @@ CVE-2017-14896 (In Android for MSM, Firefox OS for MSM, QRD Android, with all An
NOT-FOR-US: Qualcomm components for Android
CVE-2017-14895 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
NOT-FOR-US: Android
-CVE-2017-14894
- RESERVED
+CVE-2017-14894 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
CVE-2017-14893
RESERVED
CVE-2017-14892 (In the function msm_pcm_hw_params() in Android for MSM, Firefox OS for ...)
NOT-FOR-US: Qualcomm component for Android
CVE-2017-14891 (In the KGSL driver function _gpuobj_map_useraddr() in Android for MSM, ...)
NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14890
- RESERVED
+CVE-2017-14890 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
CVE-2017-14889 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2017-14888
@@ -31762,8 +31767,8 @@ CVE-2017-14882 (In Android for MSM, Firefox OS for MSM, QRD Android, with all An
NOT-FOR-US: Qualcomm component for Android
CVE-2017-14881 (While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in ...)
NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14880
- RESERVED
+CVE-2017-14880 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
CVE-2017-14879 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2017-14878 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
@@ -43286,8 +43291,8 @@ CVE-2017-11077
RESERVED
CVE-2017-11076
RESERVED
-CVE-2017-11075
- RESERVED
+CVE-2017-11075 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
+ TODO: check
CVE-2017-11074 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2017-11073 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
@@ -65672,7 +65677,7 @@ CVE-2017-3775
CVE-2017-3774
RESERVED
CVE-2017-3773
- RESERVED
+ REJECTED
CVE-2017-3772
RESERVED
CVE-2017-3771 (System boot process is not adequately secured In Lenovo E95 and ...)
@@ -79327,8 +79332,8 @@ CVE-2016-8367 (An issue was discovered in Schneider Electric Magelis HMI Magelis
NOT-FOR-US: Schneider
CVE-2016-8366
RESERVED
-CVE-2016-8365
- RESERVED
+CVE-2016-8365 (OSIsoft PI System software (Applications using PI Asset Framework (AF) ...)
+ TODO: check
CVE-2016-8364 (An issue was discovered in IBHsoftec S7-SoftPLC prior to 4.12b. Object ...)
NOT-FOR-US: IBHsoftec
CVE-2016-8363 (An issue was discovered in Moxa OnCell OnCellG3470A-LTE, ...)
@@ -82163,8 +82168,8 @@ CVE-2016-7474 (In some cases the MCPD binary cache in F5 BIG-IP devices may allo
NOT-FOR-US: F5 BIG-IP
CVE-2016-7473
RESERVED
-CVE-2016-7472
- RESERVED
+CVE-2016-7472 (F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to ...)
+ TODO: check
CVE-2016-7471
RESERVED
CVE-2016-7470
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/36701f669d848662e719b04c042de3199c4e8aae
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/36701f669d848662e719b04c042de3199c4e8aae
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180403/c7b683d7/attachment.html>
More information about the Secure-testing-commits
mailing list