[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Mon Apr 9 20:10:35 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
38df7b00 by security tracker role at 2018-04-09T20:10:27+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,119 @@
+CVE-2018-9915
+	RESERVED
+CVE-2018-9914
+	RESERVED
+CVE-2018-9913
+	RESERVED
+CVE-2018-9912
+	RESERVED
+CVE-2018-9911
+	RESERVED
+CVE-2018-9910
+	RESERVED
+CVE-2018-9909
+	RESERVED
+CVE-2018-9908
+	RESERVED
+CVE-2018-9907
+	RESERVED
+CVE-2018-9906
+	RESERVED
+CVE-2018-9905
+	RESERVED
+CVE-2018-9904
+	RESERVED
+CVE-2018-9903
+	RESERVED
+CVE-2018-9902
+	RESERVED
+CVE-2018-9901
+	RESERVED
+CVE-2018-9900
+	RESERVED
+CVE-2018-9899
+	RESERVED
+CVE-2018-9898
+	RESERVED
+CVE-2018-9897
+	RESERVED
+CVE-2018-9896
+	RESERVED
+CVE-2018-9895
+	RESERVED
+CVE-2018-9894
+	RESERVED
+CVE-2018-9893
+	RESERVED
+CVE-2018-9892
+	RESERVED
+CVE-2018-9891
+	RESERVED
+CVE-2018-9890
+	RESERVED
+CVE-2018-9889
+	RESERVED
+CVE-2018-9888
+	RESERVED
+CVE-2018-9887
+	RESERVED
+CVE-2018-9886
+	RESERVED
+CVE-2018-9885
+	RESERVED
+CVE-2018-9884
+	RESERVED
+CVE-2018-9883
+	RESERVED
+CVE-2018-9882
+	RESERVED
+CVE-2018-9881
+	RESERVED
+CVE-2018-9880
+	RESERVED
+CVE-2018-9879
+	RESERVED
+CVE-2018-9878
+	RESERVED
+CVE-2018-9877
+	RESERVED
+CVE-2018-9876
+	RESERVED
+CVE-2018-9875
+	RESERVED
+CVE-2018-9874
+	RESERVED
+CVE-2018-9873
+	RESERVED
+CVE-2018-9872
+	RESERVED
+CVE-2018-9871
+	RESERVED
+CVE-2018-9870
+	RESERVED
+CVE-2018-9869
+	RESERVED
+CVE-2018-9868
+	RESERVED
+CVE-2018-9867
+	RESERVED
+CVE-2018-9866
+	RESERVED
+CVE-2018-9865
+	RESERVED
+CVE-2018-9864 (The WP Live Chat Support plugin before 8.0.06 for WordPress has stored ...)
+	TODO: check
+CVE-2018-9863
+	RESERVED
+CVE-2018-9862 (util.c in runV 1.0.0 for Docker mishandles a numeric username, which ...)
+	TODO: check
+CVE-2018-9861
+	RESERVED
+CVE-2018-9860
+	RESERVED
+CVE-2018-9859
+	RESERVED
+CVE-2018-1000168
+	RESERVED
 CVE-2018-9858
 	RESERVED
 CVE-2018-9857 (PHP Scripts Mall Match Clone Script 1.0.4 has XSS via the search field ...)
@@ -1561,6 +1677,7 @@ CVE-2018-9167
 CVE-2018-9166
 	RESERVED
 CVE-2018-9165 (The pushdup function in util/decompile.c in libming through 0.4.8 does ...)
+	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/121
 CVE-2018-9164
@@ -4624,6 +4741,7 @@ CVE-2018-7876 (In libming 0.4.8, a memory exhaustion vulnerability was found in 
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/109
 CVE-2018-7875 (There is a heap-based buffer over-read in the getString function of ...)
+	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/112
 CVE-2018-7874 (An invalid memory address dereference was discovered in strlenext in ...)
@@ -4633,21 +4751,26 @@ CVE-2018-7873 (There is a heap-based buffer overflow in the getString function o
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/111
 CVE-2018-7872 (An invalid memory address dereference was discovered in the function ...)
+	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/114
 CVE-2018-7871 (There is a heap-based buffer over-read in the getName function of ...)
+	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/120
 CVE-2018-7870 (An invalid memory address dereference was discovered in getString in ...)
+	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/117
 CVE-2018-7869 (There is a memory leak triggered in the function dcinit of ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/119
 CVE-2018-7868 (There is a heap-based buffer over-read in the getName function of ...)
+	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/113
 CVE-2018-7867 (There is a heap-based buffer overflow in the getString function of ...)
+	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/116
 CVE-2018-7866 (A NULL pointer dereference was discovered in newVar3 in ...)
@@ -9348,6 +9471,7 @@ CVE-2018-6359 (The decompileIF function (util/decompile.c) in libming through 0.
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/105
 CVE-2018-6358 (The printDefineFont2 function (util/listfdb.c) in libming through 0.4.8 ...)
+	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/104
 CVE-2018-6357 (The acx_asmw_saveorder_callback function in function.php in the ...)
@@ -22705,8 +22829,7 @@ CVE-2018-1310
 	RESERVED
 CVE-2018-1309
 	RESERVED
-CVE-2018-1308 [XXE attack through Apache Solr's DIH's dataConfig request parameter]
-	RESERVED
+CVE-2018-1308 (This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 ...)
 	- lucene-solr <unfixed>
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/08/3
 	NOTE: https://issues.apache.org/jira/browse/SOLR-11971
@@ -23492,6 +23615,7 @@ CVE-2018-1087
 	RESERVED
 CVE-2018-1086 [Debug parameter removal bypass, allowing information disclosure]
 	RESERVED
+	{DSA-4169-1}
 	- pcs <unfixed> (bug #895313)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/09/2
 CVE-2018-1085
@@ -25516,14 +25640,14 @@ CVE-2018-0558
 	RESERVED
 CVE-2018-0557
 	RESERVED
-CVE-2018-0556
-	RESERVED
-CVE-2018-0555
-	RESERVED
-CVE-2018-0554
-	RESERVED
-CVE-2018-0553
-	RESERVED
+CVE-2018-0556 (Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to ...)
+	TODO: check
+CVE-2018-0555 (Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an ...)
+	TODO: check
+CVE-2018-0554 (Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass ...)
+	TODO: check
+CVE-2018-0553 (The iRemoconWiFi App for Android version 4.1.7 and earlier does not ...)
+	TODO: check
 CVE-2018-0552 (Untrusted search path vulnerability in The installer of PhishWall ...)
 	NOT-FOR-US: installer of PhishWall Client (Firefox and Chrome edition for Windows)
 CVE-2018-0551
@@ -25538,8 +25662,8 @@ CVE-2018-0547 (Cross-site scripting vulnerability in WP All Import plugin prior 
 	NOT-FOR-US: WP All Import plugin for WordPress
 CVE-2018-0546 (Cross-site scripting vulnerability in WP All Import plugin prior to ...)
 	NOT-FOR-US: WP All Import plugin for WordPress
-CVE-2018-0545
-	RESERVED
+CVE-2018-0545 (LXR version 1.0.0 to 2.3.0 allows remote attackers to execute ...)
+	TODO: check
 CVE-2018-0544 (Untrusted search path vulnerability in WinShot 1.53a and earlier ...)
 	NOT-FOR-US: WinShot
 CVE-2018-0543 (Untrusted search path vulnerability in Jtrim 1.53c and earlier ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/38df7b0047b632208396601d45ea9575430a3846

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/38df7b0047b632208396601d45ea9575430a3846
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180409/bedbadc4/attachment.html>

More information about the Secure-testing-commits mailing list