[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Wed Apr 25 09:10:29 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c087a081 by security tracker role at 2018-04-25T08:10:24+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,41 @@
+CVE-2018-10370
+	RESERVED
+CVE-2018-10369
+	RESERVED
+CVE-2018-10368
+	RESERVED
+CVE-2018-10367
+	RESERVED
+CVE-2018-10366
+	RESERVED
+CVE-2018-10365
+	RESERVED
+CVE-2018-10364
+	RESERVED
+CVE-2018-10363
+	RESERVED
+CVE-2018-10360
+	RESERVED
+CVE-2018-10359
+	RESERVED
+CVE-2018-10358
+	RESERVED
+CVE-2018-10357
+	RESERVED
+CVE-2018-10356
+	RESERVED
+CVE-2018-10355
+	RESERVED
+CVE-2018-10354
+	RESERVED
+CVE-2018-10353
+	RESERVED
+CVE-2018-10352
+	RESERVED
+CVE-2018-10351
+	RESERVED
+CVE-2018-10350
+	RESERVED
 CVE-2018-10349
 	RESERVED
 CVE-2018-10348
@@ -38,7 +76,7 @@ CVE-2018-10331
 	RESERVED
 CVE-2018-10330
 	RESERVED
-CVE-2018-10361 [ktexteditor privilege escalation]
+CVE-2018-10361 (An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure ...)
 	- ktexteditor <unfixed> (bug #896836)
 	[stretch] - ktexteditor <not-affected> (Introduced in 5.34.0)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/24/1
@@ -104,7 +142,7 @@ CVE-2018-10303 (A use-after-free in Foxit Reader before 9.1 and PhantomPDF befor
 	NOT-FOR-US: Foxit Reader
 CVE-2018-10302 (A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10362 [Authorization bypass]
+CVE-2018-10362 (An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to ...)
 	- phpliteadmin <unfixed> (bug #896682)
 	NOTE: https://github.com/phpLiteAdmin/pla/issues/11
 	NOTE: Fixed by: https://github.com/phpLiteAdmin/pla/commit/41545fe058e674a983f557bff13787df53167274
@@ -23802,8 +23840,8 @@ CVE-2017-17558 (The usb_destroy_configuration function in drivers/usb/core/confi
 	- linux 4.14.7-1
 	NOTE: https://www.spinics.net/lists/linux-usb/msg163644.html
 	NOTE: Fixed by: https://git.kernel.org/linus/48a4ff1c7bb5a32d2e396b03132d20d552c0eca7
-CVE-2017-17557
-	RESERVED
+CVE-2017-17557 (In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw ...)
+	TODO: check
 CVE-2017-17556 (A debug tool in Synaptics TouchPad drivers allows local users with ...)
 	NOT-FOR-US: debug tool in Synaptics TouchPad drivers
 CVE-2017-17555 (The swri_audio_convert function in audioconvert.c in FFmpeg ...)
@@ -78269,7 +78307,7 @@ CVE-2016-9596 [stack exhaustion while parsing xml files in recovery mode]
 CVE-2016-9595
 	RESERVED
 	NOT-FOR-US: Katello
-CVE-2016-9594 (curl before version 7.52.1 is vulnerable to an unitialized random in ...)
+CVE-2016-9594 (curl before version 7.52.1 is vulnerable to an uninitialized random ...)
 	- curl <not-affected> (Only affects 7.52.0)
 	NOTE: https://curl.haxx.se/docs/adv_20161223.html
 CVE-2016-9593 (foreman-debug before version 1.15.0 is vulnerable to a flaw in ...)
@@ -158682,8 +158720,8 @@ CVE-2013-7247 (cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with fir
 	NOT-FOR-US: Franklin Fueling Systems TS-550
 CVE-2013-7246 (Buffer overflow in the IconCreate method in an ActiveX control in the ...)
 	NOT-FOR-US: DaumGame ActiveX plugin
-CVE-2013-7245
-	RESERVED
+CVE-2013-7245 (The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows ...)
+	TODO: check
 CVE-2013-7244
 	RESERVED
 CVE-2013-7243 (Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS ...)
@@ -169464,8 +169502,8 @@ CVE-2013-3949 (The posix_spawn system call in the XNU kernel in Apple Mac OS X 1
 	NOT-FOR-US: Apple Mac OS X
 CVE-2013-3948 (Apple iOS 6.1.3 does not follow redirects during determination of the ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-3947
-	RESERVED
+CVE-2013-3947 (Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 ...)
+	TODO: check
 CVE-2013-3946
 	RESERVED
 CVE-2013-3945



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c087a0812e7f1156905396f547d5e98fc107b99a

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c087a0812e7f1156905396f547d5e98fc107b99a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180425/cca553b2/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list