[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
26b47f41 by security tracker role at 2018-08-07T20:10:19Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,15 @@
+CVE-2018-15134
+	RESERVED
+CVE-2018-15133
+	RESERVED
+CVE-2018-15132 (An issue was discovered in ext/standard/link_win32.c in PHP before ...)
+	TODO: check
+CVE-2018-15131
+	RESERVED
+CVE-2018-15130 (ThinkSAAS through 2018-07-25 has XSS via the ...)
+	TODO: check
+CVE-2013-7464
+	RESERVED
 CVE-2018-15129 (ThinkSAAS through 2018-07-25 has XSS via the ...)
 	NOT-FOR-US: ThinkSAAS
 CVE-2018-15128
@@ -5297,8 +5309,8 @@ CVE-2018-12887
 	RESERVED
 CVE-2018-12886
 	RESERVED
-CVE-2018-12885
-	RESERVED
+CVE-2018-12885 (The randMod() function of the smart contract implementation for ...)
+	TODO: check
 CVE-2018-12884 (In Octopus Deploy 3.0 onwards (before 2018.6.7), an authenticated user ...)
 	NOT-FOR-US: Octopus Deploy
 CVE-2018-1000205 (U-Boot contains a CWE-20: Improper Input Validation vulnerability in ...)
@@ -9152,14 +9164,14 @@ CVE-2018-11458
 	RESERVED
 CVE-2018-11457
 	RESERVED
-CVE-2018-11456
-	RESERVED
-CVE-2018-11455
-	RESERVED
-CVE-2018-11454
-	RESERVED
-CVE-2018-11453
-	RESERVED
+CVE-2018-11456 (A vulnerability has been identified in Automation License Manager 5 ...)
+	TODO: check
+CVE-2018-11455 (A vulnerability has been identified in Automation License Manager 5 ...)
+	TODO: check
+CVE-2018-11454 (A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and ...)
+	TODO: check
+CVE-2018-11453 (A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and ...)
+	TODO: check
 CVE-2018-11452 (A vulnerability has been identified in Firmware variant IEC 61850 for ...)
 	NOT-FOR-US: Siemens
 CVE-2018-11451 (A vulnerability has been identified in Firmware variant IEC 61850 for ...)
@@ -24686,8 +24698,8 @@ CVE-2018-5996 (Insufficient exception handling in the method ...)
 	[jessie] - p7zip-rar <no-dsa> (Non-free not supported)
 	[wheezy] - p7zip-rar <no-dsa> (Non-free not supported)
 	NOTE: https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-zip/
-CVE-2018-5995
-	RESERVED
+CVE-2018-5995 (The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel ...)
+	TODO: check
 CVE-2018-5994 (SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the ...)
 	NOT-FOR-US: JS Jobs component for Joomla!
 CVE-2018-5993 (SQL Injection exists in the Aist through 2.0 component for Joomla! via ...)
@@ -24786,8 +24798,8 @@ CVE-2016-10708 (sshd in OpenSSH before 7.4 allows remote attackers to cause a de
 	NOTE: Flaw is not crashing the whole sshd daemon, rather the privsep process
 CVE-2018-5954 (phpFreeChat 1.7 and earlier allows remote attackers to cause a denial ...)
 	NOT-FOR-US: phpFreeChat
-CVE-2018-5953
-	RESERVED
+CVE-2018-5953 (The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel ...)
+	TODO: check
 CVE-2018-5952
 	RESERVED
 CVE-2018-5951
@@ -36074,8 +36086,8 @@ CVE-2018-1692
 	RESERVED
 CVE-2018-1691
 	RESERVED
-CVE-2018-1690
-	RESERVED
+CVE-2018-1690 (IBM Rhapsody Model Manager 6.0.6 is vulnerable to cross-site ...)
+	TODO: check
 CVE-2018-1689
 	RESERVED
 CVE-2018-1688



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/26b47f41077388df283e28fc84d4eb789faef50e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/26b47f41077388df283e28fc84d4eb789faef50e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180807/db6ca685/attachment.html>