[Git][security-tracker-team/security-tracker][master] 2 commits: Add some descriptions

Salvatore Bonaccorso carnil at debian.org
Tue Aug 14 20:47:57 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1471d17c by Salvatore Bonaccorso at 2018-08-14T19:47:16Z
Add some descriptions

- - - - -
8d2986ab by Salvatore Bonaccorso at 2018-08-14T19:47:32Z
Add CVE-2018-14007 to be checked

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5,14 +5,14 @@ CVE-2018-XXXX [libykneomgr memory corruption]
 CVE-2018-XXXX [XSA 272: oxenstored does not apply quota-maxentity]
 	- xen <unfixed> (unimportant)
 	NOTE: https://xenbits.xen.org/xsa/advisory-272.html
-CVE-2018-XXXX [XSA 270]
+CVE-2018-XXXX [XSA 270: Linux netback driver OOB access in hash handling]
 	- linux <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-270.html
-CVE-2018-XXXX [XSA 269]
+CVE-2018-XXXX [XSA 269: x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS]
 	- xen <unfixed>
 	[jessie] - xen <not-affected> (Only affects 4.6 and later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-269.html
-CVE-2018-XXXX [XSA 268]
+CVE-2018-XXXX [XSA 268: Use of v2 grant tables may cause crash on ARM]
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-268.html
 CVE-2018-15309
@@ -3227,8 +3227,10 @@ CVE-2018-14009 (Codiad through 2.8.4 allows Remote Code Execution, a different .
 	NOT-FOR-US: Codiad
 CVE-2018-14008
 	RESERVED
-CVE-2018-14007
+CVE-2018-14007 [XAPI HTTP directory traversal]
 	RESERVED
+	NOTE: https://xenbits.xen.org/xsa/advisory-271.html
+	TODO: check
 CVE-2018-14006 (An integer overflow vulnerability exists in the function ...)
 	NOT-FOR-US: Neo Genesis Token (NGT)
 CVE-2018-14005 (An integer overflow vulnerability exists in the function transferAny of ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/13c3924d2cee4a5d97c5229b4c3dec5940174313...8d2986ab93608a2275abdecb19ac26d666c74b6b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/13c3924d2cee4a5d97c5229b4c3dec5940174313...8d2986ab93608a2275abdecb19ac26d666c74b6b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180814/bcd6eacf/attachment.html>

More information about the debian-security-tracker-commits mailing list