[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Mon Aug 20 09:10:24 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3cd1c002 by security tracker role at 2018-08-20T08:10:16Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,79 @@
+CVE-2018-15585
+	RESERVED
+CVE-2018-15584
+	RESERVED
+CVE-2018-15583
+	RESERVED
+CVE-2018-15582
+	RESERVED
+CVE-2018-15581
+	RESERVED
+CVE-2018-15580
+	RESERVED
+CVE-2018-15579
+	RESERVED
+CVE-2018-15578
+	RESERVED
+CVE-2018-15577
+	RESERVED
+CVE-2018-15576
+	RESERVED
+CVE-2018-15575
+	RESERVED
+CVE-2018-15574 (** DISPUTED ** An issue was discovered in the license editor in Reprise ...)
+	TODO: check
+CVE-2018-15573 (** DISPUTED ** An issue was discovered in Reprise License Manager (RLM) ...)
+	TODO: check
+CVE-2018-15572 (The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c ...)
+	TODO: check
+CVE-2018-15571
+	RESERVED
+CVE-2018-15570 (In waimai Super Cms 20150505, there is stored XSS via the ...)
+	TODO: check
+CVE-2018-15569 (my little forum 2.4.12 allows CSRF for deletion of users. ...)
+	TODO: check
+CVE-2018-15568 (tp5cms through 2017-05-25 has CSRF via admin.php/category/delete.html. ...)
+	TODO: check
+CVE-2018-15567 (CMSUno before 1.5.3 has XSS via the title field. ...)
+	TODO: check
+CVE-2018-15566 (tp5cms through 2017-05-25 has XSS via the admin.php/article/index.html ...)
+	TODO: check
+CVE-2018-15565 (An issue was discovered in daveismyname simple-cms through 2014-03-11. ...)
+	TODO: check
+CVE-2018-15564 (An issue was discovered in daveismyname simple-cms through 2014-03-11. ...)
+	TODO: check
+CVE-2018-15563
+	RESERVED
+CVE-2018-15562
+	RESERVED
+CVE-2018-15561
+	RESERVED
+CVE-2018-15560 (PyCryptodome before 3.6.6 has an integer overflow in the data_len ...)
+	TODO: check
+CVE-2018-15559 (The editor in Xiuno BBS 4.0.4 allows stored XSS. ...)
+	TODO: check
+CVE-2018-15558
+	RESERVED
+CVE-2018-15557
+	RESERVED
+CVE-2018-15556
+	RESERVED
+CVE-2018-15555
+	RESERVED
+CVE-2018-15554
+	RESERVED
+CVE-2018-15553 (fileshare.cmd on Telus Actiontec T2200H T2200H-31.128L.03 devices ...)
+	TODO: check
+CVE-2018-15552
+	RESERVED
+CVE-2018-15551
+	RESERVED
+CVE-2018-15550
+	RESERVED
+CVE-2018-15549
+	RESERVED
+CVE-2018-15548
+	RESERVED
 CVE-2018-15547
 	RESERVED
 CVE-2018-15546
@@ -1692,7 +1768,7 @@ CVE-2018-1999034 (A man in the middle vulnerability exists in Jenkins Inedo ProG
 CVE-2018-1999035 (A man in the middle vulnerability exists in Jenkins Inedo BuildMaster ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2018-14767 (In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message ...)
-	{DSA-4267-1}
+	{DSA-4267-1 DLA-1471-1}
 	- kamailio 5.1.4-1
 	NOTE: https://skalatan.de/blog/advisory-hw-2018-05
 	NOTE: https://www.kamailio.org/w/2018/07/kamailio-security-announcement-for-kamailio-core/
@@ -71426,18 +71502,21 @@ CVE-2017-7659 (A maliciously constructed HTTP/2 request could cause mod_http2 2.
 	NOTE: HTTP/2 support introduced in 2.4.17
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/19/5
 CVE-2017-7658 (In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non ...)
+	{DSA-4278-1}
 	- jetty <removed>
 	- jetty8 <removed>
 	- jetty9 9.2.25-1 (low; bug #902953)
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669
 	NOTE: https://github.com/eclipse/jetty.project/commit/a285deea
 CVE-2017-7657 (In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all ...)
+	{DSA-4278-1}
 	- jetty <removed>
 	- jetty8 <removed>
 	- jetty9 9.2.25-1 (low; bug #902953)
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668
 	NOTE: https://github.com/eclipse/jetty.project/commit/a285deea
 CVE-2017-7656 (In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all ...)
+	{DSA-4278-1}
 	- jetty <removed>
 	- jetty8 <removed>
 	- jetty9 9.2.25-1 (low; bug #902953)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3cd1c0025c6f33c3bf40ecd6c73b75217b4a4961

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3cd1c0025c6f33c3bf40ecd6c73b75217b4a4961
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180820/d7b95df6/attachment.html>

More information about the debian-security-tracker-commits mailing list