[Git][security-tracker-team/security-tracker][master] record ATS fixes

Moritz Muehlenhoff jmm at debian.org
Wed Aug 29 10:31:06 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
19585b9a by Moritz Muehlenhoff at 2018-08-29T09:30:43Z
record ATS fixes

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -20099,6 +20099,7 @@ CVE-2018-8040
 	- trafficserver 7.1.4+ds-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/29/2
 	NOTE: https://github.com/apache/trafficserver/pull/3926
+	NOTE: https://github.com/apache/trafficserver/commit/cea07c03274807c1588dbdf03baa1537d958c92f
 CVE-2018-8039 (It is possible to configure Apache CXF to use the com.sun.net.ssl ...)
 	NOT-FOR-US: Apache CXF
 CVE-2018-8038 (Versions of Apache CXF Fediz prior to 1.4.4 do not fully disable ...)
@@ -20249,6 +20250,7 @@ CVE-2018-8005
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/29/4
 	NOTE: https://github.com/apache/trafficserver/pull/3106
 	NOTE: https://github.com/apache/trafficserver/pull/3124
+	NOTE: https://github.com/apache/trafficserver/commit/bbcbb7cf7f25ebfe3a97d792e889de618e41a6a4
 CVE-2018-8004
 	RESERVED
 	- trafficserver 7.1.4+ds-1
@@ -20257,6 +20259,10 @@ CVE-2018-8004
 	NOTE: https://github.com/apache/trafficserver/pull/3201
 	NOTE: https://github.com/apache/trafficserver/pull/3231
 	NOTE: https://github.com/apache/trafficserver/pull/3251
+	NOTE: https://github.com/apache/trafficserver/commit/05d734c773900dd589480ff07572c0d7db7c3d44
+	NOTE: https://github.com/apache/trafficserver/commit/9659d12a21cf1870c2790fdd5acab712ed87f16e
+	NOTE: https://github.com/apache/trafficserver/commit/2616e580de7d66b9098c464d503a049c7814e35a
+	NOTE: https://github.com/apache/trafficserver/commit/3d2fdab8b0606bc8b35006f7aeb73729d364b333
 CVE-2018-8003 (Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a directory ...)
 	NOT-FOR-US: Apache Ambari
 CVE-2018-8002 (In PoDoFo 0.9.5, there exists an infinite loop vulnerability in ...)
@@ -39896,6 +39902,7 @@ CVE-2018-1318
 	- trafficserver 7.1.4+ds-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/29/3
 	NOTE: https://github.com/apache/trafficserver/pull/3195
+	NOTE: https://github.com/apache/trafficserver/commit/e6dfda305acf85250861ecfa14a7bd6bb2fad5c3
 CVE-2018-1317
 	RESERVED
 CVE-2018-1316 (The ODE process deployment web service was sensible to deployment ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/19585b9ac32e236ef01abe32d5bf54f1af659653

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/19585b9ac32e236ef01abe32d5bf54f1af659653
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180829/f7bb5775/attachment.html>

More information about the debian-security-tracker-commits mailing list