[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
497d988e by security tracker role at 2018-08-31T20:10:23Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,16 @@
-CVE-2018-16276 [USB: yurex: fix out-of-bounds uaccess in read handler]
+CVE-2018-16281
+	RESERVED
+CVE-2018-16280
+	RESERVED
+CVE-2018-16279
+	RESERVED
+CVE-2018-16278 (phpkaiyuancms PhpOpenSourceCMS (POSCMS) V3.2.0 allows an ...)
+	TODO: check
+CVE-2018-16277
+	RESERVED
+CVE-2018-16275 (OPSWAT MetaDefender before v4.11.2 allows CSV injection. ...)
+	TODO: check
+CVE-2018-16276 (An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in ...)
 	- linux 4.17.8-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f1e255d60ae66a9f672ff9a207ee6cd8e33d2679 (4.18-rc5)
 CVE-2018-16274
@@ -12947,14 +12959,14 @@ CVE-2018-11059 (RSA Archer, versions prior to 6.4.0.1, contain a stored cross-si
 	NOT-FOR-US: RSA Archer
 CVE-2018-11058
 	RESERVED
-CVE-2018-11057
-	RESERVED
-CVE-2018-11056
-	RESERVED
-CVE-2018-11055
-	RESERVED
-CVE-2018-11054
-	RESERVED
+CVE-2018-11057 (RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and ...)
+	TODO: check
+CVE-2018-11056 (RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA ...)
+	TODO: check
+CVE-2018-11055 (RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and ...)
+	TODO: check
+CVE-2018-11054 (RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer ...)
+	TODO: check
 CVE-2018-11053 (Dell EMC iDRAC Service Module for all supported Linux and XenServer ...)
 	NOT-FOR-US: Dell
 CVE-2018-11052 (Dell EMC ECS versions 3.2.0.0 and 3.2.0.1 contain an authentication ...)
@@ -21617,8 +21629,8 @@ CVE-2018-7687 (The Micro Focus Client for OES before version 2 SP4 IR8a has a ..
 	NOT-FOR-US: Micro Focus Client for OES
 CVE-2018-7686 (Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 ...)
 	NOT-FOR-US: NetIQ eDirectory
-CVE-2018-7685
-	RESERVED
+CVE-2018-7685 (The decoupled download and installation steps in libzypp before 17.5.0 ...)
+	TODO: check
 CVE-2018-7684
 	RESERVED
 CVE-2018-7683 (Micro Focus Solutions Business Manager versions prior to 11.4 might ...)
@@ -33354,8 +33366,8 @@ CVE-2018-3789
 	RESERVED
 CVE-2018-3788
 	RESERVED
-CVE-2018-3787
-	RESERVED
+CVE-2018-3787 (Path traversal in simplehttpserver <v0.2.1 allows listing any file on ...)
+	TODO: check
 CVE-2018-3786 (A command injection vulnerability in egg-scripts <v2.8.1 allows ...)
 	NOT-FOR-US: egg-scripts
 CVE-2018-3785 (A command injection in git-dummy-commit v1.3.0 allows os level ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/497d988e16bb44820a525cdcef3b119680031fb5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/497d988e16bb44820a525cdcef3b119680031fb5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180831/8291b7ea/attachment.html>