[Git][security-tracker-team/security-tracker][master] new k8s issue
Moritz Muehlenhoff
jmm at debian.org
Thu Dec 20 12:30:50 GMT 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b87e6d01 by Moritz Muehlenhoff at 2018-12-20T12:30:01Z
new k8s issue
two freerdp issues specific to freerdp2
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -184,6 +184,7 @@ CVE-2018-20231 (Cross Site Request Forgery (CSRF) in the two-factor-authenticati
NOT-FOR-US: two-factor-authentication plugin for WordPress
CVE-2018-20230 (An issue was discovered in PSPP 1.2.0. There is a heap-based buffer ...)
- pspp <unfixed> (bug #916902)
+ [stretch] - pspp <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1660318
CVE-2018-20229
RESERVED
@@ -28703,7 +28704,8 @@ CVE-2018-11709 (wpforo_get_request_uri in wpf-includes/functions.php in the wpFo
CVE-2018-11708
RESERVED
CVE-2018-1002101 (In Kubernetes versions 1.9.0-1.9.9, 1.10.0-1.10.5, and 1.11.0-1.11.1, ...)
- TODO: check
+ - kubernetes <unfixed>
+ NOTE: https://github.com/kubernetes/kubernetes/issues/65750
CVE-2016-1000343 (In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key ...)
{DLA-1418-1}
- bouncycastle 1.56-1
@@ -36488,10 +36490,12 @@ CVE-2018-8786 (FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation
CVE-2018-8785 (FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer ...)
- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
- freerdp <removed>
+ [stretch] - freerdp <not-affected> (Vulnerable code not present, zgfx not yet supported)
NOTE: https://github.com/FreeRDP/FreeRDP/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d
CVE-2018-8784 (FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer ...)
- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
- freerdp <removed>
+ [stretch] - freerdp <not-affected> (Vulnerable code not present, zgfx not yet supported)
NOTE: https://github.com/FreeRDP/FreeRDP/commit/17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7
CVE-2018-8783
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b87e6d01c57164c0096514e7ff4f993504918aaa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b87e6d01c57164c0096514e7ff4f993504918aaa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181220/dec4362c/attachment.html>
More information about the debian-security-tracker-commits
mailing list