[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dbc65f1f by security tracker role at 2018-12-22T20:10:18Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2018-20367 (The "mall some commodity details: commodity consultation" component in ...)
+	TODO: check
+CVE-2018-20366
+	RESERVED
+CVE-2018-20365 (LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. ...)
+	TODO: check
+CVE-2018-20364 (LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL ...)
+	TODO: check
+CVE-2018-20363 (LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer ...)
+	TODO: check
+CVE-2018-20362 (A NULL pointer dereference was discovered in ifilter_bank of ...)
+	TODO: check
+CVE-2018-20361 (An invalid memory address dereference was discovered in the hf_assembly ...)
+	TODO: check
+CVE-2018-20360 (An invalid memory address dereference was discovered in the ...)
+	TODO: check
+CVE-2018-20359 (An invalid memory address dereference was discovered in the ...)
+	TODO: check
+CVE-2018-20358 (An invalid memory address dereference was discovered in the ...)
+	TODO: check
+CVE-2018-20357 (A NULL pointer dereference was discovered in sbr_process_channel of ...)
+	TODO: check
+CVE-2018-20356
+	RESERVED
+CVE-2018-20355
+	RESERVED
+CVE-2018-20354
+	RESERVED
+CVE-2018-20353
+	RESERVED
+CVE-2018-20352
+	RESERVED
 CVE-2018-20351 (The Markdown component in Evernote (Chinese) before 8.3.2 on macOS ...)
 	TODO: check
 CVE-2018-20350
@@ -5119,8 +5151,8 @@ CVE-2018-19865 (A keystroke logging issue was discovered in Virtual Keyboard in
 	TODO: check for completeness
 CVE-2018-19864 (NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows ...)
 	NOT-FOR-US: NUUO NVRmini2 Network Video Recorder firmware
-CVE-2018-19863
-	RESERVED
+CVE-2018-19863 (An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on ...)
+	TODO: check
 CVE-2018-19862
 	RESERVED
 CVE-2018-19861
@@ -21982,6 +22014,7 @@ CVE-2018-14424 (The daemon in GDM through 3.29.1 does not properly unexport disp
 	NOTE: https://gitlab.gnome.org/GNOME/gdm/commit/6060db704a19b0db68f2e9e6a2d020c0c78b6bba
 	NOTE: https://gitlab.gnome.org/GNOME/gdm/commit/765b306c364885dd89d47fe9fe8618ce6a467bc1
 CVE-2018-14423 (Division-by-zero vulnerabilities in the functions pi_next_pcrl, ...)
+	{DLA-1614-1}
 	- openjpeg2 <unfixed> (low; bug #904873)
 	[stretch] - openjpeg2 <ignored> (Minor issue)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1123
@@ -43027,6 +43060,7 @@ CVE-2018-6618 (Easy Hosting Control Panel (EHCP) v0.37.12.b allows attackers to
 CVE-2018-6617 (Easy Hosting Control Panel (EHCP) v0.37.12.b, when using a local MySQL ...)
 	NOT-FOR-US: Easy Hosting Control Panel (EHCP)
 CVE-2018-6616 (In OpenJPEG 2.3.0, there is excessive iteration in the ...)
+	{DLA-1614-1}
 	- openjpeg2 <unfixed> (bug #889683)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1059
 	NOTE: https://github.com/uclouvain/openjpeg/commit/8ee335227bbcaf1614124046aa25e53d67b11ec3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dbc65f1f4f808e83ec3b37de786c620e00672a40

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dbc65f1f4f808e83ec3b37de786c620e00672a40
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181222/1db7a8f4/attachment.html>