[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Feb 1 09:10:25 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
262a5eb3 by security tracker role at 2018-02-01T09:10:21+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,11 @@
+CVE-2018-6484 (In ZZIPlib 0.13.67, there is a memory alignment error and bus error in ...)
+ TODO: check
+CVE-2018-6483
+ RESERVED
+CVE-2018-6482
+ RESERVED
+CVE-2018-6481
+ RESERVED
CVE-2018-6480 (A type confusion issue was discovered in CCN-lite 2, leading to a ...)
NOT-FOR-US: CCN-lite 2
CVE-2018-6479 (An issue was discovered on Netwave IP Camera devices. An ...)
@@ -250,8 +258,8 @@ CVE-2016-10711 (Apsis Pound before 2.8a allows request smuggling via crafted hea
NOTE: http://www.apsis.ch/pound/pound_list/archive/2016/2016-10/1477235279000
CVE-2018-6375
RESERVED
-CVE-2018-6374
- RESERVED
+CVE-2018-6374 (The GUI component (aka PulseUI) in Pulse Secure Desktop Linux clients ...)
+ TODO: check
CVE-2018-6373
RESERVED
CVE-2018-6372
@@ -980,51 +988,61 @@ CVE-2018-6055
RESERVED
CVE-2018-6054
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6053
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6052
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6051
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6050
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6049
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6048
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6047
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6046
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6045
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -1032,66 +1050,79 @@ CVE-2018-6044
RESERVED
CVE-2018-6043
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6042
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6041
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6040
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6039
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6038
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6037
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6036
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6035
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6034
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6033
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6032
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6031
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -4097,7 +4128,7 @@ CVE-2017-1000482 (A member of the Plone 2.5-5.1rc1 site could set javascript in
CVE-2017-1000481 (When you visit a page where you need to login, Plone 2.5-5.1rc1 sends ...)
NOT-FOR-US: Plone
CVE-2017-1000480 (Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when ...)
- {DSA-4094-1 DLA-1249-1}
+ {DSA-4094-1 DLA-1249-2 DLA-1249-1}
- smarty <removed>
- smarty3 3.1.31+20161214.1.c7d42e4+selfpack1-3 (bug #886460)
NOTE: https://github.com/smarty-php/smarty/commit/614ad1f8b9b00086efc123e49b7bb8efbfa81b61
@@ -13581,16 +13612,14 @@ CVE-2017-1000410 (The Linux kernel version 3.3-rc1 and later is affected by a ..
- linux 4.14.7-1
[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.3)
NOTE: http://www.openwall.com/lists/oss-security/2017/12/06/3
-CVE-2017-1000409 [buffer overflow]
- RESERVED
+CVE-2017-1000409 (A buffer overflow in glibc 2.5 (released on September 29, 2006) and ...)
- glibc 2.25-5 (bug #884133)
[stretch] - glibc <no-dsa> (Minor issue)
[jessie] - glibc <no-dsa> (Minor issue)
- eglibc <removed>
[wheezy] - eglibc <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2017/12/11/4
-CVE-2017-1000408 [memory leak]
- RESERVED
+CVE-2017-1000408 (A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached ...)
- glibc 2.25-5 (bug #884132)
[stretch] - glibc <no-dsa> (Minor issue)
[jessie] - glibc <no-dsa> (Minor issue)
@@ -17069,20 +17098,16 @@ CVE-2017-16916
RESERVED
CVE-2017-16915
RESERVED
-CVE-2017-16914 [usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer]
- RESERVED
+CVE-2017-16914 (The "stub_send_ret_submit()" function (drivers/usb/usbip/stub_tx.c) in ...)
- linux 4.14.12-1
NOTE: Fixed by: https://git.kernel.org/linus/be6123df1ea8f01ee2f896a16c2b7be3e4557a5a
-CVE-2017-16913 [usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input]
- RESERVED
+CVE-2017-16913 (The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in ...)
- linux 4.14.12-1
NOTE: Fixed by: https://git.kernel.org/linus/c6688ef9f29762e65bce325ef4acd6c675806366
-CVE-2017-16912 [usbip: fix stub_rx: get_pipe() to validate endpoint number]
- RESERVED
+CVE-2017-16912 (The "get_pipe()" function (drivers/usb/usbip/stub_rx.c) in the Linux ...)
- linux 4.14.12-1
NOTE: Fixed by: https://git.kernel.org/linus/635f545a7e8be7596b9b2b6a43cab6bbd5a88e43
-CVE-2017-16911 [usbip: prevent vhci_hcd driver from leaking a socket pointer address]
- RESERVED
+CVE-2017-16911 (The vhci_hcd driver in the Linux Kernel before version 4.14.8 and ...)
- linux 4.14.12-1
NOTE: Fixed by: https://git.kernel.org/linus/2f2d0088eb93db5c649d2a5e34a3800a8a935fc5
CVE-2017-16910
@@ -17657,8 +17682,8 @@ CVE-2017-16863 (The PieChart gadget in Atlassian Jira before version 7.5.3 allow
NOT-FOR-US: PieChart gadget in Atlassian Jira
CVE-2017-16862 (The IncomingMailServers resource in Atlassian Jira before version ...)
NOT-FOR-US: Atlassian Jira
-CVE-2017-16861
- RESERVED
+CVE-2017-16861 (It was possible for double OGNL evaluation in certain redirect action ...)
+ TODO: check
CVE-2017-16860
RESERVED
CVE-2017-16859
@@ -21608,6 +21633,7 @@ CVE-2017-15430
RESERVED
CVE-2017-15429
RESERVED
+ {DSA-4103-1}
- chromium-browser 64.0.3282.119-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -21654,7 +21680,7 @@ CVE-2017-15421
RESERVED
CVE-2017-15420
RESERVED
- {DSA-4064-1}
+ {DSA-4103-1 DSA-4064-1}
- chromium-browser 63.0.3239.84-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/262a5eb3c1b43d2d603fd445bc0c1d4d83084b7e
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/262a5eb3c1b43d2d603fd445bc0c1d4d83084b7e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180201/d44df574/attachment-0001.html>
More information about the Secure-testing-commits
mailing list