[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sun Feb 4 21:10:27 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eb0f6064 by security tracker role at 2018-02-04T21:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,19 @@
+CVE-2018-6615
+	RESERVED
+CVE-2018-6614
+	RESERVED
+CVE-2018-6613
+	RESERVED
+CVE-2018-6612 (An integer underflow bug in the process_EXIF function of the exif.c ...)
+	TODO: check
+CVE-2018-6611 (soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt ...)
+	TODO: check
+CVE-2018-6610
+	RESERVED
+CVE-2018-6609
+	RESERVED
+CVE-2018-6608
+	RESERVED
 CVE-2018-6607
 	RESERVED
 CVE-2018-6606 (An issue was discovered in MalwareFox AntiMalware 2.74.0.150. Improper ...)
@@ -69,6 +85,7 @@ CVE-2018-1000032
 CVE-2018-1000031
 	RESERVED
 CVE-2017-18123 (The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19e ...)
+	{DLA-1269-1}
 	- dokuwiki <unfixed> (bug #889281)
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/2029
 	NOTE: https://github.com/splitbrain/dokuwiki/commit/238b8e878ad48f370903465192b57c2072f65d86
@@ -7231,7 +7248,7 @@ CVE-2018-3710 [Remote Code Execution Vulnerability in GitLab Projects Import]
 CVE-2017-17970 (Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote ...)
 	NOT-FOR-US: Muviko
 CVE-2017-17969 (Heap-based buffer overflow in the ...)
-	{DLA-1268-1}
+	{DSA-4104-1 DLA-1268-1}
 	- p7zip 16.02+dfsg-5 (bug #888297)
 	NOTE: https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-zip/
 	NOTE: Fixed in upstream 18.00-beta.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/eb0f60646f71ce59cba8fdd6c628059aea1e36dd

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/eb0f60646f71ce59cba8fdd6c628059aea1e36dd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180204/40efa6ce/attachment.html>

More information about the Secure-testing-commits mailing list