[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Mon Feb 5 09:10:19 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2d739b04 by security tracker role at 2018-02-05T09:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,17 @@
+CVE-2018-6622
+	RESERVED
+CVE-2018-6621 (The decode_frame function in libavcodec/utvideodec.c in FFmpeg through ...)
+	TODO: check
+CVE-2018-6620 (Odoo does not require authentication to be configured for a Backup ...)
+	TODO: check
+CVE-2018-6619
+	RESERVED
+CVE-2018-6618
+	RESERVED
+CVE-2018-6617
+	RESERVED
+CVE-2018-6616 (In OpenJPEG 2.3.0, there is excessive iteration in the ...)
+	TODO: check
 CVE-2018-6615
 	RESERVED
 CVE-2018-6614
@@ -493,8 +507,8 @@ CVE-2018-6463
 	RESERVED
 CVE-2018-6462 (Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle ...)
 	NOT-FOR-US: Tracker PDF-XChange Viewer and Viewer AX SDK
-CVE-2018-6461
-	RESERVED
+CVE-2018-6461 (March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 ...)
+	TODO: check
 CVE-2018-6460 (Hotspot Shield runs a webserver with a static IP address 127.0.0.1 and ...)
 	NOT-FOR-US: Hotspot Shield
 CVE-2018-6459
@@ -1188,8 +1202,7 @@ CVE-2018-6196 (w3m through 0.5.3 is prone to an infinite recursion flaw in ...)
 	NOTE: https://github.com/tats/w3m/commit/8354763b90490d4105695df52674d0fcef823e92
 CVE-2018-6189
 	RESERVED
-CVE-2018-6188 [information leakage in AuthenticationForm]
-	RESERVED
+CVE-2018-6188 (django.contrib.auth.forms.AuthenticationForm in Django 2.0 before ...)
 	- python-django 1:1.11.10-1
 	[stretch] - python-django <not-affected> (Issue introduced in 1.11.8 and 2.0)
 	[jessie] - python-django <not-affected> (Issue introduced in 1.11.8 and 2.0)
@@ -2196,28 +2209,28 @@ CVE-2018-5799
 	RESERVED
 CVE-2018-5798
 	RESERVED
-CVE-2018-5797
-	RESERVED
-CVE-2018-5796
-	RESERVED
-CVE-2018-5795
-	RESERVED
-CVE-2018-5794
-	RESERVED
-CVE-2018-5793
-	RESERVED
-CVE-2018-5792
-	RESERVED
-CVE-2018-5791
-	RESERVED
-CVE-2018-5790
-	RESERVED
-CVE-2018-5789
-	RESERVED
-CVE-2018-5788
-	RESERVED
-CVE-2018-5787
-	RESERVED
+CVE-2018-5797 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+	TODO: check
+CVE-2018-5796 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+	TODO: check
+CVE-2018-5795 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+	TODO: check
+CVE-2018-5794 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+	TODO: check
+CVE-2018-5793 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+	TODO: check
+CVE-2018-5792 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+	TODO: check
+CVE-2018-5791 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+	TODO: check
+CVE-2018-5790 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+	TODO: check
+CVE-2018-5789 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+	TODO: check
+CVE-2018-5788 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+	TODO: check
+CVE-2018-5787 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x ...)
+	TODO: check
 CVE-2017-18044 (A Command Injection issue was discovered in ...)
 	NOT-FOR-US: Commvault
 CVE-2018-5786 (In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and ...)
@@ -21839,8 +21852,8 @@ CVE-2017-15587 (An integer overflow was discovered in pdf_read_new_xref_section 
 	NOTE: https://nandynarwhals.org/CVE-2017-15587/
 CVE-2017-15538 (Stored XSS vulnerability in the Media Objects component of ILIAS before ...)
 	NOT-FOR-US: ILIAS
-CVE-2017-15536
-	RESERVED
+CVE-2017-15536 (An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.x ...)
+	TODO: check
 CVE-2017-15535 (MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a ...)
 	- mongodb <not-affected> (wire protocol compression introduced in 3.4.x and disabled by default)
 	NOTE: https://jira.mongodb.org/browse/SERVER-31273



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2d739b04f3cb46c11af08fea6a245dc592b7665b

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2d739b04f3cb46c11af08fea6a245dc592b7665b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180205/b44ed7d2/attachment.html>

More information about the Secure-testing-commits mailing list