[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b0210305 by security tracker role at 2018-02-06T09:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,31 @@
+CVE-2018-6657
+	RESERVED
+CVE-2018-6656
+	RESERVED
+CVE-2018-6655
+	RESERVED
+CVE-2018-6654 (The Grammarly extension before 2018-02-02 for Chrome allows remote ...)
+	TODO: check
+CVE-2018-6653
+	RESERVED
+CVE-2018-6652
+	RESERVED
+CVE-2018-6651 (In the uncurl_ws_accept function in uncurl.c in uncurl before 0.07, as ...)
+	TODO: check
+CVE-2018-6650
+	RESERVED
+CVE-2018-6649
+	RESERVED
+CVE-2018-6648
+	RESERVED
+CVE-2018-6647
+	RESERVED
+CVE-2018-6646
+	RESERVED
+CVE-2018-6645
+	RESERVED
+CVE-2018-6644
+	RESERVED
 CVE-2018-6643
 	RESERVED
 CVE-2018-6642
@@ -206,20 +234,20 @@ CVE-2018-6611 (soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenm
 	- libopenmpt 0.3.6-1 (bug #889545)
 	[stretch] - libopenmpt <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/OpenMPT/openmpt/commit/61fc6d3030a4d4283105cb5fb46b27b42fa5575e
-CVE-2018-6610
-	RESERVED
-CVE-2018-6609
-	RESERVED
+CVE-2018-6610 (Information Leakage exists in the jLike 1.0 component for Joomla! via a ...)
+	TODO: check
+CVE-2018-6609 (SQL Injection exists in the JSP Tickets 1.1 component for Joomla! via ...)
+	TODO: check
 CVE-2018-6608
 	RESERVED
 CVE-2018-6607
 	RESERVED
 CVE-2018-6606 (An issue was discovered in MalwareFox AntiMalware 2.74.0.150. Improper ...)
 	NOT-FOR-US: MalwareFox AntiMalware
-CVE-2018-6605
-	RESERVED
-CVE-2018-6604
-	RESERVED
+CVE-2018-6605 (SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joomla! ...)
+	TODO: check
+CVE-2018-6604 (SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! ...)
+	TODO: check
 CVE-2018-6603
 	RESERVED
 CVE-2018-6602
@@ -293,8 +321,8 @@ CVE-2018-6584
 	RESERVED
 CVE-2018-6583
 	RESERVED
-CVE-2018-6582
-	RESERVED
+CVE-2018-6582 (SQL Injection exists in the Zh GoogleMap 8.4.0.0 component for Joomla! ...)
+	TODO: check
 CVE-2018-6581 (SQL Injection exists in the JMS Music 1.1.1 component for Joomla! via a ...)
 	NOT-FOR-US: JMS Music component for Joomla!
 CVE-2018-6580 (Arbitrary file upload exists in the Jimtawl 2.1.6 and 2.2.5 component ...)
@@ -319,8 +347,8 @@ CVE-2018-6571
 	RESERVED
 CVE-2018-6570
 	RESERVED
-CVE-2018-6569
-	RESERVED
+CVE-2018-6569 (West Wind Web Server 6.x does not require autheentication for ...)
+	TODO: check
 CVE-2018-6568
 	RESERVED
 CVE-2018-6567



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b02103050f0a9db8c7ba6fe5334a693802fbd204

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b02103050f0a9db8c7ba6fe5334a693802fbd204
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180206/f0f1fe7d/attachment.html>