[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Wed Feb 14 09:10:20 UTC 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b18975bf by security tracker role at 2018-02-14T09:10:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,7 @@
+CVE-2018-6956
+	RESERVED
+CVE-2018-6955
+	RESERVED
 CVE-2018-6954 (systemd-tmpfiles in systemd through 237 mishandles symlinks present in ...)
 	- systemd <unfixed>
 	NOTE: https://github.com/systemd/systemd/issues/7986
@@ -158,8 +162,8 @@ CVE-2018-6912 (The decode_plane function in libavcodec/utvideodec.c in FFmpeg th
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/76cc0f0f673353cd4746cd3b83838ae335e5d9ed
 CVE-2018-6911 (The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-6910
-	RESERVED
+CVE-2018-6910 (DedeCMS 5.7 allows remote attackers to discover the full path via a ...)
+	TODO: check
 CVE-2018-6909
 	RESERVED
 CVE-2018-6908
@@ -411,6 +415,7 @@ CVE-2018-6801
 CVE-2018-6800
 	RESERVED
 CVE-2018-6799 (The AcquireCacheNexus function in magick/pixel_cache.c in ...)
+	{DLA-1282-1}
 	- graphicsmagick 1.3.28-1
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b41e2efce6d3
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d30ed06e9b87
@@ -4069,8 +4074,8 @@ CVE-2018-5461
 	RESERVED
 CVE-2018-5460
 	RESERVED
-CVE-2018-5459
-	RESERVED
+CVE-2018-5459 (An Improper Authentication issue was discovered in WAGO PFC200 Series ...)
+	TODO: check
 CVE-2018-5458
 	RESERVED
 CVE-2018-5457 (A uncontrolled search path element issue was discovered in Vyaire ...)
@@ -22573,8 +22578,7 @@ CVE-2017-15701 (In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive)
 	- qpid-java <itp> (bug #840131)
 CVE-2017-15700 (A flaw in the org.apache.sling.auth.core.AuthUtil#isRedirectValid ...)
 	NOT-FOR-US: Apache Sling Authentication Service
-CVE-2017-15699
-	RESERVED
+CVE-2017-15699 (A Denial of Service vulnerability was found in Apache Qpid Dispatch ...)
 	- qpid-dispatch <itp> (bug #737776)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/02/13/5
 CVE-2017-15698 (When parsing the AIA-Extension field of a client certificate, Apache ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b18975bf36c686ef254148318ab83edaf07cc922

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b18975bf36c686ef254148318ab83edaf07cc922
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180214/fabf4cc9/attachment.html>
