[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Fri Feb 23 09:10:17 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ec1956e3 by security tracker role at 2018-02-23T09:10:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,17 @@
+CVE-2018-7422
+	RESERVED
+CVE-2018-7421
+	RESERVED
+CVE-2018-7420
+	RESERVED
+CVE-2018-7419
+	RESERVED
+CVE-2018-7418
+	RESERVED
+CVE-2018-7417
+	RESERVED
+CVE-2018-7416
+	RESERVED
 CVE-2018-XXXX [heap-buffer-overflow in freexl.c:3912 read_mini_biff_next_record]
 	- freexl 1.0.5-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547892
@@ -972,14 +986,17 @@ CVE-2018-7053 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.
 	NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
 	NOTE: Fixed by: https://github.com/irssi/irssi/commit/84f03e01467b90a4251987b32b2813ee976b357c
 CVE-2018-7052 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. ...)
+	{DLA-1289-1}
 	- irssi <unfixed> (bug #890676)
 	NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
 	NOTE: Fixed by: https://github.com/irssi/irssi/commit/5b5bfef03596d95079c728f65f523570dd7b03aa
 CVE-2018-7051 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. ...)
+	{DLA-1289-1}
 	- irssi <unfixed> (bug #890677)
 	NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
 	NOTE: Fixed by: https://github.com/irssi/irssi/commit/e32e9d63c67ab95ef0576154680a6c52334b97af
 CVE-2018-7050 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A ...)
+	{DLA-1289-1}
 	- irssi <unfixed> (bug #890678)
 	NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
 	NOTE: Fixed by: https://github.com/irssi/irssi/commit/e91da9e4098e449dc36eaa15354aff67650e7703
@@ -2565,10 +2582,10 @@ CVE-2018-6491
 	RESERVED
 CVE-2018-6490
 	RESERVED
-CVE-2018-6489
-	RESERVED
-CVE-2018-6488
-	RESERVED
+CVE-2018-6489 (XML External Entity (XXE) vulnerability in Micro Focus Project and ...)
+	TODO: check
+CVE-2018-6488 (Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, ...)
+	TODO: check
 CVE-2018-6487 (Remote Disclosure of Information in Micro Focus Universal CMDB ...)
 	NOT-FOR-US: Micro Focus Universal CMDB Foundation Software
 CVE-2018-6486 (XML External Entity (XXE) vulnerability in Micro Focus Fortify Audit ...)
@@ -5761,7 +5778,7 @@ CVE-2018-1000028 (Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.
 	NOTE: Introducing commit backported to 4.14.8 and 4.9.76. But Debian stretch
 	NOTE: did never contain the vulnerable code alone without the fix.
 CVE-2018-1000027 (The Squid Software Foundation Squid HTTP Caching Proxy version prior ...)
-	{DLA-1267-1 DLA-1266-1}
+	{DSA-4122-1 DLA-1267-1 DLA-1266-1}
 	[experimental] - squid 4.0.23-1~exp8
 	- squid <removed>
 	- squid3 3.5.27-1 (bug #888720)
@@ -5770,7 +5787,7 @@ CVE-2018-1000027 (The Squid Software Foundation Squid HTTP Caching Proxy version
 	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2018_2.patch
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2018_2.txt
 CVE-2018-1000024 (The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to ...)
-	{DLA-1266-1}
+	{DSA-4122-1 DLA-1266-1}
 	[experimental] - squid 4.0.23-1~exp8
 	- squid <removed>
 	[wheezy] - squid <not-affected> (Not affected according to upstream advisory)
@@ -20503,8 +20520,8 @@ CVE-2018-0017
 	RESERVED
 CVE-2018-0016
 	RESERVED
-CVE-2018-0015
-	RESERVED
+CVE-2018-0015 (A malicious user with unrestricted access to the AppFormix application ...)
+	TODO: check
 CVE-2018-0014 (Juniper Networks ScreenOS devices do not pad Ethernet packets with ...)
 	NOT-FOR-US: Juniper
 CVE-2018-0013 (A local file inclusion vulnerability in Juniper Networks Junos Space ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ec1956e33bf33b4e918f50d4c5c3a10f33cdea62

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ec1956e33bf33b4e918f50d4c5c3a10f33cdea62
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180223/8051785f/attachment.html>

More information about the Secure-testing-commits mailing list