[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Jan 11 09:10:22 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2d05deb6 by security tracker role at 2018-01-11T09:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,25 @@
+CVE-2018-5342
+ RESERVED
+CVE-2018-5341
+ RESERVED
+CVE-2018-5340
+ RESERVED
+CVE-2018-5339
+ RESERVED
+CVE-2018-5338
+ RESERVED
+CVE-2018-5337
+ RESERVED
+CVE-2018-5336
+ RESERVED
+CVE-2018-5335
+ RESERVED
+CVE-2018-5334
+ RESERVED
+CVE-2018-5333 (In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in ...)
+ TODO: check
+CVE-2018-5332 (In the Linux kernel through 4.14.13, the rds_message_alloc_sgs() ...)
+ TODO: check
CVE-2017-1000441
REJECTED
CVE-2017-1000439
@@ -1072,7 +1094,7 @@ CVE-2017-1000476 (ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was f
CVE-2017-1000473 (Linux Dash up to version v2 is vulnerable to multiple command ...)
NOT-FOR-US: Linux Dash
CVE-2017-1000472 (The ZipCommon::isValidPath() function in Zip/src/ZipCommon.cpp in POCO ...)
- {DLA-1239-1}
+ {DSA-4083-1 DLA-1239-1}
- poco 1.8.0-2
NOTE: https://github.com/pocoproject/poco/issues/1968
CVE-2017-1000471 (EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL ...)
@@ -14376,34 +14398,34 @@ CVE-2018-0016
RESERVED
CVE-2018-0015
RESERVED
-CVE-2018-0014
- RESERVED
-CVE-2018-0013
- RESERVED
-CVE-2018-0012
- RESERVED
-CVE-2018-0011
- RESERVED
-CVE-2018-0010
- RESERVED
-CVE-2018-0009
- RESERVED
-CVE-2018-0008
- RESERVED
-CVE-2018-0007
- RESERVED
-CVE-2018-0006
- RESERVED
-CVE-2018-0005
- RESERVED
-CVE-2018-0004
- RESERVED
-CVE-2018-0003
- RESERVED
-CVE-2018-0002
- RESERVED
-CVE-2018-0001
- RESERVED
+CVE-2018-0014 (Juniper Networks ScreenOS devices do not pad Ethernet packets with ...)
+ TODO: check
+CVE-2018-0013 (A local file inclusion vulnerability in Juniper Networks Junos Space ...)
+ TODO: check
+CVE-2018-0012 (Junos Space is affected by a privilege escalation vulnerability that ...)
+ TODO: check
+CVE-2018-0011 (A reflected cross site scripting (XSS) vulnerability in Junos Space ...)
+ TODO: check
+CVE-2018-0010 (A vulnerability in the Juniper Networks Junos Space Security Director ...)
+ TODO: check
+CVE-2018-0009 (On Juniper Networks SRX series devices, firewall rules configured to ...)
+ TODO: check
+CVE-2018-0008 (An unauthenticated root login may allow upon reboot when a commit ...)
+ TODO: check
+CVE-2018-0007 (An unauthenticated network-based attacker able to send a maliciously ...)
+ TODO: check
+CVE-2018-0006 (A high rate of VLAN authentication attempts sent from an adjacent host ...)
+ TODO: check
+CVE-2018-0005 (QFX and EX Series switches configured to drop traffic when the MAC ...)
+ TODO: check
+CVE-2018-0004 (A sustained sequence of different types of normal transit traffic can ...)
+ TODO: check
+CVE-2018-0003 (A specially crafted MPLS packet received or processed by the system, ...)
+ TODO: check
+CVE-2018-0002 (On SRX Series and MX Series devices with a Service PIC with any ALG ...)
+ TODO: check
+CVE-2018-0001 (A remote, unauthenticated attacker may be able to execute code by ...)
+ TODO: check
CVE-2017-16866 (dayrui FineCms 5.2.0 before 2017.11.16 has Cross Site Scripting (XSS) ...)
NOT-FOR-US: dayrui FineCms
CVE-2017-16865
@@ -17364,18 +17386,18 @@ CVE-2017-15852
RESERVED
CVE-2017-15851
RESERVED
-CVE-2017-15850
- RESERVED
+CVE-2017-15850 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-15849 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
TODO: check
-CVE-2017-15848
- RESERVED
-CVE-2017-15847
- RESERVED
+CVE-2017-15848 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
+CVE-2017-15847 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-15846
RESERVED
-CVE-2017-15845
- RESERVED
+CVE-2017-15845 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-15844
RESERVED
CVE-2017-15843
@@ -20271,8 +20293,8 @@ CVE-2017-14881
RESERVED
CVE-2017-14880
RESERVED
-CVE-2017-14879
- RESERVED
+CVE-2017-14879 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-14878
RESERVED
CVE-2017-14877
@@ -20283,16 +20305,16 @@ CVE-2017-14875
RESERVED
CVE-2017-14874
RESERVED
-CVE-2017-14873
- RESERVED
+CVE-2017-14873 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-14872
RESERVED
CVE-2017-14871
RESERVED
-CVE-2017-14870
- RESERVED
-CVE-2017-14869
- RESERVED
+CVE-2017-14870 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
+CVE-2017-14869 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-14868 (Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows ...)
- restlet <itp> (bug #596472)
CVE-2017-14866 (There is a heap-based buffer overflow in the Exiv2::s2Data function of ...)
@@ -31598,12 +31620,12 @@ CVE-2017-11083
RESERVED
CVE-2017-11082
RESERVED
-CVE-2017-11081
- RESERVED
-CVE-2017-11080
- RESERVED
-CVE-2017-11079
- RESERVED
+CVE-2017-11081 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
+CVE-2017-11080 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
+CVE-2017-11079 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-11078
RESERVED
CVE-2017-11077
@@ -31628,8 +31650,8 @@ CVE-2017-11068
RESERVED
CVE-2017-11067 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11066
- RESERVED
+CVE-2017-11066 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-11065
RESERVED
CVE-2017-11064 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
@@ -31754,8 +31776,8 @@ CVE-2017-11005 (In Android for MSM, Firefox OS for MSM, QRD Android, with all An
NOT-FOR-US: Qualcomm closed-source components for Android
CVE-2017-11004
RESERVED
-CVE-2017-11003
- RESERVED
+CVE-2017-11003 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-11002 (In all Qualcomm products with Android releases from CAF using the ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-11001 (In all Qualcomm products with Android releases from CAF using the ...)
@@ -35410,8 +35432,8 @@ CVE-2017-9714 (In Android for MSM, Firefox OS for MSM, QRD Android, with all And
NOT-FOR-US: Qualcomm components for Android
CVE-2017-9713
RESERVED
-CVE-2017-9712
- RESERVED
+CVE-2017-9712 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-9711
RESERVED
CVE-2017-9710 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
@@ -35424,8 +35446,8 @@ CVE-2017-9707
RESERVED
CVE-2017-9706 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9705
- RESERVED
+CVE-2017-9705 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-9704
RESERVED
CVE-2017-9703 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
@@ -35460,8 +35482,8 @@ CVE-2017-9691
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-9690 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9689
- RESERVED
+CVE-2017-9689 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-9688
RESERVED
CVE-2017-9687 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
@@ -145047,6 +145069,7 @@ CVE-2014-0352
CVE-2014-0351 (The FortiManager protocol service in Fortinet FortiOS before 4.3.16 ...)
NOT-FOR-US: Fortinet FortiOS
CVE-2014-0350 (The Poco::Net::X509Certificate::verify method in the NetSSL library in ...)
+ {DLA-1239-1}
- poco 1.3.6p1-5 (low; bug #746637)
[squeeze] - poco <no-dsa> (Minor issue)
CVE-2014-0349 (Multiple unspecified vulnerabilities in J2k-Codec allow remote ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2d05deb643af1b41de0e2ee457c24d0c64353501
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2d05deb643af1b41de0e2ee457c24d0c64353501
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180111/635088e6/attachment.html>
More information about the Secure-testing-commits
mailing list