[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Mon Jan 15 21:10:26 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2abfa9d1 by security tracker role at 2018-01-15T21:10:21+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -475,8 +475,8 @@ CVE-2018-5481
RESERVED
CVE-2018-5480
RESERVED
-CVE-2018-5479
- RESERVED
+CVE-2018-5479 (FoxSash ImgHosting 1.5 (according to footer information) is vulnerable ...)
+ TODO: check
CVE-2018-5478
RESERVED
CVE-2018-5477
@@ -703,7 +703,8 @@ CVE-2016-10706 (The Jetpack plugin before 4.0.3 for WordPress has XSS via a craf
NOT-FOR-US: WordPress plugin jetpack
CVE-2016-10705 (The Jetpack plugin before 4.0.4 for WordPress has XSS via the Likes ...)
NOT-FOR-US: WordPress plugin jetpack
-CVE-2018-5702 [rpc session-id mechanism design flaw results in RCE]
+CVE-2018-5702 (Transmission through 2.92 relies on X-Transmission-Session-Id (which is ...)
+ {DSA-4087-1}
- transmission <unfixed> (bug #886990)
NOTE: http://www.openwall.com/lists/oss-security/2018/01/12/1
NOTE: https://github.com/transmission/transmission/pull/468
@@ -4130,7 +4131,7 @@ CVE-2017-1000424 (Github Electron version 1.6.4 - 1.6.11 and 1.7.0 - 1.7.5 is vu
CVE-2017-1000423 (b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation ...)
- b2evolution <removed>
CVE-2017-1000422 (Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer ...)
- {DLA-1234-1}
+ {DSA-4088-1 DLA-1234-1}
- gdk-pixbuf 2.36.11-1
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=785973
NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=0012e066ba37439d402ce46afbc1311530a4ec61
@@ -40534,6 +40535,7 @@ CVE-2017-8316
CVE-2017-8315
RESERVED
CVE-2017-8314 (Directory Traversal in Zip Extraction built-in function in Kodi 17.1 ...)
+ {DLA-1243-1}
- kodi 2:17.1+dfsg1-3 (bug #863230)
- xbmc <removed>
NOTE: http://blog.checkpoint.com/2017/05/23/hacked-in-translation/
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2abfa9d1462e7914f86ed6ea6d28d4ab585b0f0b
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2abfa9d1462e7914f86ed6ea6d28d4ab585b0f0b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180115/b2f9f9b7/attachment.html>
More information about the Secure-testing-commits
mailing list