[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sun Jan 28 09:10:22 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d22150e7 by security tracker role at 2018-01-28T09:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,9 @@
+CVE-2018-6360 (mpv through 0.28.0 allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-6359 (The decompileIF function (util/decompile.c) in libming through 0.4.8 is ...)
+	TODO: check
+CVE-2018-6358 (The printDefineFont2 function (util/listfdb.c) in libming through 0.4.8 ...)
+	TODO: check
 CVE-2018-6357 (The acx_asmw_saveorder_callback function in function.php in the ...)
 	TODO: check
 CVE-2018-6356
@@ -2688,25 +2694,25 @@ CVE-2018-5281 (SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 dev
 	NOT-FOR-US: SonicWall SonicOS
 CVE-2018-5280 (SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices ...)
 	NOT-FOR-US: SonicWall SonicOS
-CVE-2018-5279 (In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows ...)
+CVE-2018-5279 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5278 (In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows ...)
+CVE-2018-5278 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5277 (In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows ...)
+CVE-2018-5277 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5276 (In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows ...)
+CVE-2018-5276 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5275 (In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows ...)
+CVE-2018-5275 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5274 (In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows ...)
+CVE-2018-5274 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5273 (In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows ...)
+CVE-2018-5273 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5272 (In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows ...)
+CVE-2018-5272 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5271 (In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows ...)
+CVE-2018-5271 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5270 (In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows ...)
+CVE-2018-5270 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file ...)
 	NOT-FOR-US: Malwarebytes Premium
 CVE-2018-5269 (In OpenCV 3.3.1, an assertion failure happens in ...)
 	- opencv <unfixed> (bug #886675)
@@ -30687,6 +30693,7 @@ CVE-2017-12382
 CVE-2017-12381
 	RESERVED
 CVE-2017-12380 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ...)
+	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav <no-dsa> (clamav is updated via -updates)
 	[jessie] - clamav <no-dsa> (clamav is updated via -updates)
@@ -30694,6 +30701,7 @@ CVE-2017-12380 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ..
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11945
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/39c89d14a61aef2958b8ea64ade1be7a5faca897
 CVE-2017-12379 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ...)
+	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav <no-dsa> (clamav is updated via -updates)
 	[jessie] - clamav <no-dsa> (clamav is updated via -updates)
@@ -30701,6 +30709,7 @@ CVE-2017-12379 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ..
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11944
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/0604618374dc0dfd148b0ce7bf7a3d2b7528e66b
 CVE-2017-12378 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ...)
+	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav <no-dsa> (clamav is updated via -updates)
 	[jessie] - clamav <no-dsa> (clamav is updated via -updates)
@@ -30709,6 +30718,7 @@ CVE-2017-12378 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ..
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/292d6878fa3e7fd2ab0f7275a78190639ad116d4
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/0cf813f835e48ab0f94dd54200ceba0dc25fa1c4
 CVE-2017-12377 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ...)
+	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav <no-dsa> (clamav is updated via -updates)
 	[jessie] - clamav <no-dsa> (clamav is updated via -updates)
@@ -30717,6 +30727,7 @@ CVE-2017-12377 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ..
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/38da4800bfb2d6b13579950b6543302d13e3015c
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/e887f113242ffcb0ea8735c3f567c6be77f382d6
 CVE-2017-12376 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ...)
+	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav <no-dsa> (clamav is updated via -updates)
 	[jessie] - clamav <no-dsa> (clamav is updated via -updates)
@@ -30724,6 +30735,7 @@ CVE-2017-12376 (ClamAV AntiVirus software versions 0.99.2 and prior contain a ..
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11942
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/c8ba4ae2e47a4f49add3e85ef7041b166be6bfdb
 CVE-2017-12375 (The ClamAV AntiVirus software versions 0.99.2 and prior contain a ...)
+	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav <no-dsa> (clamav is updated via -updates)
 	[jessie] - clamav <no-dsa> (clamav is updated via -updates)
@@ -30731,6 +30743,7 @@ CVE-2017-12375 (The ClamAV AntiVirus software versions 0.99.2 and prior contain 
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11940
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/d1100be31a567718ce7c7dd6e6c632eddab55209
 CVE-2017-12374 (The ClamAV AntiVirus software versions 0.99.2 and prior contain a ...)
+	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav <no-dsa> (clamav is updated via -updates)
 	[jessie] - clamav <no-dsa> (clamav is updated via -updates)
@@ -49059,7 +49072,7 @@ CVE-2017-6422
 CVE-2017-6421 (In the touch controller function in all Qualcomm products with Android ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-6420 (The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows ...)
-	{DLA-1105-1}
+	{DLA-1261-1 DLA-1105-1}
 	- clamav 0.99.3~beta1+dfsg-1
 	[stretch] - clamav <no-dsa> (Gets updated via -updates)
 	[jessie] - clamav <no-dsa> (Gets updated via -updates)
@@ -49078,7 +49091,7 @@ CVE-2017-6419 (mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, al
 	NOTE: src:clamav source package.
 	NOTE: libmspack: https://github.com/kyz/libmspack/commit/6139a0b9e93fcb7fcf423e56aa825bc869e02229
 CVE-2017-6418 (libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a ...)
-	{DLA-1105-1}
+	{DLA-1261-1 DLA-1105-1}
 	- clamav 0.99.3~beta1+dfsg-1
 	[stretch] - clamav <no-dsa> (Gets updated via -updates)
 	[jessie] - clamav <no-dsa> (Gets updated via -updates)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d22150e79b8ffafed92170ac6329bdea80701f4c

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d22150e79b8ffafed92170ac6329bdea80701f4c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180128/08a50fa0/attachment-0001.html>

More information about the Secure-testing-commits mailing list