[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Tue Jan 30 09:10:23 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
14f4ffc6 by security tracker role at 2018-01-30T09:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,21 @@
+CVE-2018-6402
+	RESERVED
+CVE-2018-6401
+	RESERVED
+CVE-2018-6400
+	RESERVED
+CVE-2018-6399
+	RESERVED
+CVE-2018-6398
+	RESERVED
+CVE-2018-6397
+	RESERVED
+CVE-2018-6396
+	RESERVED
+CVE-2018-6395
+	RESERVED
+CVE-2018-6394
+	RESERVED
 CVE-2018-6393 (FreePBX 10.13.66-32bit allows post-authentication SQL injection via the ...)
 	NOT-FOR-US: FreePBX
 CVE-2018-6392 (The filter_slice function in libavfilter/vf_transpose.c in FFmpeg ...)
@@ -20,8 +38,8 @@ CVE-2018-6384
 	RESERVED
 CVE-2018-6383 (Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-6382
-	RESERVED
+CVE-2018-6382 (MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via ...)
+	TODO: check
 CVE-2018-6381 (In ZZIPlib 0.13.67, there is a segmentation fault caused by invalid ...)
 	- zziplib <unfixed>
 	NOTE: https://github.com/gdraheim/zziplib/issues/12
@@ -1060,7 +1078,7 @@ CVE-2018-5998
 CVE-2018-5997 (An issue was discovered in the HTTP Server in RAVPower Filehub ...)
 	NOT-FOR-US: RAVPower Filehub
 CVE-2018-1000007 (libcurl 7.1 through 7.57.0 might accidentally leak authentication data ...)
-	{DSA-4098-1}
+	{DSA-4098-1 DLA-1263-1}
 	- curl 7.58.0-1
 	NOTE: https://curl.haxx.se/docs/adv_2018-b3bf.html
 	NOTE: Patch: https://github.com/curl/curl/commit/af32cd3859336ab.patch



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/14f4ffc64e756cce1f2707b6afac8fe69b9aaab8

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/14f4ffc64e756cce1f2707b6afac8fe69b9aaab8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180130/718ac7e4/attachment.html>

More information about the Secure-testing-commits mailing list