[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Tue Jul 10 21:10:26 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c711b89a by security tracker role at 2018-07-10T20:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,4 +1,128 @@
-CVE-2018-13797 [node macaddress command injection]
+CVE-2018-13857
+ RESERVED
+CVE-2018-13856
+ RESERVED
+CVE-2018-13855
+ RESERVED
+CVE-2018-13854
+ RESERVED
+CVE-2018-13853
+ RESERVED
+CVE-2018-13852
+ RESERVED
+CVE-2018-13851
+ RESERVED
+CVE-2018-13850 (The "Firebase Cloud Messaging (FCM) + Advance Admin Panel" component ...)
+ TODO: check
+CVE-2018-13849 (edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XSS ...)
+ TODO: check
+CVE-2018-13848 (An issue has been found in Bento4 1.5.1-624. It is a SEGV in ...)
+ TODO: check
+CVE-2018-13847 (An issue has been found in Bento4 1.5.1-624. It is a SEGV in ...)
+ TODO: check
+CVE-2018-13846 (An issue has been found in Bento4 1.5.1-624. ...)
+ TODO: check
+CVE-2018-13845 (An issue has been found in HTSlib 1.8. It is a buffer over-read in ...)
+ TODO: check
+CVE-2018-13844 (An issue has been found in HTSlib 1.8. It is a memory leak in fai_read ...)
+ TODO: check
+CVE-2018-13843 (An issue has been found in HTSlib 1.8. It is a memory leak in ...)
+ TODO: check
+CVE-2018-13842
+ RESERVED
+CVE-2018-13841
+ RESERVED
+CVE-2018-13840
+ RESERVED
+CVE-2018-13839
+ RESERVED
+CVE-2018-13838
+ RESERVED
+CVE-2018-13837
+ RESERVED
+CVE-2018-13836
+ RESERVED
+CVE-2018-13835
+ RESERVED
+CVE-2018-13834
+ RESERVED
+CVE-2018-13833 (An issue was discovered in cmft through 2017-09-24. The ...)
+ TODO: check
+CVE-2018-13832
+ RESERVED
+CVE-2018-13831
+ RESERVED
+CVE-2018-13830
+ RESERVED
+CVE-2018-13829
+ RESERVED
+CVE-2018-13828
+ RESERVED
+CVE-2018-13827
+ RESERVED
+CVE-2018-13826
+ RESERVED
+CVE-2018-13825
+ RESERVED
+CVE-2018-13824
+ RESERVED
+CVE-2018-13823
+ RESERVED
+CVE-2018-13822
+ RESERVED
+CVE-2018-13821
+ RESERVED
+CVE-2018-13820
+ RESERVED
+CVE-2018-13819
+ RESERVED
+CVE-2018-13818 (Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the ...)
+ TODO: check
+CVE-2018-13817
+ RESERVED
+CVE-2018-13816
+ RESERVED
+CVE-2018-13815
+ RESERVED
+CVE-2018-13814
+ RESERVED
+CVE-2018-13813
+ RESERVED
+CVE-2018-13812
+ RESERVED
+CVE-2018-13811
+ RESERVED
+CVE-2018-13810
+ RESERVED
+CVE-2018-13809
+ RESERVED
+CVE-2018-13808
+ RESERVED
+CVE-2018-13807
+ RESERVED
+CVE-2018-13806
+ RESERVED
+CVE-2018-13805
+ RESERVED
+CVE-2018-13804
+ RESERVED
+CVE-2018-13803
+ RESERVED
+CVE-2018-13802
+ RESERVED
+CVE-2018-13801
+ RESERVED
+CVE-2018-13800
+ RESERVED
+CVE-2018-13799
+ RESERVED
+CVE-2018-13798
+ RESERVED
+CVE-2018-13796
+ RESERVED
+CVE-2016-10726 (The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before ...)
+ TODO: check
+CVE-2018-13797 (The macaddress module before 0.2.9 for Node.js is prone to an arbitrary ...)
- node-macaddress 0.2.9-1 (unimportant)
NOTE: https://github.com/scravy/node-macaddress/pull/20
NOTE: nodejs not covered by security support
@@ -864,10 +988,10 @@ CVE-2018-13391
RESERVED
CVE-2018-13390
RESERVED
-CVE-2018-13389
- RESERVED
-CVE-2018-13388
- RESERVED
+CVE-2018-13389 (The attachment resource in Atlassian Confluence before version 6.6.1 ...)
+ TODO: check
+CVE-2018-13388 (The review attachment resource in Atlassian Fisheye and Crucible ...)
+ TODO: check
CVE-2018-13387
RESERVED
CVE-2018-13386
@@ -3129,10 +3253,10 @@ CVE-2018-12464 (A SQL injection vulnerability in the web administration and quar
NOT-FOR-US: Micro Focus
CVE-2018-12463
RESERVED
-CVE-2018-12462
- RESERVED
-CVE-2018-12461
- RESERVED
+CVE-2018-12462 (NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities. ...)
+ TODO: check
+CVE-2018-12461 (Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking ...)
+ TODO: check
CVE-2018-12460 (libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the ...)
[experimental] - ffmpeg <unfixed> (low)
- ffmpeg <not-affected> (Introduced after 3.4)
@@ -3830,8 +3954,8 @@ CVE-2018-12234
RESERVED
CVE-2018-12231
RESERVED
-CVE-2018-12230
- RESERVED
+CVE-2018-12230 (An wrong logical check identified in the transferFrom function of a ...)
+ TODO: check
CVE-2018-12229 (Cross-site scripting (XSS) vulnerability in Public Knowledge Project ...)
NOT-FOR-US: Public Knowledge Project (PKP) Open Journal System (OJS)
CVE-2017-18291 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ...)
@@ -7124,8 +7248,8 @@ CVE-2018-10945 (The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows
NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
CVE-2018-10944 (The request_dividend function of a smart contract implementation for ...)
NOT-FOR-US: Rasputin Online Coin
-CVE-2018-10943
- RESERVED
+CVE-2018-10943 (An issue was discovered on Barco ClickShare CSE-200 and CS-100 Base ...)
+ TODO: check
CVE-2018-10942 (modules/attributewizardpro/file_upload.php in the Attribute Wizard ...)
NOT-FOR-US: Attribute Wizard addon for PrestaShop
CVE-2018-10941
@@ -7234,18 +7358,16 @@ CVE-2018-10893 [Insufficient encoding checks for LZ can cause different integer/
CVE-2018-10892 (The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby ...)
- docker.io <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1598581
-CVE-2018-10891
- RESERVED
-CVE-2018-10890
- RESERVED
-CVE-2018-10889
- RESERVED
-CVE-2018-10888 [an improper input validation leads to an out-of-bound read in git_delta_apply, allowing to read beyond delta limits]
- RESERVED
+CVE-2018-10891 (A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, ...)
+ TODO: check
+CVE-2018-10890 (A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, ...)
+ TODO: check
+CVE-2018-10889 (A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7. No ...)
+ TODO: check
+CVE-2018-10888 (A flaw was found in libgit2 before version 0.27.3. A missing check in ...)
- libgit2 <unfixed> (bug #903508)
NOTE: https://github.com/libgit2/libgit2/commit/9844d38bed10e9ff17174434b3421b227ae710f3
-CVE-2018-10887 [integer overflow leads to out-of-bounds read in git_delta_apply, allowing to read before base array]
- RESERVED
+CVE-2018-10887 (A flaw was found in libgit2 before version 0.27.3. It has been ...)
- libgit2 <unfixed>
NOTE: https://github.com/libgit2/libgit2/commit/3f461902dc1072acb8b7607ee65d0a0458ffac2a
NOTE: https://github.com/libgit2/libgit2/commit/c1577110467b701dcbcf9439ac225ea851b47d22
@@ -7302,8 +7424,8 @@ CVE-2018-10874 (In ansible it was found that inventory variables are loaded from
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596528
CVE-2018-10873
RESERVED
-CVE-2018-10872
- RESERVED
+CVE-2018-10872 (A flaw was found in the way the Linux kernel handled exceptions ...)
+ TODO: check
CVE-2018-10871
RESERVED
- 389-ds-base <unfixed>
@@ -7333,8 +7455,7 @@ CVE-2018-10863
CVE-2018-10862
RESERVED
- wildfly <itp> (bug #752018)
-CVE-2018-10861 [ceph-mon does not perform authorization on OSD pool ops]
- RESERVED
+CVE-2018-10861 (A flaw was found in the way ceph mon handles user requests. Any ...)
- ceph <unfixed>
NOTE: http://tracker.ceph.com/issues/24838
NOTE: https://github.com/ceph/ceph/commit/975528f632f73fbffa3f1fee304e3bbe3296cffc
@@ -9893,8 +10014,8 @@ CVE-2018-9855
RESERVED
CVE-2018-9854
RESERVED
-CVE-2018-9853
- RESERVED
+CVE-2018-9853 (Insecure access control in freeSSHd version 1.3.1 allows attackers to ...)
+ TODO: check
CVE-2018-9852 (In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows ...)
NOT-FOR-US: Gxlcms QY
CVE-2018-9851 (In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\TplAction.class.php allows ...)
@@ -14971,11 +15092,12 @@ CVE-2018-7779 (In Schneider Electric Wiser for KNX V2.1.0 and prior, homeLYnk V2
NOT-FOR-US: Schneider
CVE-2018-7778 (In Schneider Electric Evlink Charging Station versions prior to ...)
NOT-FOR-US: Schneider
-CVE-2018-7777 (In Schneider Electric U.motion Builder software versions prior to ...)
+CVE-2018-7777 (The vulnerability is due to insufficient handling of update_file ...)
NOT-FOR-US: Schneider
-CVE-2018-7776 (The vulnerability is due to insufficient handling of update_file ...)
+CVE-2018-7776 (The vulnerability exists within error.php in Schneider Electric ...)
NOT-FOR-US: Schneider
-CVE-2018-7775 (The vulnerability exists within error.php in Schneider Electric ...)
+CVE-2018-7775
+ REJECTED
NOT-FOR-US: Schneider
CVE-2018-7774 (The vulnerability exists within processing of localize.php in ...)
NOT-FOR-US: Schneider
@@ -16998,7 +17120,7 @@ CVE-2017-18191 (An issue was discovered in OpenStack Nova 15.x through 15.1.0 an
[wheezy] - nova <end-of-life> (Not supported in Wheezy)
NOTE: https://launchpad.net/bugs/1739593
NOTE: https://review.openstack.org/539893
-CVE-2015-9253 (An issue was discovered in PHP through 7.2.2. The php-fpm master ...)
+CVE-2015-9253 (An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before ...)
- php7.2 <unfixed> (unimportant)
- php7.1 <unfixed> (unimportant)
- php7.0 <unfixed> (unimportant)
@@ -18727,7 +18849,8 @@ CVE-2018-6621 (The decode_frame function in libavcodec/utvideodec.c in FFmpeg th
[stretch] - ffmpeg <postponed> (Wait for next 3.2.x release)
- libav <undetermined>
NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/118e1b0b3370dd1c0da442901b486689efd1654b
-CVE-2018-6620 (Odoo does not require authentication to be configured for a Backup ...)
+CVE-2018-6620
+ REJECTED
NOT-FOR-US: Odoo
CVE-2018-6619 (Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for ...)
NOT-FOR-US: Easy Hosting Control Panel (EHCP)
@@ -22232,8 +22355,8 @@ CVE-2018-5555
RESERVED
CVE-2018-5554
RESERVED
-CVE-2018-5553
- RESERVED
+CVE-2018-5553 (The Crestron Console service running on DGE-100, DM-DGE-200-C, and ...)
+ TODO: check
CVE-2018-5552 (Versions of DocuTrac QuicDoc and Office Therapy that ship with ...)
NOT-FOR-US: DocuTrac QuicDoc and Office Therapy
CVE-2018-5551 (Versions of DocuTrac QuicDoc and Office Therapy that ship with ...)
@@ -30765,34 +30888,34 @@ CVE-2018-2442
RESERVED
CVE-2018-2441
RESERVED
-CVE-2018-2440
- RESERVED
-CVE-2018-2439
- RESERVED
-CVE-2018-2438
- RESERVED
-CVE-2018-2437
- RESERVED
-CVE-2018-2436
- RESERVED
-CVE-2018-2435
- RESERVED
-CVE-2018-2434
- RESERVED
-CVE-2018-2433
- RESERVED
-CVE-2018-2432
- RESERVED
-CVE-2018-2431
- RESERVED
+CVE-2018-2440 (Under certain circumstances SAP Dynamic Authorization Management (DAM) ...)
+ TODO: check
+CVE-2018-2439 (The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, ...)
+ TODO: check
+CVE-2018-2438 (The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, ...)
+ TODO: check
+CVE-2018-2437 (The SAP Internet Graphics Service (IGS), 7.20, 7.20EXT, 7.45, 7.49, ...)
+ TODO: check
+CVE-2018-2436 (Executing transaction WRCK in SAP R/3 Enterprise Retail (EHP6) does ...)
+ TODO: check
+CVE-2018-2435 (SAP NetWeaver Enterprise Portal from 7.0 to 7.02, 7.11, 7.20, 7.30, ...)
+ TODO: check
+CVE-2018-2434 (A content spoofing vulnerability in the following components allows to ...)
+ TODO: check
+CVE-2018-2433 (SAP Gateway (SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 ...)
+ TODO: check
+CVE-2018-2432 (SAP BusinessObjects Business Intelligence (BI Launchpad and Central ...)
+ TODO: check
+CVE-2018-2431 (SAP BusinessObjects Business Intelligence Suite, versions 4.10 and ...)
+ TODO: check
CVE-2018-2430
RESERVED
CVE-2018-2429
RESERVED
CVE-2018-2428 (Under certain conditions SAP UI5 Handler allows an attacker to access ...)
NOT-FOR-US: SAP
-CVE-2018-2427
- RESERVED
+CVE-2018-2427 (SAP BusinessObjects Business Intelligence Suite, versions 4.10 and ...)
+ TODO: check
CVE-2018-2426
RESERVED
CVE-2018-2425 (Under certain conditions, SAP Business One, 9.2, 9.3, for SAP HANA ...)
@@ -32560,8 +32683,8 @@ CVE-2018-1568
RESERVED
CVE-2018-1567
RESERVED
-CVE-2018-1566
- RESERVED
+CVE-2018-1566 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+ TODO: check
CVE-2018-1565 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
NOT-FOR-US: IBM
CVE-2018-1564
@@ -32594,8 +32717,8 @@ CVE-2018-1551
RESERVED
CVE-2018-1550
RESERVED
-CVE-2018-1549
- RESERVED
+CVE-2018-1549 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
+ TODO: check
CVE-2018-1548 (IBM API Connect 2018.1.0.0, 2018.2.1, 2018.2.2, 2018.2.3, and 2018.2.4 ...)
NOT-FOR-US: IBM
CVE-2018-1547 (IBM Robotic Process Automation with Automation Anywhere 10.0 could ...)
@@ -32646,12 +32769,12 @@ CVE-2018-1525
RESERVED
CVE-2018-1524
RESERVED
-CVE-2018-1523
- RESERVED
+CVE-2018-1523 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
+ TODO: check
CVE-2018-1522
RESERVED
-CVE-2018-1521
- RESERVED
+CVE-2018-1521 (IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are ...)
+ TODO: check
CVE-2018-1520
RESERVED
CVE-2018-1519
@@ -32708,8 +32831,8 @@ CVE-2018-1494 (IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 thr
NOT-FOR-US: IBM
CVE-2018-1493
RESERVED
-CVE-2018-1492
- RESERVED
+CVE-2018-1492 (IBM Jazz Foundation products could allow a user with physical access ...)
+ TODO: check
CVE-2018-1491
RESERVED
CVE-2018-1490
@@ -32718,8 +32841,8 @@ CVE-2018-1489
RESERVED
CVE-2018-1488 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 ...)
NOT-FOR-US: IBM
-CVE-2018-1487
- RESERVED
+CVE-2018-1487 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+ TODO: check
CVE-2018-1486
RESERVED
CVE-2018-1485
@@ -32776,8 +32899,8 @@ CVE-2018-1460 (IBM Netezza Platform Software (IBM PureData System for Analytics
NOT-FOR-US: IBM
CVE-2018-1459 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
NOT-FOR-US: IBM
-CVE-2018-1458
- RESERVED
+CVE-2018-1458 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+ TODO: check
CVE-2018-1457 (An undisclosed vulnerability in IBM Rational DOORS 9.5.1 through ...)
NOT-FOR-US: IBM
CVE-2018-1456 (IBM Rhapsody DM 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable ...)
@@ -32846,8 +32969,8 @@ CVE-2018-1425 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses wea
NOT-FOR-US: IBM Security Guardium Big Data Intelligence
CVE-2018-1424
RESERVED
-CVE-2018-1423
- RESERVED
+CVE-2018-1423 (IBM Jazz Foundation products could disclose sensitive information to ...)
+ TODO: check
CVE-2018-1422
RESERVED
CVE-2018-1421 (IBM WebSphere DataPower Appliances 7.1, 7.2, 7.5, 7.5.1, 7.5.2, and ...)
@@ -32876,10 +32999,10 @@ CVE-2018-1410 (IBM Notes Diagnostics (IBM Client Application Access and IBM Note
NOT-FOR-US: IBM Notes Diagnostics
CVE-2018-1409 (IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) ...)
NOT-FOR-US: IBM Notes Diagnostics
-CVE-2018-1408
- RESERVED
-CVE-2018-1407
- RESERVED
+CVE-2018-1408 (IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are ...)
+ TODO: check
+CVE-2018-1407 (IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are ...)
+ TODO: check
CVE-2018-1406
RESERVED
CVE-2018-1405
@@ -32900,8 +33023,8 @@ CVE-2018-1398
RESERVED
CVE-2018-1397
RESERVED
-CVE-2018-1396
- RESERVED
+CVE-2018-1396 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
+ TODO: check
CVE-2018-1395
RESERVED
CVE-2018-1394
@@ -33672,8 +33795,8 @@ CVE-2018-1339 (A carefully crafted (or fuzzed) file can trigger an infinite loop
CVE-2018-1338 (A carefully crafted (or fuzzed) file can trigger an infinite loop in ...)
- tika <not-affected> (BGP parser introduced in 1.7)
NOTE: http://www.openwall.com/lists/oss-security/2018/04/25/6
-CVE-2018-1337
- RESERVED
+CVE-2018-1337 (In Apache LDAP API before 1.0.2, a bug in the way the SSL Filter was ...)
+ TODO: check
CVE-2018-1336
RESERVED
CVE-2018-1335 (From Apache Tika versions 1.7 to 1.17, clients could send carefully ...)
@@ -33685,8 +33808,8 @@ CVE-2018-1333
REJECTED
CVE-2018-1332 (Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version ...)
NOT-FOR-US: Apache Storm
-CVE-2018-1331
- RESERVED
+CVE-2018-1331 (In Apache Storm 0.10.0 through 0.10.2, 1.0.0 through 1.0.6, 1.1.0 ...)
+ TODO: check
CVE-2018-1330
RESERVED
CVE-2018-1329
@@ -34443,13 +34566,11 @@ CVE-2018-1130 (Linux kernel before version 4.16-rc7 is vulnerable to a null poin
{DLA-1392-1}
- linux 4.15.17-1
NOTE: Fixed by: https://git.kernel.org/linus/67f93df79aeefc3add4e4b31a752600f834236e2
-CVE-2018-1129 [cephx uses weak signatures]
- RESERVED
+CVE-2018-1129 (A flaw was found in the way signature calculation was handled by cephx ...)
- ceph <unfixed>
NOTE: http://tracker.ceph.com/issues/24837
NOTE: https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587
-CVE-2018-1128 [cephx protocol is vulnerable to replay attack]
- RESERVED
+CVE-2018-1128 (It was found that cephx authentication protocol did not verify ceph ...)
- ceph <unfixed>
NOTE: http://tracker.ceph.com/issues/24836
NOTE: https://github.com/ceph/ceph/commit/5ead97120e07054d80623dada90a5cc764c28468
@@ -34510,8 +34631,8 @@ CVE-2018-1118 (Linux kernel vhost since version 4.8 does not properly initialize
NOTE: Fixed by: https://git.kernel.org/linus/670ae9caaca467ea1bfd325cb2a5c98ba87f94ad
CVE-2018-1117 (ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a ...)
NOT-FOR-US: ovirt-ansible-roles
-CVE-2018-1116
- RESERVED
+CVE-2018-1116 (A flaw was found in polkit before version 0.116. The implementation of ...)
+ TODO: check
CVE-2018-1115 (postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack ...)
- postgresql-10 10.4-1
- postgresql-9.6 <removed>
@@ -84211,12 +84332,12 @@ CVE-2017-1795 (IBM WebSphere MQ 7.5, 8.0, and 9.0 through 9.0.4 could allow a lo
NOT-FOR-US: IBM WebSphere MQ
CVE-2017-1794
RESERVED
-CVE-2017-1793
- RESERVED
-CVE-2017-1792
- RESERVED
-CVE-2017-1791
- RESERVED
+CVE-2017-1793 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
+ TODO: check
+CVE-2017-1792 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
+ TODO: check
+CVE-2017-1791 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
+ TODO: check
CVE-2017-1790 (IBM DOORS Next Generation (DNG/RRC) 5.0, 5.0.1, 5.0.2, and 6.0 through ...)
NOT-FOR-US: IBM DOORS Next Generation
CVE-2017-1789 (IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an ...)
@@ -84321,8 +84442,8 @@ CVE-2017-1740 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, a
NOT-FOR-US: IBM Curam Social Program Management
CVE-2017-1739 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 is ...)
NOT-FOR-US: IBM Curam Social Program Management
-CVE-2017-1738
- RESERVED
+CVE-2017-1738 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
+ TODO: check
CVE-2017-1737
RESERVED
CVE-2017-1736
@@ -84339,8 +84460,8 @@ CVE-2017-1731 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could pro
NOT-FOR-US: IBM WebSphere Application Server
CVE-2017-1730
RESERVED
-CVE-2017-1729
- RESERVED
+CVE-2017-1729 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
+ TODO: check
CVE-2017-1728
RESERVED
CVE-2017-1727 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 discloses sensitive ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c711b89ad63f1af3f7d3542def67b6693d8d0ea2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c711b89ad63f1af3f7d3542def67b6693d8d0ea2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180710/b78ed963/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list