[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Wed Jul 18 21:10:25 BST 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9f0f6264 by security tracker role at 2018-07-18T20:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,23 @@
+CVE-2018-14389 (joyplus-cms 1.6.0 has SQL Injection via the manager/admin_ajax.php val ...)
+	TODO: check
+CVE-2018-14388 (joyplus-cms 1.6.0 has XSS via the manager/admin_ajax.php ...)
+	TODO: check
+CVE-2018-14387 (An issue was discovered in WonderCMS before 2.5.2. An attacker can ...)
+	TODO: check
+CVE-2018-14386
+	RESERVED
+CVE-2018-14385
+	RESERVED
+CVE-2018-14384
+	RESERVED
+CVE-2018-14383
+	RESERVED
+CVE-2018-14382 (InstantCMS 2.10.1 has /redirect?url= XSS. ...)
+	TODO: check
+CVE-2018-14381 (Pagekit before 1.0.14 has a /user/login?redirect= open redirect ...)
+	TODO: check
+CVE-2018-14380 (In Graylog before 2.4.6, XSS was possible in typeahead components, ...)
+	TODO: check
 CVE-2018-14379 (MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the ...)
 	- mp4v2 <unfixed>
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/17/1
@@ -23,8 +43,8 @@ CVE-2018-14373 (An issue was discovered in LibTIFF 4.0.9. In TIFFFindField in ..
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2801
 CVE-2018-14372
 	RESERVED
-CVE-2018-14371
-	RESERVED
+CVE-2018-14371 (The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra ...)
+	TODO: check
 CVE-2018-14370
 	RESERVED
 CVE-2018-14369
@@ -37,8 +57,7 @@ CVE-2018-14366
 	RESERVED
 CVE-2018-14365
 	RESERVED
-CVE-2018-14364 [Remote Code Execution Vulnerability in GitLab Projects Import]
-	RESERVED
+CVE-2018-14364 (GitLab Community and Enterprise Edition before 10.7.7, 10.8.x before ...)
 	- gitlab <unfixed> (bug #904026)
 	NOTE: https://about.gitlab.com/2018/07/17/critical-security-release-gitlab-11-dot-0-dot-4-released/
 CVE-2018-14363 (An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not ...)
@@ -661,8 +680,8 @@ CVE-2018-14084 (An issue was discovered in a smart contract implementation for M
 	NOT-FOR-US: smart contract implementation for MKCB
 CVE-2018-14083
 	RESERVED
-CVE-2018-14082
-	RESERVED
+CVE-2018-14082 (PHP Scripts Mall JOB SITE (aka Job Portal) 3.0.1 has Cross-site ...)
+	TODO: check
 CVE-2018-14081
 	RESERVED
 CVE-2018-14080
@@ -4689,8 +4708,8 @@ CVE-2018-12431 (SeaCMS V6.61 has XSS via the site name parameter on an ...)
 	NOT-FOR-US: SeaCMS
 CVE-2018-12430
 	REJECTED
-CVE-2018-12429
-	RESERVED
+CVE-2018-12429 (JEESNS through 1.2.1 allows XSS attacks by ordinary users who publish ...)
+	TODO: check
 CVE-2018-12428
 	RESERVED
 CVE-2018-12427
@@ -7188,6 +7207,7 @@ CVE-2018-11440 (Liblouis 3.5.0 has a stack-based Buffer Overflow in the function
 	NOTE: https://github.com/liblouis/liblouis/issues/575
 	NOTE: https://github.com/liblouis/liblouis/commit/4417bad83df4481ed58419b28c5c91b9649e2a86
 CVE-2018-11439 (The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in ...)
+	{DLA-1430-1}
 	- taglib <unfixed> (bug #903847)
 	[stretch] - taglib <no-dsa> (Minor issue)
 	NOTE: PoC: http://seclists.org/fulldisclosure/2018/May/49
@@ -8693,8 +8713,7 @@ CVE-2018-10878
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199865
-CVE-2018-10877
-	RESERVED
+CVE-2018-10877 (Linux kernel ext4 filesystem is vulnerable to an out-of-bound access ...)
 	{DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
@@ -8720,8 +8739,7 @@ CVE-2018-10873
 CVE-2018-10872 (A flaw was found in the way the Linux kernel handled exceptions ...)
 	- linux <not-affected> (Red Hat specific CVE-2018-8897 regression in RHEL 6.10)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596094
-CVE-2018-10871
-	RESERVED
+CVE-2018-10871 (389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a ...)
 	- 389-ds-base <unfixed>
 	NOTE: https://pagure.io/389-ds-base/issue/49789
 CVE-2018-10870
@@ -9394,8 +9412,8 @@ CVE-2018-10618
 	RESERVED
 CVE-2018-10617 (Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 ...)
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation DOPSoft
-CVE-2018-10616
-	RESERVED
+CVE-2018-10616 (ABB Panel Builder 800 all versions has an improper input validation ...)
+	TODO: check
 CVE-2018-10615 (Directory traversal may lead to files being exfiltrated or deleted on ...)
 	NOT-FOR-US: GE MDS PulseNET and MDS PulseNET Enterprise
 CVE-2018-10614
@@ -10471,7 +10489,7 @@ CVE-2018-10199 (In versions of mruby up to and including 1.4.0, a use-after-free
 	[jessie] - mruby <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/mruby/mruby/issues/4001
 	NOTE: https://github.com/mruby/mruby/commit/b51b21fc63c9805862322551387d9036f2b63433
-CVE-2018-10193 (LogMeIn LastPass through 4.9.1 allows remote attackers to cause a ...)
+CVE-2018-10193 (LogMeIn LastPass through 4.15.0 allows remote attackers to cause a ...)
 	NOT-FOR-US: LogMeIn LastPass
 CVE-2018-10192 (IPVanish 3.0.11 for macOS suffers from a root privilege escalation ...)
 	NOT-FOR-US: IPVanish for macOS
@@ -15756,8 +15774,7 @@ CVE-2018-8043 (The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/297a6961ffb8ff4dc66c9fbf53b924bd1dda05d5
 	NOTE: Negligable security impact, only enabled on armhf
-CVE-2018-8042
-	RESERVED
+CVE-2018-8042 (Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential ...)
 	NOT-FOR-US: Apache Ambari
 CVE-2018-8041
 	RESERVED
@@ -15851,8 +15868,7 @@ CVE-2018-8012 (No authentication/authorization is enforced when a server attempt
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/21/6
 	NOTE: https://cwiki.apache.org/confluence/display/ZOOKEEPER/Server-Server+mutual+authentication
 	NOTE: https://issues.apache.org/jira/secure/attachment/12840904/ZOOKEEPER-1045-br-3-4.patch
-CVE-2018-8011
-	RESERVED
+CVE-2018-8011 (By specially crafting HTTP requests, the mod_md challenge handler ...)
 	- apache2 <unfixed>
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/18/2
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-8011
@@ -17240,8 +17256,8 @@ CVE-2018-7548 (In subst.c in zsh through 5.4.2, there is a NULL pointer derefere
 	NOTE: no security impact
 CVE-2018-7547 (lyadmin 1.x has XSS via the config[WEB_SITE_TITLE] parameter to the ...)
 	NOT-FOR-US: lyadmin
-CVE-2018-7546
-	RESERVED
+CVE-2018-7546 (wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 ...)
+	TODO: check
 CVE-2018-7545
 	RESERVED
 CVE-2017-18206 (In utils.c in zsh before 5.4, symlink expansion had a buffer overflow. ...)
@@ -20677,8 +20693,8 @@ CVE-2017-18105
 	RESERVED
 CVE-2017-18104
 	RESERVED
-CVE-2017-18103
-	RESERVED
+CVE-2017-18103 (The atlassian-http library, as used in various Atlassian products, ...)
+	TODO: check
 CVE-2017-18102 (The wiki markup component of atlassian-renderer from version 8.0.0 ...)
 	NOT-FOR-US: wiki markup component of atlassian-renderer
 CVE-2017-18101 (Various administrative external system import resources in Atlassian ...)
@@ -24574,8 +24590,8 @@ CVE-2018-5244 (In Xen 4.10, new infrastructure was introduced as part of an over
 	NOTE: https://xenbits.xen.org/xsa/advisory-253.html
 CVE-2018-5233 (Cross-site scripting (XSS) vulnerability in ...)
 	NOT-FOR-US: Grav CMS admin plugin
-CVE-2018-5232
-	RESERVED
+CVE-2018-5232 (The EditIssue.jspa resource in Atlassian Jira before version 7.6.7 and ...)
+	TODO: check
 CVE-2018-5231 (The ForgotLoginDetails resource in Atlassian Jira before version ...)
 	NOT-FOR-US: Atlassian
 CVE-2018-5230 (The issue collector in Atlassian Jira before version 7.6.6, from ...)
@@ -30531,441 +30547,410 @@ CVE-2018-3107
 	RESERVED
 CVE-2018-3106
 	RESERVED
-CVE-2018-3105
-	RESERVED
-CVE-2018-3104
-	RESERVED
-CVE-2018-3103
-	RESERVED
-CVE-2018-3102
-	RESERVED
-CVE-2018-3101
-	RESERVED
-CVE-2018-3100
-	RESERVED
-CVE-2018-3099
-	RESERVED
-CVE-2018-3098
-	RESERVED
-CVE-2018-3097
-	RESERVED
-CVE-2018-3096
-	RESERVED
-CVE-2018-3095
-	RESERVED
-CVE-2018-3094
-	RESERVED
-CVE-2018-3093
-	RESERVED
-CVE-2018-3092
-	RESERVED
-CVE-2018-3091
-	RESERVED
+CVE-2018-3105 (Vulnerability in the Oracle SOA Suite component of Oracle Fusion ...)
+	TODO: check
+CVE-2018-3104 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+	TODO: check
+CVE-2018-3103 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+	TODO: check
+CVE-2018-3102 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+	TODO: check
+CVE-2018-3101 (Vulnerability in the Oracle WebCenter Portal component of Oracle ...)
+	TODO: check
+CVE-2018-3100 (Vulnerability in the Oracle Business Process Management Suite ...)
+	TODO: check
+CVE-2018-3099 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+	TODO: check
+CVE-2018-3098 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+	TODO: check
+CVE-2018-3097 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+	TODO: check
+CVE-2018-3096 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+	TODO: check
+CVE-2018-3095 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+	TODO: check
+CVE-2018-3094 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+	TODO: check
+CVE-2018-3093 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+	TODO: check
+CVE-2018-3092 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+	TODO: check
+CVE-2018-3091 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3090
-	RESERVED
+CVE-2018-3090 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3089
-	RESERVED
+CVE-2018-3089 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3088
-	RESERVED
+CVE-2018-3088 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3087
-	RESERVED
+CVE-2018-3087 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3086
-	RESERVED
+CVE-2018-3086 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3085
-	RESERVED
+CVE-2018-3085 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3084
-	RESERVED
+CVE-2018-3084 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+	TODO: check
 CVE-2018-3083
 	RESERVED
-CVE-2018-3082
-	RESERVED
-CVE-2018-3081
-	RESERVED
+CVE-2018-3082 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+	TODO: check
+CVE-2018-3081 (Vulnerability in the MySQL Client component of Oracle MySQL ...)
 	- mysql-5.7 <unfixed>
 	- mysql-5.5 <removed>
-CVE-2018-3080
-	RESERVED
-CVE-2018-3079
-	RESERVED
-CVE-2018-3078
-	RESERVED
-CVE-2018-3077
-	RESERVED
+CVE-2018-3080 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+	TODO: check
+CVE-2018-3079 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+	TODO: check
+CVE-2018-3078 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+	TODO: check
+CVE-2018-3077 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 <unfixed>
-CVE-2018-3076
-	RESERVED
-CVE-2018-3075
-	RESERVED
-CVE-2018-3074
-	RESERVED
-CVE-2018-3073
-	RESERVED
-CVE-2018-3072
-	RESERVED
-CVE-2018-3071
-	RESERVED
+CVE-2018-3076 (Vulnerability in the PeopleSoft Enterprise CS Financial Aid component ...)
+	TODO: check
+CVE-2018-3075 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+	TODO: check
+CVE-2018-3074 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+	TODO: check
+CVE-2018-3073 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+	TODO: check
+CVE-2018-3072 (Vulnerability in the PeopleSoft HRMS component of Oracle PeopleSoft ...)
+	TODO: check
+CVE-2018-3071 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 <unfixed>
-CVE-2018-3070
-	RESERVED
+CVE-2018-3070 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 <unfixed>
 	- mysql-5.5 <removed>
-CVE-2018-3069
-	RESERVED
-CVE-2018-3068
-	RESERVED
-CVE-2018-3067
-	RESERVED
-CVE-2018-3066
-	RESERVED
+CVE-2018-3069 (Vulnerability in the Oracle Agile Product Lifecycle Management for ...)
+	TODO: check
+CVE-2018-3068 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources ...)
+	TODO: check
+CVE-2018-3067 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
+	TODO: check
+CVE-2018-3066 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 <unfixed>
 	- mysql-5.5 <removed>
-CVE-2018-3065
-	RESERVED
+CVE-2018-3065 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 <unfixed>
-CVE-2018-3064
-	RESERVED
+CVE-2018-3064 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 <unfixed>
-CVE-2018-3063
-	RESERVED
+CVE-2018-3063 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <removed>
-CVE-2018-3062
-	RESERVED
+CVE-2018-3062 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 <unfixed>
-CVE-2018-3061
-	RESERVED
+CVE-2018-3061 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 <unfixed>
-CVE-2018-3060
-	RESERVED
+CVE-2018-3060 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 <unfixed>
 CVE-2018-3059
 	RESERVED
-CVE-2018-3058
-	RESERVED
+CVE-2018-3058 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 <unfixed>
 	- mysql-5.5 <removed>
-CVE-2018-3057
-	RESERVED
-CVE-2018-3056
-	RESERVED
+CVE-2018-3057 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+	TODO: check
+CVE-2018-3056 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 <unfixed>
-CVE-2018-3055
-	RESERVED
+CVE-2018-3055 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3054
-	RESERVED
+CVE-2018-3054 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 <unfixed>
-CVE-2018-3053
-	RESERVED
-CVE-2018-3052
-	RESERVED
-CVE-2018-3051
-	RESERVED
-CVE-2018-3050
-	RESERVED
-CVE-2018-3049
-	RESERVED
-CVE-2018-3048
-	RESERVED
-CVE-2018-3047
-	RESERVED
-CVE-2018-3046
-	RESERVED
-CVE-2018-3045
-	RESERVED
-CVE-2018-3044
-	RESERVED
-CVE-2018-3043
-	RESERVED
-CVE-2018-3042
-	RESERVED
-CVE-2018-3041
-	RESERVED
-CVE-2018-3040
-	RESERVED
-CVE-2018-3039
-	RESERVED
-CVE-2018-3038
-	RESERVED
-CVE-2018-3037
-	RESERVED
-CVE-2018-3036
-	RESERVED
-CVE-2018-3035
-	RESERVED
-CVE-2018-3034
-	RESERVED
-CVE-2018-3033
-	RESERVED
-CVE-2018-3032
-	RESERVED
-CVE-2018-3031
-	RESERVED
-CVE-2018-3030
-	RESERVED
-CVE-2018-3029
-	RESERVED
-CVE-2018-3028
-	RESERVED
-CVE-2018-3027
-	RESERVED
-CVE-2018-3026
-	RESERVED
-CVE-2018-3025
-	RESERVED
-CVE-2018-3024
-	RESERVED
-CVE-2018-3023
-	RESERVED
-CVE-2018-3022
-	RESERVED
-CVE-2018-3021
-	RESERVED
-CVE-2018-3020
-	RESERVED
-CVE-2018-3019
-	RESERVED
-CVE-2018-3018
-	RESERVED
-CVE-2018-3017
-	RESERVED
-CVE-2018-3016
-	RESERVED
-CVE-2018-3015
-	RESERVED
-CVE-2018-3014
-	RESERVED
-CVE-2018-3013
-	RESERVED
-CVE-2018-3012
-	RESERVED
+CVE-2018-3053 (Vulnerability in the Oracle Retail Customer Management and ...)
+	TODO: check
+CVE-2018-3052 (Vulnerability in the MICROS Relate CRM Software component of Oracle ...)
+	TODO: check
+CVE-2018-3051 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+	TODO: check
+CVE-2018-3050 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+	TODO: check
+CVE-2018-3049 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+	TODO: check
+CVE-2018-3048 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+	TODO: check
+CVE-2018-3047 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+	TODO: check
+CVE-2018-3046 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+	TODO: check
+CVE-2018-3045 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+	TODO: check
+CVE-2018-3044 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+	TODO: check
+CVE-2018-3043 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+	TODO: check
+CVE-2018-3042 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+	TODO: check
+CVE-2018-3041 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+	TODO: check
+CVE-2018-3040 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+	TODO: check
+CVE-2018-3039 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+	TODO: check
+CVE-2018-3038 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+	TODO: check
+CVE-2018-3037 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+	TODO: check
+CVE-2018-3036 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+	TODO: check
+CVE-2018-3035 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+	TODO: check
+CVE-2018-3034 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+	TODO: check
+CVE-2018-3033 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+	TODO: check
+CVE-2018-3032 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+	TODO: check
+CVE-2018-3031 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+	TODO: check
+CVE-2018-3030 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+	TODO: check
+CVE-2018-3029 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+	TODO: check
+CVE-2018-3028 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+	TODO: check
+CVE-2018-3027 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+	TODO: check
+CVE-2018-3026 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+	TODO: check
+CVE-2018-3025 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+	TODO: check
+CVE-2018-3024 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+	TODO: check
+CVE-2018-3023 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+	TODO: check
+CVE-2018-3022 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+	TODO: check
+CVE-2018-3021 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+	TODO: check
+CVE-2018-3020 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+	TODO: check
+CVE-2018-3019 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+	TODO: check
+CVE-2018-3018 (Vulnerability in the Oracle iStore component of Oracle E-Business ...)
+	TODO: check
+CVE-2018-3017 (Vulnerability in the Oracle CRM Technical Foundation component of ...)
+	TODO: check
+CVE-2018-3016 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+	TODO: check
+CVE-2018-3015 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+	TODO: check
+CVE-2018-3014 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+	TODO: check
+CVE-2018-3013 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+	TODO: check
+CVE-2018-3012 (Vulnerability in the Oracle Trade Management component of Oracle ...)
+	TODO: check
 CVE-2018-3011
 	RESERVED
-CVE-2018-3010
-	RESERVED
-CVE-2018-3009
-	RESERVED
-CVE-2018-3008
-	RESERVED
-CVE-2018-3007
-	RESERVED
-CVE-2018-3006
-	RESERVED
-CVE-2018-3005
-	RESERVED
+CVE-2018-3010 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+	TODO: check
+CVE-2018-3009 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+	TODO: check
+CVE-2018-3008 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+	TODO: check
+CVE-2018-3007 (Vulnerability in the Oracle Tuxedo component of Oracle Fusion ...)
+	TODO: check
+CVE-2018-3006 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+	TODO: check
+CVE-2018-3005 (Vulnerability in the Oracle VM VirtualBox component of Oracle ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3004
-	RESERVED
-CVE-2018-3003
-	RESERVED
-CVE-2018-3002
-	RESERVED
-CVE-2018-3001
-	RESERVED
-CVE-2018-3000
-	RESERVED
-CVE-2018-2999
-	RESERVED
-CVE-2018-2998
-	RESERVED
-CVE-2018-2997
-	RESERVED
-CVE-2018-2996
-	RESERVED
-CVE-2018-2995
-	RESERVED
-CVE-2018-2994
-	RESERVED
-CVE-2018-2993
-	RESERVED
-CVE-2018-2992
-	RESERVED
-CVE-2018-2991
-	RESERVED
-CVE-2018-2990
-	RESERVED
-CVE-2018-2989
-	RESERVED
-CVE-2018-2988
-	RESERVED
-CVE-2018-2987
-	RESERVED
-CVE-2018-2986
-	RESERVED
-CVE-2018-2985
-	RESERVED
-CVE-2018-2984
-	RESERVED
+CVE-2018-3004 (Vulnerability in the Java VM component of Oracle Database Server. ...)
+	TODO: check
+CVE-2018-3003 (Vulnerability in the Oracle Hospitality Cruise Fleet Management System ...)
+	TODO: check
+CVE-2018-3002 (Vulnerability in the Oracle Hospitality Cruise Fleet Management System ...)
+	TODO: check
+CVE-2018-3001 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property ...)
+	TODO: check
+CVE-2018-3000 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property ...)
+	TODO: check
+CVE-2018-2999 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+	TODO: check
+CVE-2018-2998 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+	TODO: check
+CVE-2018-2997 (Vulnerability in the Oracle Scripting component of Oracle E-Business ...)
+	TODO: check
+CVE-2018-2996 (Vulnerability in the Oracle Applications Manager component of Oracle ...)
+	TODO: check
+CVE-2018-2995 (Vulnerability in the Oracle iStore component of Oracle E-Business ...)
+	TODO: check
+CVE-2018-2994 (Vulnerability in the Oracle iStore component of Oracle E-Business ...)
+	TODO: check
+CVE-2018-2993 (Vulnerability in the Oracle CRM Technical Foundation component of ...)
+	TODO: check
+CVE-2018-2992 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
+	TODO: check
+CVE-2018-2991 (Vulnerability in the Oracle Trade Management component of Oracle ...)
+	TODO: check
+CVE-2018-2990 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+	TODO: check
+CVE-2018-2989 (Vulnerability in the Oracle iLearning component of Oracle iLearning ...)
+	TODO: check
+CVE-2018-2988 (Vulnerability in the Oracle Marketing component of Oracle E-Business ...)
+	TODO: check
+CVE-2018-2987 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+	TODO: check
+CVE-2018-2986 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+	TODO: check
+CVE-2018-2985 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+	TODO: check
+CVE-2018-2984 (Vulnerability in the Oracle Hospitality Cruise Fleet Management System ...)
+	TODO: check
 CVE-2018-2983
 	RESERVED
-CVE-2018-2982
-	RESERVED
-CVE-2018-2981
-	RESERVED
-CVE-2018-2980
-	RESERVED
-CVE-2018-2979
-	RESERVED
-CVE-2018-2978
-	RESERVED
-CVE-2018-2977
-	RESERVED
-CVE-2018-2976
-	RESERVED
-CVE-2018-2975
-	RESERVED
-CVE-2018-2974
-	RESERVED
-CVE-2018-2973
-	RESERVED
+CVE-2018-2982 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+	TODO: check
+CVE-2018-2981 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+	TODO: check
+CVE-2018-2980 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+	TODO: check
+CVE-2018-2979 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+	TODO: check
+CVE-2018-2978 (Vulnerability in the Oracle Hospitality Simphony component of Oracle ...)
+	TODO: check
+CVE-2018-2977 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+	TODO: check
+CVE-2018-2976 (Vulnerability in the Enterprise Manager Ops Center component of Oracle ...)
+	TODO: check
+CVE-2018-2975 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+	TODO: check
+CVE-2018-2974 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+	TODO: check
+CVE-2018-2973 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
 	- openjdk-7 <removed>
 	- openjdk-8 <unfixed>
 	- openjdk-10 <unfixed>
-CVE-2018-2972
-	RESERVED
+CVE-2018-2972 (Vulnerability in the Java SE component of Oracle Java SE ...)
 	- openjdk-10 10.0.2+13-1
 CVE-2018-2971
 	RESERVED
-CVE-2018-2970
-	RESERVED
-CVE-2018-2969
-	RESERVED
-CVE-2018-2968
-	RESERVED
-CVE-2018-2967
-	RESERVED
-CVE-2018-2966
-	RESERVED
-CVE-2018-2965
-	RESERVED
-CVE-2018-2964
-	RESERVED
+CVE-2018-2970 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+	TODO: check
+CVE-2018-2969 (Vulnerability in the Primavera Unifier component of Oracle ...)
+	TODO: check
+CVE-2018-2968 (Vulnerability in the Primavera Unifier component of Oracle ...)
+	TODO: check
+CVE-2018-2967 (Vulnerability in the Primavera Unifier component of Oracle ...)
+	TODO: check
+CVE-2018-2966 (Vulnerability in the Primavera Unifier component of Oracle ...)
+	TODO: check
+CVE-2018-2965 (Vulnerability in the Primavera Unifier component of Oracle ...)
+	TODO: check
+CVE-2018-2964 (Vulnerability in the Java SE component of Oracle Java SE ...)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-10 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2018-2963
-	RESERVED
-CVE-2018-2962
-	RESERVED
-CVE-2018-2961
-	RESERVED
-CVE-2018-2960
-	RESERVED
-CVE-2018-2959
-	RESERVED
-CVE-2018-2958
-	RESERVED
-CVE-2018-2957
-	RESERVED
-CVE-2018-2956
-	RESERVED
-CVE-2018-2955
-	RESERVED
-CVE-2018-2954
-	RESERVED
-CVE-2018-2953
-	RESERVED
-CVE-2018-2952
-	RESERVED
+CVE-2018-2963 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+	TODO: check
+CVE-2018-2962 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+	TODO: check
+CVE-2018-2961 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+	TODO: check
+CVE-2018-2960 (Vulnerability in the Primavera P6 Enterprise Project Portfolio ...)
+	TODO: check
+CVE-2018-2959 (Vulnerability in the Siebel UI Framework component of Oracle Siebel ...)
+	TODO: check
+CVE-2018-2958 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+	TODO: check
+CVE-2018-2957 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+	TODO: check
+CVE-2018-2956 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+	TODO: check
+CVE-2018-2955 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services ...)
+	TODO: check
+CVE-2018-2954 (Vulnerability in the Oracle Order Management component of Oracle ...)
+	TODO: check
+CVE-2018-2953 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
+	TODO: check
+CVE-2018-2952 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
 	- openjdk-7 <removed>
 	- openjdk-8 <unfixed>
 	- openjdk-10 10.0.2+13-1
-CVE-2018-2951
-	RESERVED
-CVE-2018-2950
-	RESERVED
-CVE-2018-2949
-	RESERVED
-CVE-2018-2948
-	RESERVED
-CVE-2018-2947
-	RESERVED
-CVE-2018-2946
-	RESERVED
-CVE-2018-2945
-	RESERVED
-CVE-2018-2944
-	RESERVED
-CVE-2018-2943
-	RESERVED
-CVE-2018-2942
-	RESERVED
+CVE-2018-2951 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+	TODO: check
+CVE-2018-2950 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+	TODO: check
+CVE-2018-2949 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+	TODO: check
+CVE-2018-2948 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+	TODO: check
+CVE-2018-2947 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+	TODO: check
+CVE-2018-2946 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+	TODO: check
+CVE-2018-2945 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+	TODO: check
+CVE-2018-2944 (Vulnerability in the JD Edwards EnterpriseOne Tools component of ...)
+	TODO: check
+CVE-2018-2943 (Vulnerability in the Oracle Fusion Middleware MapViewer component of ...)
+	TODO: check
+CVE-2018-2942 (Vulnerability in the Java SE component of Oracle Java SE ...)
 	- openjdk-7 <not-affected> (Windows-specific)
 	- openjdk-8 <not-affected> (Windows-specific)
-CVE-2018-2941
-	RESERVED
+CVE-2018-2941 (Vulnerability in the Java SE component of Oracle Java SE ...)
 	- openjfx <unfixed>
-CVE-2018-2940
-	RESERVED
+CVE-2018-2940 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
 	- openjdk-7 <removed>
 	- openjdk-8 <unfixed>
 	- openjdk-10 <unfixed>
-CVE-2018-2939
-	RESERVED
-CVE-2018-2938
-	RESERVED
+CVE-2018-2939 (Vulnerability in the Core RDBMS component of Oracle Database Server. ...)
+	TODO: check
+CVE-2018-2938 (Vulnerability in the Java SE component of Oracle Java SE ...)
 	- openjdk-7 <removed>
 	- openjdk-8 <unfixed>
-CVE-2018-2937
-	RESERVED
-CVE-2018-2936
-	RESERVED
-CVE-2018-2935
-	RESERVED
-CVE-2018-2934
-	RESERVED
+CVE-2018-2937 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+	TODO: check
+CVE-2018-2936 (Vulnerability in the Oracle Communications Messaging Server component ...)
+	TODO: check
+CVE-2018-2935 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+	TODO: check
+CVE-2018-2934 (Vulnerability in the Oracle Application Object Library component of ...)
+	TODO: check
 CVE-2018-2933
 	RESERVED
-CVE-2018-2932
-	RESERVED
+CVE-2018-2932 (Vulnerability in the Oracle SuperCluster Specific Software component ...)
+	TODO: check
 CVE-2018-2931
 	RESERVED
-CVE-2018-2930
-	RESERVED
-CVE-2018-2929
-	RESERVED
-CVE-2018-2928
-	RESERVED
-CVE-2018-2927
-	RESERVED
-CVE-2018-2926
-	RESERVED
-CVE-2018-2925
-	RESERVED
-CVE-2018-2924
-	RESERVED
-CVE-2018-2923
-	RESERVED
+CVE-2018-2930 (Vulnerability in the Solaris Cluster component of Oracle Sun Systems ...)
+	TODO: check
+CVE-2018-2929 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+	TODO: check
+CVE-2018-2928 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+	TODO: check
+CVE-2018-2927 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+	TODO: check
+CVE-2018-2926 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+	TODO: check
+CVE-2018-2925 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+	TODO: check
+CVE-2018-2924 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+	TODO: check
+CVE-2018-2923 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+	TODO: check
 CVE-2018-2922
 	RESERVED
-CVE-2018-2921
-	RESERVED
-CVE-2018-2920
-	RESERVED
-CVE-2018-2919
-	RESERVED
-CVE-2018-2918
-	RESERVED
-CVE-2018-2917
-	RESERVED
-CVE-2018-2916
-	RESERVED
-CVE-2018-2915
-	RESERVED
+CVE-2018-2921 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+	TODO: check
+CVE-2018-2920 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+	TODO: check
+CVE-2018-2919 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
+	TODO: check
+CVE-2018-2918 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+	TODO: check
+CVE-2018-2917 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+	TODO: check
+CVE-2018-2916 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+	TODO: check
+CVE-2018-2915 (Vulnerability in the Hyperion Data Relationship Management component ...)
+	TODO: check
 CVE-2018-2914
 	RESERVED
 CVE-2018-2913
@@ -30978,48 +30963,48 @@ CVE-2018-2910
 	RESERVED
 CVE-2018-2909
 	RESERVED
-CVE-2018-2908
-	RESERVED
-CVE-2018-2907
-	RESERVED
-CVE-2018-2906
-	RESERVED
-CVE-2018-2905
-	RESERVED
-CVE-2018-2904
-	RESERVED
-CVE-2018-2903
-	RESERVED
+CVE-2018-2908 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+	TODO: check
+CVE-2018-2907 (Vulnerability in the Hyperion Financial Reporting component of Oracle ...)
+	TODO: check
+CVE-2018-2906 (Vulnerability in the Hardware Management Pack component of Oracle Sun ...)
+	TODO: check
+CVE-2018-2905 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
+	TODO: check
+CVE-2018-2904 (Vulnerability in the Oracle Communications EAGLE LNP Application ...)
+	TODO: check
+CVE-2018-2903 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+	TODO: check
 CVE-2018-2902
 	RESERVED
-CVE-2018-2901
-	RESERVED
-CVE-2018-2900
-	RESERVED
-CVE-2018-2899
-	RESERVED
-CVE-2018-2898
-	RESERVED
-CVE-2018-2897
-	RESERVED
-CVE-2018-2896
-	RESERVED
-CVE-2018-2895
-	RESERVED
-CVE-2018-2894
-	RESERVED
-CVE-2018-2893
-	RESERVED
-CVE-2018-2892
-	RESERVED
-CVE-2018-2891
-	RESERVED
+CVE-2018-2901 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+	TODO: check
+CVE-2018-2900 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
+	TODO: check
+CVE-2018-2899 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of ...)
+	TODO: check
+CVE-2018-2898 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of ...)
+	TODO: check
+CVE-2018-2897 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral ...)
+	TODO: check
+CVE-2018-2896 (Vulnerability in the Oracle Banking Payments component of Oracle ...)
+	TODO: check
+CVE-2018-2895 (Vulnerability in the Oracle Banking Corporate Lending component of ...)
+	TODO: check
+CVE-2018-2894 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+	TODO: check
+CVE-2018-2893 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
+	TODO: check
+CVE-2018-2892 (Vulnerability in the Solaris component of Oracle Sun Systems Products ...)
+	TODO: check
+CVE-2018-2891 (Vulnerability in the Oracle Retail Bulk Data Integration component of ...)
+	TODO: check
 CVE-2018-2890
 	RESERVED
 CVE-2018-2889
 	RESERVED
-CVE-2018-2888
-	RESERVED
+CVE-2018-2888 (Vulnerability in the MICROS Retail-J component of Oracle Retail ...)
+	TODO: check
 CVE-2018-2887
 	RESERVED
 CVE-2018-2886
@@ -31030,10 +31015,10 @@ CVE-2018-2884
 	RESERVED
 CVE-2018-2883
 	RESERVED
-CVE-2018-2882
-	RESERVED
-CVE-2018-2881
-	RESERVED
+CVE-2018-2882 (Vulnerability in the MICROS Retail-J component of Oracle Retail ...)
+	TODO: check
+CVE-2018-2881 (Vulnerability in the MICROS Retail-J component of Oracle Retail ...)
+	TODO: check
 CVE-2018-2880
 	RESERVED
 CVE-2018-2879 (Vulnerability in the Oracle Access Manager component of Oracle Fusion ...)
@@ -31421,8 +31406,7 @@ CVE-2018-2769 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
 CVE-2018-2768 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2767 [Use of SSL/TLS not enforced in client library (Return of BACKRONYM)]
-	RESERVED
+CVE-2018-2767 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mariadb-10.2 <unfixed>
 	- mariadb-10.1 <unfixed>
 	[stretch] - mariadb-10.1 <postponed> (Wait for next upstream security/bugfix release)
@@ -31937,8 +31921,7 @@ CVE-2018-2599 (Vulnerability in the Java SE, Java SE Embedded, JRockit component
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2598
-	RESERVED
+CVE-2018-2598 (Vulnerability in the MySQL Workbench component of Oracle MySQL ...)
 	- mysql-workbench <unfixed>
 CVE-2018-2597 (Vulnerability in the Oracle Hospitality Cruise Dining Room Management ...)
 	NOT-FOR-US: Oracle
@@ -35211,8 +35194,7 @@ CVE-2018-1335 (From Apache Tika versions 1.7 to 1.17, clients could send careful
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/25/8
 CVE-2018-1334 (In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using ...)
 	NOT-FOR-US: Apache Spark
-CVE-2018-1333 [Apache HTTP Server HTTP/2 DoS]
-	REJECTED
+CVE-2018-1333 (By specially crafting HTTP/2 requests, workers would be allocated 60 ...)
 	- apache2 <unfixed>
 	NOTE: Affects 2.4.18-2.4.33
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/18/1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9f0f62649b67f032aecc91121c9453684e7e997f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9f0f62649b67f032aecc91121c9453684e7e997f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180718/6976558d/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list