[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Fri Jul 20 09:10:33 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
39788077 by security tracker role at 2018-07-20T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,41 @@
+CVE-2018-14441 (An issue was discovered in cckevincyh SSH CompanyWebsite through ...)
+	TODO: check
+CVE-2018-14440 (An issue was discovered in cckevincyh SSH CompanyWebsite through ...)
+	TODO: check
+CVE-2018-14439 (espritblock eos4j, an unofficial SDK for EOS, through 2018-07-12 ...)
+	TODO: check
+CVE-2018-14438 (In Wireshark through 2.6.2, the create_app_running_mutex function in ...)
+	TODO: check
+CVE-2018-14437 (ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c. ...)
+	TODO: check
+CVE-2018-14436 (ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in ...)
+	TODO: check
+CVE-2018-14435 (ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c. ...)
+	TODO: check
+CVE-2018-14434 (ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage ...)
+	TODO: check
+CVE-2018-14433
+	RESERVED
+CVE-2018-14432
+	RESERVED
+CVE-2018-14431
+	RESERVED
+CVE-2018-14430
+	RESERVED
+CVE-2018-14429
+	RESERVED
+CVE-2018-14428
+	RESERVED
+CVE-2018-14427
+	RESERVED
+CVE-2018-14426
+	RESERVED
+CVE-2018-14425
+	RESERVED
+CVE-2017-18343 (** DISPUTED ** The debug handler in Symfony before v2.7.33, 2.8.x ...)
+	TODO: check
+CVE-2016-10727 (camel/providers/imapx/camel-imapx-server.c in the IMAPx component in ...)
+	TODO: check
 CVE-2018-14424
 	RESERVED
 CVE-2018-14423 (Division-by-zero vulnerabilities in the functions pi_next_pcrl, ...)
@@ -311,8 +349,8 @@ CVE-2018-14337 (The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 
 	NOTE: https://github.com/mruby/mruby/issues/4062
 	NOTE: https://github.com/mruby/mruby/commit/695f29cd604787f43be1af16e38d13610bf8312b
 	NOTE: https://github.com/mruby/mruby/commit/adb1eae912659d680a9c5b7832e22cf73d36a69a
-CVE-2018-14336
-	RESERVED
+CVE-2018-14336 (TP-Link WR840N devices allow remote attackers to cause a denial of ...)
+	TODO: check
 CVE-2018-14335
 	RESERVED
 CVE-2018-14334 (manager/editor/upload.php in joyplus-cms 1.6.0 allows arbitrary file ...)
@@ -3318,8 +3356,8 @@ CVE-2018-12961
 	RESERVED
 CVE-2018-12960
 	RESERVED
-CVE-2018-12959
-	RESERVED
+CVE-2018-12959 (The approveAndCall function of a smart contract implementation for ...)
+	TODO: check
 CVE-2018-12958
 	RESERVED
 CVE-2018-12957
@@ -8910,11 +8948,9 @@ CVE-2018-10872 (A flaw was found in the way the Linux kernel handled exceptions 
 CVE-2018-10871 (389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a ...)
 	- 389-ds-base <unfixed>
 	NOTE: https://pagure.io/389-ds-base/issue/49789
-CVE-2018-10870
-	RESERVED
+CVE-2018-10870 (redhat-certification does not properly sanitize paths in ...)
 	NOT-FOR-US: Red Hat Certification
-CVE-2018-10869
-	RESERVED
+CVE-2018-10869 (redhat-certification does not properly restrict files that can be ...)
 	NOT-FOR-US: Red Hat Certification
 CVE-2018-10868
 	RESERVED
@@ -105014,7 +105050,7 @@ CVE-2016-5140 (Heap-based buffer overflow in the opj_j2k_read_SQcd_SQcc function
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2016-5139 (Multiple integer overflows in the opj_tcd_init_tile function in tcd.c ...)
-	{DSA-3645-1}
+	{DSA-3645-1 DLA-1433-1}
 	- openjpeg2 2.1.2-1
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -143044,6 +143080,7 @@ CVE-2015-1240 (gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementatio
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2015-1239 (Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG ...)
+	{DLA-1433-1}
 	- openjpeg2 2.1.1-1
 	NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=430891
 	NOTE: https://github.com/uclouvain/openjpeg/issues/477



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/39788077b28225648f2fdc737fa36fd26eafb349

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/39788077b28225648f2fdc737fa36fd26eafb349
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180720/a383e344/attachment.html>

More information about the debian-security-tracker-commits mailing list