[Git][security-tracker-team/security-tracker][master] Add two new kafka issues

Salvatore Bonaccorso carnil at debian.org
Thu Jul 26 11:54:20 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a323a037 by Salvatore Bonaccorso at 2018-07-26T12:53:35+02:00
Add two new kafka issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -36124,8 +36124,9 @@ CVE-2018-1290 (In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incuba
 	NOT-FOR-US: Apache Fineract
 CVE-2018-1289 (In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, ...)
 	NOT-FOR-US: Apache Fineract
-CVE-2018-1288
+CVE-2018-1288 [Authenticated Kafka clients may interfere with data replication]
 	RESERVED
+	- kafka <itp> (bug #786460)
 CVE-2018-1287 (In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI ...)
 	- jakarta-jmeter <unfixed> (low)
 	[stretch] - jakarta-jmeter <no-dsa> (Minor issue)
@@ -53977,8 +53978,9 @@ CVE-2017-12611 (In Apache Struts 2.0.1 through 2.3.33 and 2.5 through 2.5.10, us
 	[wheezy] - libstruts1.2-java <ignored> (Minor issue)
 	NOTE: Only a problem if the application programmer has made a security mistake.
 	NOTE: https://struts.apache.org/docs/s2-053.html
-CVE-2017-12610
+CVE-2017-12610 [Authenticated Kafka clients may impersonate other users]
 	RESERVED
+	- kafka <itp> (bug #786460)
 CVE-2017-12609
 	REJECTED
 CVE-2017-12608 (A vulnerability in Apache OpenOffice Writer DOC file parser before ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a323a037e7d7167a694730f2263021487ab6aebe

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a323a037e7d7167a694730f2263021487ab6aebe
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180726/9572b617/attachment.html>

More information about the debian-security-tracker-commits mailing list