[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sun Jul 29 09:10:24 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
db50babe by security tracker role at 2018-07-29T08:10:15Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,103 @@
+CVE-2018-14732
+	RESERVED
+CVE-2018-14731
+	RESERVED
+CVE-2018-14730
+	RESERVED
+CVE-2018-14729
+	RESERVED
+CVE-2018-14728
+	RESERVED
+CVE-2018-14727
+	RESERVED
+CVE-2018-14726
+	RESERVED
+CVE-2018-14725
+	RESERVED
+CVE-2018-14724
+	RESERVED
+CVE-2018-14723
+	RESERVED
+CVE-2018-14722
+	RESERVED
+CVE-2018-14721
+	RESERVED
+CVE-2018-14720
+	RESERVED
+CVE-2018-14719
+	RESERVED
+CVE-2018-14718
+	RESERVED
+CVE-2018-14717
+	RESERVED
+CVE-2018-14716
+	RESERVED
+CVE-2018-14715
+	RESERVED
+CVE-2018-14714
+	RESERVED
+CVE-2018-14713
+	RESERVED
+CVE-2018-14712
+	RESERVED
+CVE-2018-14711
+	RESERVED
+CVE-2018-14710
+	RESERVED
+CVE-2018-14709
+	RESERVED
+CVE-2018-14708
+	RESERVED
+CVE-2018-14707
+	RESERVED
+CVE-2018-14706
+	RESERVED
+CVE-2018-14705
+	RESERVED
+CVE-2018-14704
+	RESERVED
+CVE-2018-14703
+	RESERVED
+CVE-2018-14702
+	RESERVED
+CVE-2018-14701
+	RESERVED
+CVE-2018-14700
+	RESERVED
+CVE-2018-14699
+	RESERVED
+CVE-2018-14698
+	RESERVED
+CVE-2018-14697
+	RESERVED
+CVE-2018-14696
+	RESERVED
+CVE-2018-14695
+	RESERVED
+CVE-2018-14694
+	RESERVED
+CVE-2018-14693
+	RESERVED
+CVE-2018-14692
+	RESERVED
+CVE-2018-14691
+	RESERVED
+CVE-2018-14690
+	RESERVED
+CVE-2018-14689
+	RESERVED
+CVE-2018-14688
+	RESERVED
+CVE-2018-14687
+	RESERVED
+CVE-2018-14686 (system/edit_book.php in XYCMS 1.7 has stored XSS via a crafted ...)
+	TODO: check
+CVE-2018-14685 (The add function in www/Lib/Lib/Action/Admin/TplAction.class.php in ...)
+	TODO: check
+CVE-2018-14684
+	RESERVED
+CVE-2018-14683
+	RESERVED
 CVE-2018-14678 (An issue was discovered in the Linux kernel through 4.17.11, as used in ...)
 	- linux <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-274.html
@@ -21,23 +121,19 @@ CVE-2018-14669
 	RESERVED
 CVE-2018-14668
 	RESERVED
-CVE-2018-14679 [off-by-one error in CHM PMGI/PMGL chunk number validity checks]
-	RESERVED
+CVE-2018-14679 (An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. ...)
 	- libmspack <unfixed> (bug #904802)
 	NOTE: https://github.com/kyz/libmspack/commit/72e70a921f0f07fee748aec2274b30784e1d312a
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/26/1
-CVE-2018-14680 [libmspack now rejects blank CHM filenames]
-	RESERVED
+CVE-2018-14680 (An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. ...)
 	- libmspack <unfixed> (bug #904801)
 	NOTE: https://github.com/kyz/libmspack/commit/72e70a921f0f07fee748aec2274b30784e1d312a
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/26/1
-CVE-2018-14682 [Fix off-by-one error in chmd TOLOWER() fallback]
-	RESERVED
+CVE-2018-14682 (An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. ...)
 	- libmspack <unfixed> (bug #904800)
 	NOTE: https://github.com/kyz/libmspack/commit/4fd9ccaa54e1aebde1e4b95fb0163b699fd7bcc8
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/26/1
-CVE-2018-14681 [kwaj_read_headers(): fix handling of non-terminated strings]
-	RESERVED
+CVE-2018-14681 (An issue was discovered in kwajd_read_headers in mspack/kwajd.c in ...)
 	- libmspack <unfixed> (bug #904799)
 	NOTE: https://github.com/kyz/libmspack/commit/0b0ef9344255ff5acfac6b7af09198ac9c9756c8
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/26/1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/db50babe60afdfed1d722c89f22a8dc3ccd3f992

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/db50babe60afdfed1d722c89f22a8dc3ccd3f992
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180729/e74aa83f/attachment.html>

More information about the debian-security-tracker-commits mailing list