[Git][security-tracker-team/security-tracker][master] automatic update

Sun Jul 29 21:10:31 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
54fd245a by security tracker role at 2018-07-29T20:10:23Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,4 +1,28 @@
-CVE-2018-14734 [infiniband: fix a possible use-after-free bug]
+CVE-2018-14745
+	RESERVED
+CVE-2018-14744 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+	TODO: check
+CVE-2018-14743 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+	TODO: check
+CVE-2018-14742 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+	TODO: check
+CVE-2018-14741 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+	TODO: check
+CVE-2018-14740 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+	TODO: check
+CVE-2018-14739 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+	TODO: check
+CVE-2018-14738 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+	TODO: check
+CVE-2018-14737 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+	TODO: check
+CVE-2018-14736 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
+	TODO: check
+CVE-2018-14735
+	RESERVED
+CVE-2018-14733
+	RESERVED
+CVE-2018-14734 (drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/cb2595c1393b4a5211534e6f0a0fbad369e21ad8 (4.18-rc1)
 CVE-2018-14732
@@ -942,11 +966,13 @@ CVE-2018-14370 (In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b1446124eebc3ea5591d18e719c2a5cff3630638
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-43.html
 CVE-2018-14369 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
+	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14869
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=038cd225bfa54e2a7ade4043118796334920a61e
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-41.html
 CVE-2018-14368 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
+	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	[stretch] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14841
@@ -1067,28 +1093,33 @@ CVE-2018-14344 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4f7153685b39a164aea09ba7f96ebb648b8328ae
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-35.html
 CVE-2018-14343 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
+	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14682
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9402f2f80c6bc7d25178a0875c5a1f5ee36361db
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-37.html
 CVE-2018-14342 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
+	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	[stretch] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13741
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=36af43dbb7673495948cd65d0346e8b9812b941c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-34.html
 CVE-2018-14341 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
+	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	[stretch] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14742
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2e716c32be6aa20e1813b0002878853e71f8b2f4
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-39.html
 CVE-2018-14340 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, ...)
+	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14675
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=672d882a53f96730e4ef1e5b1639c585823b0df8
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-36.html
 CVE-2018-14339 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
+	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	[stretch] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14738
@@ -36415,7 +36446,7 @@ CVE-2018-1307 (In Apache jUDDI 3.2 through 3.3.4, if using the WADL2Java or WSDL
 CVE-2018-1306 (The PortletV3AnnotatedDemo Multipart Portlet war file code provided in ...)
 	NOT-FOR-US: Apache Portals Pluto
 CVE-2018-1305 (Security constraints defined by annotations of Servlets in Apache ...)
-	{DLA-1400-1 DLA-1301-1}
+	{DLA-1450-1 DLA-1400-1 DLA-1301-1}
 	- tomcat9 <itp> (bug #802312)
 	- tomcat8 8.5.28-1
 	- tomcat8.0 <unfixed> (unimportant)
@@ -36429,7 +36460,7 @@ CVE-2018-1305 (Security constraints defined by annotations of Servlets in Apache
 	NOTE: https://svn.apache.org/r1823322 (7.0.x)
 	NOTE: https://svn.apache.org/r1824360 (7.0.x)
 CVE-2018-1304 (The URL pattern of "" (the empty string) which exactly maps to the ...)
-	{DLA-1400-1 DLA-1301-1}
+	{DLA-1450-1 DLA-1400-1 DLA-1301-1}
 	- tomcat9 <itp> (bug #802312)
 	- tomcat8 8.5.28-1
 	- tomcat8.0 <unfixed> (unimportant)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/54fd245a01ca7f65cc79b0763da305b6272dcfba

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/54fd245a01ca7f65cc79b0763da305b6272dcfba
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180729/482f3b4d/attachment-0001.html>
