[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8968d67b by security tracker role at 2018-06-04T08:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,57 @@
+CVE-2018-11707
+	RESERVED
+CVE-2018-11706
+	RESERVED
+CVE-2018-11705
+	RESERVED
+CVE-2018-11704
+	RESERVED
+CVE-2018-11703
+	RESERVED
+CVE-2018-11702
+	RESERVED
+CVE-2018-11701
+	RESERVED
+CVE-2018-11700
+	RESERVED
+CVE-2018-11699
+	RESERVED
+CVE-2018-11698 (An issue was discovered in LibSaas through 3.5.4. An out-of-bounds read ...)
+	TODO: check
+CVE-2018-11697 (An issue was discovered in LibSaas through 3.5.4. An out-of-bounds read ...)
+	TODO: check
+CVE-2018-11696 (An issue was discovered in LibSaas through 3.5.4. A NULL pointer ...)
+	TODO: check
+CVE-2018-11695 (An issue was discovered in LibSaas through 3.5.2. A NULL pointer ...)
+	TODO: check
+CVE-2018-11694 (An issue was discovered in LibSaas through 3.5.4. A NULL pointer ...)
+	TODO: check
+CVE-2018-11693 (An issue was discovered in LibSaas through 3.5.4. An out-of-bounds read ...)
+	TODO: check
+CVE-2018-11692 (An issue was discovered on Canon LBP6650, LBP3370, LBP3460, and ...)
+	TODO: check
+CVE-2018-11691
+	RESERVED
+CVE-2018-11690
+	RESERVED
+CVE-2018-11689
+	RESERVED
+CVE-2018-11688
+	RESERVED
+CVE-2018-11687
+	RESERVED
+CVE-2018-11686
+	RESERVED
+CVE-2018-11685 (Liblouis 3.5.0 has a stack-based Buffer Overflow in the function ...)
+	TODO: check
+CVE-2018-11684 (Liblouis 3.5.0 has a stack-based Buffer Overflow in the function ...)
+	TODO: check
+CVE-2018-11683 (Liblouis 3.5.0 has a stack-based Buffer Overflow in the function ...)
+	TODO: check
+CVE-2017-18285 (The Gentoo app-backup/burp package before 2.1.32 has incorrect group ...)
+	TODO: check
+CVE-2017-18284 (The Gentoo app-backup/burp package before 2.1.32 sets the ownership of ...)
+	TODO: check
 CVE-2018-11682 (Default and unremovable support credentials allow attackers to gain ...)
 	NOT-FOR-US: products using the Stanza Lutron integration protocol
 CVE-2018-11681 (Default and unremovable support credentials (user:nwk password:nwk2) ...)
@@ -2307,9 +2361,9 @@ CVE-2018-10764
 CVE-2018-10763
 	RESERVED
 CVE-2018-10762
-	RESERVED
+	REJECTED
 CVE-2018-10761
-	RESERVED
+	REJECTED
 CVE-2018-10760 (Unrestricted file upload vulnerability in the Files plugin in ...)
 	NOT-FOR-US: Files plugin in ProjectPier
 CVE-2018-10759 (PHP remote file inclusion vulnerability in public/patch/patch.php in ...)
@@ -4185,7 +4239,7 @@ CVE-2018-9996 (An issue was discovered in cplus-dem.c in GNU libiberty, as ...)
 CVE-2018-9995 (TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, ...)
 	NOT-FOR-US: TBK DVR4104 and DVR4216 devices
 CVE-2018-9994
-	RESERVED
+	REJECTED
 CVE-2018-9993 (YUNUCMS 1.0.7 has XSS via the content title on an ...)
 	NOT-FOR-US: YUNUCMS
 CVE-2018-9992 (Frog CMS 0.9.5 has XSS via the name field of a new "File" or ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8968d67b479382e98e886eecb74392cb48428a5d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8968d67b479382e98e886eecb74392cb48428a5d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180604/fdae27de/attachment-0001.html>