[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Jun 8 21:10:26 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5ed9e9ef by security tracker role at 2018-06-08T20:10:18+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,51 @@
+CVE-2018-12074
+ RESERVED
+CVE-2018-12073
+ RESERVED
+CVE-2018-12072
+ RESERVED
+CVE-2018-12071
+ RESERVED
+CVE-2018-12070
+ RESERVED
+CVE-2018-12069
+ RESERVED
+CVE-2018-12068
+ RESERVED
+CVE-2018-12067
+ RESERVED
+CVE-2018-12065 (A Local File Inclusion vulnerability in /system/WCore/WHelper.php in ...)
+ TODO: check
+CVE-2018-12064 (tinyexr 0.9.5 has a heap-based buffer over-read via ...)
+ TODO: check
+CVE-2018-12063
+ RESERVED
+CVE-2018-12062
+ RESERVED
+CVE-2018-12061
+ RESERVED
+CVE-2018-12060
+ RESERVED
+CVE-2018-12059
+ RESERVED
+CVE-2018-12058
+ RESERVED
+CVE-2018-12057
+ RESERVED
+CVE-2018-12056
+ RESERVED
+CVE-2018-12055 (Multiple SQL Injections exist in PHP Scripts Mall Schools Alert ...)
+ TODO: check
+CVE-2018-12054 (Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management ...)
+ TODO: check
+CVE-2018-12053 (Arbitrary File Deletion exists in PHP Scripts Mall Schools Alert ...)
+ TODO: check
+CVE-2018-12052 (SQL Injection exists in PHP Scripts Mall Schools Alert Management ...)
+ TODO: check
+CVE-2018-12051 (Arbitrary File Upload and Remote Code Execution exist in PHP Scripts ...)
+ TODO: check
+CVE-2018-12050
+ RESERVED
CVE-2018-XXXX [OVE-20180430-0004: mpatch: ensure fragment start isn't past the end of orig]
- mercurial 4.6.1-1 (bug #901050)
NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.6.1_.282018-06-06.29
@@ -486,7 +534,7 @@ CVE-2018-11816
RESERVED
CVE-2018-11815
RESERVED
-CVE-2018-12066 [Stack overflow in BGP mask expressions]
+CVE-2018-12066 (BIRD Internet Routing Daemon before 1.6.4 allows local users to cause a ...)
- bird 1.6.4-1 (low; bug #900967)
[stretch] - bird <no-dsa> (Minor issue)
[jessie] - bird <no-dsa> (Minor issue)
@@ -503,6 +551,7 @@ CVE-2018-1002200 [arbitrary file write vulnerability / arbitrary code execution
NOTE: https://github.com/codehaus-plexus/plexus-archiver/pull/87
NOTE: https://github.com/codehaus-plexus/plexus-archiver/commit/58bc24e465c0842981692adbf6d75680298989de
CVE-2018-1000204 [infoleak due to incorrect andling of SG_IO ioctl]
+ RESERVED
- linux 4.16.12-1
NOTE: Fixed by: https://git.kernel.org/linus/a45b599ad808c3c982fdcdc12b0b8611c2f92824
CVE-2018-1000203 (Soar Labs Soar Coin version up to and including git commit ...)
@@ -1556,8 +1605,8 @@ CVE-2018-11410 (An issue was discovered in Liblouis 3.5.0. A invalid free in the
[wheezy] - liblouis <not-affected> (Code did not even exist at the time)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1582024
NOTE: https://github.com/liblouis/liblouis/issues/573
-CVE-2018-11409
- RESERVED
+CVE-2018-11409 (Splunk through 7.0.1 allows information disclosure by appending ...)
+ TODO: check
CVE-2018-11408
RESERVED
CVE-2018-11407
@@ -3871,10 +3920,10 @@ CVE-2018-10508
RESERVED
CVE-2018-10507
RESERVED
-CVE-2018-10506
- RESERVED
-CVE-2018-10505
- RESERVED
+CVE-2018-10506 (A out-of-bounds read information disclosure vulnerability in Trend ...)
+ TODO: check
+CVE-2018-10505 (A pool corruption privilege escalation vulnerability in Trend Micro ...)
+ TODO: check
CVE-2018-10504 (The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress ...)
NOT-FOR-US: Wordpress plugin
CVE-2018-10503 (An issue was discovered in index.php in baijiacms V4 v4_1_4_20170105. ...)
@@ -4212,10 +4261,10 @@ CVE-2018-10363
RESERVED
CVE-2018-10360
RESERVED
-CVE-2018-10359
- RESERVED
-CVE-2018-10358
- RESERVED
+CVE-2018-10359 (A pool corruption privilege escalation vulnerability in Trend Micro ...)
+ TODO: check
+CVE-2018-10358 (A pool corruption privilege escalation vulnerability in Trend Micro ...)
+ TODO: check
CVE-2018-10357 (A directory traversal vulnerability in Trend Micro Endpoint ...)
NOT-FOR-US: Trend Micro
CVE-2018-10356 (A SQL injection remote code execution vulnerability in Trend Micro ...)
@@ -4913,8 +4962,8 @@ CVE-2018-10090
RESERVED
CVE-2018-10089
RESERVED
-CVE-2018-10088
- RESERVED
+CVE-2018-10088 (Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and ...)
+ TODO: check
CVE-2018-10124 (The kill_something_info function in kernel/signal.c in the Linux kernel ...)
- linux 4.13.4-1
[stretch] - linux <ignored> (Minor issue)
@@ -7758,10 +7807,10 @@ CVE-2018-8928
RESERVED
CVE-2018-8927
RESERVED
-CVE-2018-8926
- RESERVED
-CVE-2018-8925
- RESERVED
+CVE-2018-8926 (Permissive regular expression vulnerability in synophoto_dsm_user in ...)
+ TODO: check
+CVE-2018-8925 (Cross-site request forgery (CSRF) vulnerability in admin/user.php in ...)
+ TODO: check
CVE-2018-8924 (Cross-site scripting (XSS) vulnerability in Title Tootip in Synology ...)
NOT-FOR-US: Synology
CVE-2018-8923 (Cross-site scripting (XSS) vulnerability in Attachment Preview in ...)
@@ -7778,8 +7827,8 @@ CVE-2018-8918
RESERVED
CVE-2018-8917
RESERVED
-CVE-2018-8916
- RESERVED
+CVE-2018-8916 (Unverified password change vulnerability in Change Password in ...)
+ TODO: check
CVE-2018-8915 (Cross-site scripting (XSS) vulnerability in Notification Center in ...)
NOT-FOR-US: Synology
CVE-2018-8914 (SQL injection vulnerability in UPnP DMA in Synology Media Server ...)
@@ -12263,6 +12312,7 @@ CVE-2018-1000081 (Ajenti version version 2 contains a Input Validation vulnerabi
CVE-2018-1000080 (Ajenti version version 2 contains a Insecure Permissions vulnerability ...)
- ajenti <itp> (bug #792019)
CVE-2018-1000079 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
+ {DSA-4219-1}
- ruby2.5 2.5.0-5
- ruby2.3 <removed>
- ruby2.1 <removed>
@@ -12277,7 +12327,7 @@ CVE-2018-1000079 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
NOTE: https://github.com/rubygems/rubygems/commit/666ef793cad42eed96f7aee1cdf77865db921099
NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
CVE-2018-1000078 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
- {DLA-1358-1 DLA-1337-1 DLA-1336-1}
+ {DSA-4219-1 DLA-1358-1 DLA-1337-1 DLA-1336-1}
- ruby2.5 2.5.0-5
- ruby2.3 <removed>
- ruby2.1 <removed>
@@ -12288,7 +12338,7 @@ CVE-2018-1000078 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
NOTE: https://github.com/rubygems/rubygems/commit/66a28b9275551384fdab45f3591a82d6b59952cb
NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
CVE-2018-1000077 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
- {DLA-1358-1 DLA-1337-1 DLA-1336-1}
+ {DSA-4219-1 DLA-1358-1 DLA-1337-1 DLA-1336-1}
- ruby2.5 2.5.0-5
- ruby2.3 <removed>
- ruby2.1 <removed>
@@ -12299,7 +12349,7 @@ CVE-2018-1000077 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
NOTE: https://github.com/rubygems/rubygems/commit/feadefc2d351dcb95d6492f5ad17ebca546eb964
NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
CVE-2018-1000076 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
- {DLA-1358-1 DLA-1337-1 DLA-1336-1}
+ {DSA-4219-1 DLA-1358-1 DLA-1337-1 DLA-1336-1}
- ruby2.5 2.5.0-5
- ruby2.3 <removed>
- ruby2.1 <removed>
@@ -12310,7 +12360,7 @@ CVE-2018-1000076 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
NOTE: https://github.com/rubygems/rubygems/commit/f5042b879259b1f1ce95a0c5082622c646376693
NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
CVE-2018-1000075 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
- {DLA-1358-1 DLA-1337-1 DLA-1336-1}
+ {DSA-4219-1 DLA-1358-1 DLA-1337-1 DLA-1336-1}
- ruby2.5 2.5.0-5
- ruby2.3 <removed>
- ruby2.1 <removed>
@@ -12321,7 +12371,7 @@ CVE-2018-1000075 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
NOTE: https://github.com/rubygems/rubygems/commit/92e98bf8f810bd812f919120d4832df51bc25d83
NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
CVE-2018-1000074 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
- {DLA-1352-1}
+ {DSA-4219-1 DLA-1352-1}
- ruby2.5 2.5.0-5
- ruby2.3 <removed>
- ruby2.1 <removed>
@@ -12334,6 +12384,7 @@ CVE-2018-1000074 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3
NOTE: https://github.com/rubygems/rubygems/commit/254e3d0ee873c008c0b74e8b8abcbdab4caa0a6d
NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
CVE-2018-1000073 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...)
+ {DSA-4219-1}
- ruby2.5 2.5.0-5
- ruby2.3 <removed>
- ruby2.1 <removed>
@@ -15804,6 +15855,7 @@ CVE-2018-6127
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2018-6126
RESERVED
+ {DSA-4220-1}
- chromium-browser 67.0.3396.62-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -20973,92 +21025,92 @@ CVE-2018-4255
RESERVED
CVE-2018-4254
RESERVED
-CVE-2018-4253
- RESERVED
-CVE-2018-4252
- RESERVED
-CVE-2018-4251
- RESERVED
-CVE-2018-4250
- RESERVED
-CVE-2018-4249
- RESERVED
+CVE-2018-4253 (An issue was discovered in certain Apple products. macOS before ...)
+ TODO: check
+CVE-2018-4252 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4251 (An issue was discovered in certain Apple products. macOS before ...)
+ TODO: check
+CVE-2018-4250 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4249 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
CVE-2018-4248
RESERVED
-CVE-2018-4247
- RESERVED
-CVE-2018-4246
- RESERVED
+CVE-2018-4247 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4246 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
CVE-2018-4245
RESERVED
-CVE-2018-4244
- RESERVED
-CVE-2018-4243
- RESERVED
-CVE-2018-4242
- RESERVED
-CVE-2018-4241
- RESERVED
-CVE-2018-4240
- RESERVED
-CVE-2018-4239
- RESERVED
-CVE-2018-4238
- RESERVED
-CVE-2018-4237
- RESERVED
-CVE-2018-4236
- RESERVED
-CVE-2018-4235
- RESERVED
-CVE-2018-4234
- RESERVED
-CVE-2018-4233
- RESERVED
-CVE-2018-4232
- RESERVED
+CVE-2018-4244 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4243 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4242 (An issue was discovered in certain Apple products. macOS before ...)
+ TODO: check
+CVE-2018-4241 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4240 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4239 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4238 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4237 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4236 (An issue was discovered in certain Apple products. macOS before ...)
+ TODO: check
+CVE-2018-4235 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4234 (An issue was discovered in certain Apple products. macOS before ...)
+ TODO: check
+CVE-2018-4233 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4232 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
CVE-2018-4231
RESERVED
-CVE-2018-4230
- RESERVED
-CVE-2018-4229
- RESERVED
-CVE-2018-4228
- RESERVED
-CVE-2018-4227
- RESERVED
-CVE-2018-4226
- RESERVED
-CVE-2018-4225
- RESERVED
-CVE-2018-4224
- RESERVED
-CVE-2018-4223
- RESERVED
-CVE-2018-4222
- RESERVED
-CVE-2018-4221
- RESERVED
-CVE-2018-4220
- RESERVED
-CVE-2018-4219
- RESERVED
-CVE-2018-4218
- RESERVED
+CVE-2018-4230 (An issue was discovered in certain Apple products. macOS before ...)
+ TODO: check
+CVE-2018-4229 (An issue was discovered in certain Apple products. macOS before ...)
+ TODO: check
+CVE-2018-4228 (An issue was discovered in certain Apple products. macOS before ...)
+ TODO: check
+CVE-2018-4227 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4226 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4225 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4224 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4223 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4222 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4221 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4220 (An issue was discovered in certain Apple products. Swift before 4.1.1 ...)
+ TODO: check
+CVE-2018-4219 (An issue was discovered in certain Apple products. macOS before ...)
+ TODO: check
+CVE-2018-4218 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
CVE-2018-4217
RESERVED
CVE-2018-4216
RESERVED
-CVE-2018-4215
- RESERVED
-CVE-2018-4214
- RESERVED
+CVE-2018-4215 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4214 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
CVE-2018-4213
RESERVED
CVE-2018-4212
RESERVED
-CVE-2018-4211
- RESERVED
+CVE-2018-4211 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
CVE-2018-4210
RESERVED
CVE-2018-4209
@@ -21067,58 +21119,56 @@ CVE-2018-4208
RESERVED
CVE-2018-4207
RESERVED
-CVE-2018-4206
- RESERVED
-CVE-2018-4205
- RESERVED
-CVE-2018-4204
- RESERVED
+CVE-2018-4206 (An issue was discovered in certain Apple products. iOS before 11.3.1 ...)
+ TODO: check
+CVE-2018-4205 (An issue was discovered in certain Apple products. Safari before ...)
+ TODO: check
+CVE-2018-4204 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
- webkit2gtk 2.20.1-1 (unimportant)
NOTE: https://webkitgtk.org/security/WSA-2018-0004.html
NOTE: Not covered by security support
CVE-2018-4203
RESERVED
-CVE-2018-4202
- RESERVED
-CVE-2018-4201
- RESERVED
-CVE-2018-4200
- RESERVED
+CVE-2018-4202 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4201 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4200 (An issue was discovered in certain Apple products. iOS before 11.3.1 ...)
- webkit2gtk 2.20.2-1 (unimportant)
NOTE: https://webkitgtk.org/security/WSA-2018-0004.html
NOTE: Not covered by security support
-CVE-2018-4199
- RESERVED
-CVE-2018-4198
- RESERVED
+CVE-2018-4199 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4198 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
CVE-2018-4197
RESERVED
-CVE-2018-4196
- RESERVED
+CVE-2018-4196 (An issue was discovered in certain Apple products. macOS before ...)
+ TODO: check
CVE-2018-4195
RESERVED
CVE-2018-4194
RESERVED
-CVE-2018-4193
- RESERVED
-CVE-2018-4192
- RESERVED
+CVE-2018-4193 (An issue was discovered in certain Apple products. macOS before ...)
+ TODO: check
+CVE-2018-4192 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
CVE-2018-4191
RESERVED
-CVE-2018-4190
- RESERVED
+CVE-2018-4190 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
CVE-2018-4189
RESERVED
-CVE-2018-4188
- RESERVED
-CVE-2018-4187
- RESERVED
+CVE-2018-4188 (An issue was discovered in certain Apple products. iOS before 11.4 is ...)
+ TODO: check
+CVE-2018-4187 (An issue was discovered in certain Apple products. iOS before 11.3.1 ...)
+ TODO: check
CVE-2018-4186
RESERVED
CVE-2018-4185
RESERVED
-CVE-2018-4184
- RESERVED
+CVE-2018-4184 (An issue was discovered in certain Apple products. macOS before ...)
+ TODO: check
CVE-2018-4183
RESERVED
CVE-2018-4182
@@ -21143,8 +21193,8 @@ CVE-2018-4173 (An issue was discovered in certain Apple products. iOS before 11.
NOT-FOR-US: Apple
CVE-2018-4172 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
NOT-FOR-US: Apple
-CVE-2018-4171
- RESERVED
+CVE-2018-4171 (An issue was discovered in certain Apple products. macOS before ...)
+ TODO: check
CVE-2018-4170 (An issue was discovered in certain Apple products. macOS before ...)
NOT-FOR-US: Apple
CVE-2018-4169
@@ -21175,8 +21225,8 @@ CVE-2018-4161 (An issue was discovered in certain Apple products. iOS before 11.
NOTE: Not covered by security support
CVE-2018-4160 (An issue was discovered in certain Apple products. macOS before ...)
NOT-FOR-US: Apple
-CVE-2018-4159
- RESERVED
+CVE-2018-4159 (An issue was discovered in certain Apple products. macOS before ...)
+ TODO: check
CVE-2018-4158 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
NOT-FOR-US: Apple
CVE-2018-4157 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
@@ -21213,8 +21263,8 @@ CVE-2018-4143 (An issue was discovered in certain Apple products. iOS before 11.
NOT-FOR-US: Apple
CVE-2018-4142 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
NOT-FOR-US: Apple
-CVE-2018-4141
- RESERVED
+CVE-2018-4141 (An issue was discovered in certain Apple products. macOS before ...)
+ TODO: check
CVE-2018-4140 (An issue was discovered in certain Apple products. iOS before 11.3 is ...)
NOT-FOR-US: Apple
CVE-2018-4139 (An issue was discovered in certain Apple products. macOS before ...)
@@ -28265,8 +28315,8 @@ CVE-2018-1455
RESERVED
CVE-2018-1454 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a ...)
NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2018-1453
- RESERVED
+CVE-2018-1453 (IBM Security Identity Manager Virtual Appliance 7.0 allows an ...)
+ TODO: check
CVE-2018-1452 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
NOT-FOR-US: IBM
CVE-2018-1451 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
@@ -29334,8 +29384,8 @@ CVE-2018-1283 (In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured t
NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/4
CVE-2018-1282 (This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows ...)
NOT-FOR-US: Apache Hive
-CVE-2018-1281
- RESERVED
+CVE-2018-1281 (The clustered setup of Apache MXNet allows users to specify which IP ...)
+ TODO: check
CVE-2017-17459 (http_transport.c in Fossil before 2.4, when the SSH sync protocol is ...)
- fossil 1:2.4-1
[stretch] - fossil <no-dsa> (Minor issue)
@@ -35953,7 +36003,7 @@ CVE-2017-16175 (ewgaddis.lab6 is a file server. ewgaddis.lab6 is vulnerable to a
TODO: check
CVE-2017-16174 (whispercast is a file server. whispercast is vulnerable to a directory ...)
TODO: check
-CVE-2017-16173 (utahcityfinder constructs lists of Utah cities with a certiain prefix. ...)
+CVE-2017-16173 (utahcityfinder constructs lists of Utah cities with a certain prefix. ...)
TODO: check
CVE-2017-16172 (section2.madisonjbrooks12 is a simple web server. ...)
TODO: check
@@ -48579,14 +48629,14 @@ CVE-2017-12080 (An information exposure vulnerability in default HTTP configurat
NOT-FOR-US: Synology Photo Station
CVE-2017-12079 (Files or directories accessible to external parties vulnerability in ...)
NOT-FOR-US: Synology Photo Station
-CVE-2017-12078
- RESERVED
+CVE-2017-12078 (Command injection vulnerability in EZ-Internet in Synology Router ...)
+ TODO: check
CVE-2017-12077 (Uncontrolled Resource Consumption vulnerability in ...)
NOT-FOR-US: Synology
CVE-2017-12076 (Uncontrolled Resource Consumption vulnerability in ...)
NOT-FOR-US: Synology
-CVE-2017-12075
- RESERVED
+CVE-2017-12075 (Command injection vulnerability in EZ-Internet in Synology DiskStation ...)
+ TODO: check
CVE-2017-12074 (Directory traversal vulnerability in the ...)
NOT-FOR-US: Synology
CVE-2017-12073
@@ -80571,8 +80621,8 @@ CVE-2017-1407 (IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 could
NOT-FOR-US: IBM
CVE-2017-1406
RESERVED
-CVE-2017-1405
- RESERVED
+CVE-2017-1405 (IBM Security Identity Manager Virtual Appliance 7.0 processes patches, ...)
+ TODO: check
CVE-2017-1404
RESERVED
CVE-2017-1403
@@ -151722,8 +151772,8 @@ CVE-2014-5222
REJECTED
CVE-2014-5221
REJECTED
-CVE-2014-5220
- RESERVED
+CVE-2014-5220 (The mdcheck script of the mdadm package for openSUSE 13.2 prior to ...)
+ TODO: check
CVE-2014-5219
RESERVED
CVE-2014-5218
@@ -163941,10 +163991,10 @@ CVE-2014-0596
RESERVED
CVE-2014-0595 (/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open ...)
NOT-FOR-US: Novel OES
-CVE-2014-0594
- RESERVED
-CVE-2014-0593
- RESERVED
+CVE-2014-0594 (In the Open Build Service (OBS) before version 2.4.6 the CSRF ...)
+ TODO: check
+CVE-2014-0593 (The set_version script as shipped with obs-service-set_version is a ...)
+ TODO: check
CVE-2014-0592 (Barclamp (aka barclamp-network) 1.7 for the Crowbar Framework, as used ...)
NOT-FOR-US: Crowbar
CVE-2014-0591 (The query_findclosestnsec3 function in query.c in named in ISC BIND ...)
@@ -175239,8 +175289,7 @@ CVE-2013-3705 (The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR
NOT-FOR-US: Novell Client
CVE-2013-3704 (The RPM GPG key import and handling feature in libzypp 12.15.0 and ...)
- libzypp <not-affected> (Fixed before initial upload)
-CVE-2013-3703
- RESERVED
+CVE-2013-3703 (The controller of the Open Build Service API prior to version 2.4.4 is ...)
NOT-FOR-US: Open Build Service
CVE-2013-3702
REJECTED
@@ -201523,8 +201572,8 @@ CVE-2012-0435 (SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to m
NOT-FOR-US: YAST
CVE-2012-0434 (The server in Crowbar, as used in SUSE Cloud 1.0, uses weak ...)
NOT-FOR-US: Crowbar
-CVE-2012-0433
- RESERVED
+CVE-2012-0433 (The install-chef-suse.sh script shipped with crowbar before 2012-10-02 ...)
+ TODO: check
CVE-2012-0432 (Stack-based buffer overflow in the Novell NCP implementation in NetIQ ...)
NOT-FOR-US: NetIQ eDirectory
CVE-2012-0431
@@ -205015,8 +205064,8 @@ CVE-2011-4192 (kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.
NOT-FOR-US: Suse kiwi (different from python-kiwi)
CVE-2011-4191 (Stack-based buffer overflow in the xdrDecodeString function in ...)
NOT-FOR-US: Novell NetWare
-CVE-2011-4190
- RESERVED
+CVE-2011-4190 (The kdump implementation is missing the host key verification in the ...)
+ TODO: check
CVE-2011-4189 (The client in Novell GroupWise 8.0x through 8.02HP3 allows remote ...)
NOT-FOR-US: Novell GroupWise
CVE-2011-4188 (Buffer overflow in the Create Attribute function in jclient in Novell ...)
@@ -208174,8 +208223,8 @@ CVE-2011-3174 (Buffer overflow in the DoFindReplace function in the ISGrid.Grid2
NOT-FOR-US: Novell ZENworks Configuration Management
CVE-2011-3173 (Stack-based buffer overflow in the GetDriverSettings function in ...)
NOT-FOR-US: Novell Open Enterprise Server
-CVE-2011-3172
- RESERVED
+CVE-2011-3172 (A vulnerability in pam_modules of SUSE SUSE Linux Enterprise allows ...)
+ TODO: check
CVE-2011-3171 (Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly ...)
NOT-FOR-US: pure-FTPd add-on
CVE-2011-3170 (The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ed9e9efffa7775e14c815287e2f7c107ff719ef
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ed9e9efffa7775e14c815287e2f7c107ff719ef
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180608/7a37d9f5/attachment.html>
More information about the debian-security-tracker-commits
mailing list