[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Fri Jun 22 09:10:25 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bf49465c by security tracker role at 2018-06-22T08:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,21 @@
+CVE-2018-12637
+	RESERVED
+CVE-2018-12636
+	RESERVED
+CVE-2018-12635 (CirCarLife Scada v4.2.4 allows unauthorized upgrades via requests to ...)
+	TODO: check
+CVE-2018-12634 (CirCarLife Scada v4.2.4 allows remote attackers to obtain sensitive ...)
+	TODO: check
+CVE-2018-12633 (An issue was discovered in the Linux kernel through 4.17.2. ...)
+	TODO: check
+CVE-2018-12632 (Redatam7 (formerly Redatam WebServer) allows remote attackers to ...)
+	TODO: check
+CVE-2018-12631 (Redatam7 (formerly Redatam WebServer) allows remote attackers to read ...)
+	TODO: check
+CVE-2018-12630 (NEWMARK (aka New Mark) NMCMS 2.1 allows SQL Injection via the sect_id ...)
+	TODO: check
+CVE-2018-12629
+	RESERVED
 CVE-2018-12628
 	RESERVED
 CVE-2018-12627
@@ -33,8 +51,8 @@ CVE-2018-12615 (An issue was discovered in switchGroup() in ...)
 	NOTE: https://github.com/phusion/passenger/commit/4e97fdb86d0a0141ec9a052c6e691fcd07bb45c8
 CVE-2018-12614
 	RESERVED
-CVE-2018-12613
-	RESERVED
+CVE-2018-12613 (An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an ...)
+	TODO: check
 CVE-2018-12612
 	RESERVED
 CVE-2018-12611
@@ -67,11 +85,13 @@ CVE-2018-12601 (There is a heap-based buffer overflow in ReadImage in input-tga.
 	- sam2p <removed>
 	NOTE: https://github.com/pts/sam2p/issues/41
 CVE-2018-12600 (In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in ...)
+	{DLA-1394-1}
 	- imagemagick <unfixed>
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1178
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/921f208c2ea3cc45847f380257f270ff424adfff
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/ae71c12bbaa34d942e036824ff389c22b7dacade
 CVE-2018-12599 (In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in ...)
+	{DLA-1394-1}
 	- imagemagick <unfixed>
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1177
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ae04fa4be910255e5d363edebd77adeee99a525d
@@ -110,8 +130,8 @@ CVE-2018-12583 (An issue was discovered in AKCMS 6.1. CSRF can delete an article
 	NOT-FOR-US: AKCMS
 CVE-2018-12582 (An issue was discovered in AKCMS 6.1. CSRF can add an admin account via ...)
 	NOT-FOR-US: AKCMS
-CVE-2018-12581
-	RESERVED
+CVE-2018-12581 (An issue was discovered in js/designer/move.js in phpMyAdmin before ...)
+	TODO: check
 CVE-2018-12580 (library/DBTech/Security/Action/Sessions.php in DragonByte vBSecurity ...)
 	NOT-FOR-US: DragonByte vBSecurity for vBulletin
 CVE-2018-12579
@@ -3465,7 +3485,7 @@ CVE-2018-11253
 CVE-2018-11252
 	RESERVED
 CVE-2018-11251 (In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based ...)
-	{DLA-1381-1}
+	{DLA-1394-1 DLA-1381-1}
 	- imagemagick 8:6.9.9.39+dfsg-1
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/956
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/73fbc6a557b4f63af18b2debe83f817859ef7481
@@ -24031,8 +24051,7 @@ CVE-2018-3667
 	RESERVED
 CVE-2018-3666
 	RESERVED
-CVE-2018-3665 [speculative register leakage from lazy FPU context switching]
-	RESERVED
+CVE-2018-3665 (System software utilizing Lazy FP state restore technique on systems ...)
 	{DSA-4232-1}
 	- linux 4.6.1-1
 	- xen <unfixed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bf49465c10298637f01e58b6d5406bd12651d6bd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bf49465c10298637f01e58b6d5406bd12651d6bd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180622/71c212bb/attachment.html>

More information about the debian-security-tracker-commits mailing list