[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Sun Mar 11 21:10:27 UTC 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7a5fd055 by security tracker role at 2018-03-11T21:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,31 @@
+CVE-2018-8064
+	RESERVED
+CVE-2018-8063
+	RESERVED
+CVE-2018-8062
+	RESERVED
+CVE-2018-8061
+	RESERVED
+CVE-2018-8060
+	RESERVED
+CVE-2018-8059 (The Djelibeybi configuration examples for use of NGINX in SUSE Portus ...)
+	TODO: check
+CVE-2018-8058
+	RESERVED
+CVE-2018-8057 (A SQL Injection vulnerability exists in Western Bridge Cobub Razor ...)
+	TODO: check
+CVE-2018-8056 (Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via an ...)
+	TODO: check
+CVE-2018-8055
+	RESERVED
+CVE-2018-8054
+	RESERVED
+CVE-2018-8053
+	RESERVED
+CVE-2018-8052
+	RESERVED
+CVE-2018-8051
+	RESERVED
 CVE-2018-8050 (The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka ...)
 	- afflib <unfixed> (bug #892599)
 	NOTE: https://github.com/sshock/AFFLIBv3/commit/435a2ca802358a3debb6d164d2c33049131df81c
@@ -120,6 +148,7 @@ CVE-2018-7999 (In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference .
 	NOTE: https://github.com/silnrsi/graphite/commit/db132b4731a9b4c9534144ba3a18e65b390e9ff6
 	NOTE: https://github.com/silnrsi/graphite/issues/22
 CVE-2018-7998 (In libvips before 8.6.3, a NULL function pointer dereference ...)
+	{DLA-1306-1}
 	- vips 8.4.5-2 (bug #892589)
 	[stretch] - vips <no-dsa> (Minor issue)
 	[jessie] - vips <no-dsa> (Minor issue)
@@ -4955,6 +4984,7 @@ CVE-2018-6360 (mpv through 0.28.0 allows remote attackers to execute arbitrary c
 	NOTE: https://github.com/mpv-player/mpv/issues/5456
 	NOTE: https://github.com/mpv-player/mpv/commit/e6e6b0dcc7e9b0dbf35154a179b3dc1fcfcaff43
 CVE-2018-6359 (The decompileIF function (util/decompile.c) in libming through 0.4.8 is ...)
+	{DLA-1305-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/105
 CVE-2018-6358 (The printDefineFont2 function (util/listfdb.c) in libming through 0.4.8 ...)
@@ -5070,6 +5100,7 @@ CVE-2018-6317 (The remote management interface in Claymore Dual Miner 10.5 and .
 CVE-2018-6316 (Ivanti Endpoint Security (formerly HEAT Endpoint Management and ...)
 	NOT-FOR-US: Ivanti Endpoint Security
 CVE-2018-6315 (The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming ...)
+	{DLA-1305-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/101
 CVE-2018-6314
@@ -7857,6 +7888,7 @@ CVE-2018-5295 (In PoDoFo 0.9.5, there is an integer overflow in the ...)
 	NOTE: upstream thread: https://sourceforge.net/p/podofo/mailman/message/36180168/
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1889
 CVE-2018-5294 (In libming 0.4.8, there is an integer overflow (caused by an ...)
+	{DLA-1305-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/98
 CVE-2018-5293 (The GD Rating System plugin 2.3 for WordPress has XSS via the ...)
@@ -7948,6 +7980,7 @@ CVE-2018-5253 (The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 
 CVE-2018-5252 (libimageworsener.a in ImageWorsener 1.3.2, when libjpeg 8d is used, has ...)
 	NOT-FOR-US: ImageWorsener
 CVE-2018-5251 (In libming 0.4.8, there is an integer signedness error vulnerability ...)
+	{DLA-1305-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/97
 CVE-2018-5250



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a5fd05573f1b351857c0770566281489cd80e47

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a5fd05573f1b351857c0770566281489cd80e47
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180311/7c9fa4b7/attachment-0001.html>
