[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Sat Mar 31 20:10:24 UTC 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
56821d17 by security tracker role at 2018-03-31T20:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,21 @@
+CVE-2018-9158
+	RESERVED
+CVE-2018-9157
+	RESERVED
+CVE-2018-9156
+	RESERVED
+CVE-2018-9155
+	RESERVED
+CVE-2018-9154
+	RESERVED
+CVE-2018-9153
+	RESERVED
+CVE-2017-18255 (The perf_cpu_time_max_percent_handler function in kernel/events/core.c ...)
+	TODO: check
+CVE-2015-9259
+	RESERVED
+CVE-2015-9258
+	RESERVED
 CVE-2018-9152
 	RESERVED
 CVE-2018-9151 (A NULL pointer dereference bug in the function ...)
@@ -30539,7 +30557,7 @@ CVE-2017-15133 (A denial of service flaw was found in miekg-dns before 1.0.4. A 
 	NOTE: https://github.com/miekg/dns/issues/627
 	NOTE: https://github.com/miekg/dns/pull/631
 CVE-2017-15132 (A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of ...)
-	{DSA-4130-1}
+	{DSA-4130-1 DLA-1333-1}
 	- dovecot 1:2.2.34-1 (bug #888432)
 	NOTE: Fixed by: https://github.com/dovecot/core/commit/1a29ed2f96da1be22fa5a4d96c7583aa81b8b060.patch
 	NOTE: Regression fix needed on top: https://github.com/dovecot/core/commit/a9b135760aea6d1790d447d351c56b78889dac22
@@ -30557,7 +30575,7 @@ CVE-2017-15131 (It was found that system umask policy is not being honored when 
 	NOTE: Enforcements can be achieved e.g. by using pam_umask.
 	NOTE: http://bugs.freedesktop.org/show_bug.cgi?id=102303
 CVE-2017-15130 (A denial of service flaw was found in dovecot before 2.2.34. An ...)
-	{DSA-4130-1}
+	{DSA-4130-1 DLA-1333-1}
 	- dovecot 1:2.2.34-1 (bug #891820)
 	NOTE: https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
 	NOTE: https://github.com/dovecot/core/commit/22311315b9f780211329c1522eb5aaa4faaa9391
@@ -32811,7 +32829,7 @@ CVE-2017-14463
 CVE-2017-14462
 	RESERVED
 CVE-2017-14461 (A specially crafted email delivered over SMTP and passed on to Dovecot ...)
-	{DSA-4130-1}
+	{DSA-4130-1 DLA-1333-1}
 	- dovecot 1:2.2.34-1 (bug #891819)
 	NOTE: https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
 	NOTE: https://github.com/dovecot/core/commit/30dc856f7b97b75b0e0d69f5003d5d99a13249b4
@@ -53397,11 +53415,13 @@ CVE-2017-7653
 	RESERVED
 CVE-2017-7652
 	RESERVED
+	{DLA-1334-1}
 	- mosquitto 1.4.15-1
 	NOTE: Patches: https://mosquitto.org/files/cve/2017-7652
 	NOTE: http://mosquitto.org/blog/2018/02/security-advisory-cve-2017-7651-cve-2017-7652/
 CVE-2017-7651
 	RESERVED
+	{DLA-1334-1}
 	- mosquitto 1.4.15-1
 	NOTE: Patches: https://mosquitto.org/files/cve/2017-7651
 	NOTE: http://mosquitto.org/blog/2018/02/security-advisory-cve-2017-7651-cve-2017-7652/



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/56821d177e3963fffa8ae392d3a6ca8739e63c65

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/56821d177e3963fffa8ae392d3a6ca8739e63c65
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180331/b7d9f46c/attachment.html>
