[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Wed Nov 14 08:10:25 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3d362286 by security tracker role at 2018-11-14T08:10:16Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -390,16 +390,16 @@ CVE-2018-19192 (An issue was discovered in XiaoCms 20141229. ...)
 	NOT-FOR-US: XiaoCms
 CVE-2018-19191
 	RESERVED
-CVE-2018-19190
-	RESERVED
-CVE-2018-19189
-	RESERVED
-CVE-2018-19188
-	RESERVED
-CVE-2018-19187
-	RESERVED
-CVE-2018-19186
-	RESERVED
+CVE-2018-19190 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through ...)
+	TODO: check
+CVE-2018-19189 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through ...)
+	TODO: check
+CVE-2018-19188 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through ...)
+	TODO: check
+CVE-2018-19187 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through ...)
+	TODO: check
+CVE-2018-19186 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through ...)
+	TODO: check
 CVE-2018-19185 (An issue has been found in libIEC61850 v1.3. It is a heap-based buffer ...)
 	NOT-FOR-US: libIEC61850
 CVE-2018-19184 (cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attackers to ...)
@@ -4247,8 +4247,8 @@ CVE-2018-17616 (This vulnerability allows remote attackers to execute arbitrary
 	NOT-FOR-US: Foxit Reader
 CVE-2018-17615 (This vulnerability allows remote attackers to execute arbitrary code ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17614
-	RESERVED
+CVE-2018-17614 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
 CVE-2018-17613 (Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is ...)
 	- telegram-desktop <unfixed>
 	NOTE: https://www.inputzero.io/2018/09/telegram-share-password-in-cleartext.html
@@ -7037,14 +7037,12 @@ CVE-2018-16473 (A path traversal in takeapeek module versions <=0.2.2 allows
 	NOT-FOR-US: takeapeek
 CVE-2018-16472 (A prototype pollution attack in cached-path-relative versions <=1.0.1 ...)
 	NOT-FOR-US: cached-path-relative
-CVE-2018-16471 [Possible XSS vulnerability in Rack]
-	RESERVED
+CVE-2018-16471 (There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. ...)
 	- ruby-rack <unfixed> (bug #913005)
 	NOTE: Fixed by: https://github.com/rack/rack/commit/e5d58031b766e49687157b45edab1b8457d972bd (master)
 	NOTE: Fixed by: https://github.com/rack/rack/commit/8376dd11e6526a53432ee59b7a5d092bda9fc901 (2.0.6)
 	NOTE: Fixed by: https://github.com/rack/rack/commit/97ca63d87d88b4088fb1995b14103d4fe6a5e594 (1.6.11)
-CVE-2018-16470 [Possible DoS vulnerability in Rack]
-	RESERVED
+CVE-2018-16470 (There is a possible DoS vulnerability in the multipart parser in Rack ...)
 	[experimental] - ruby-rack <unfixed> (bug #913003)
 	- ruby-rack <not-affected> (Only affects >= 2.0.4)
 	NOTE: Introduced by: https://github.com/rack/rack/commit/c43217a81917de03aa6ceb1aa485ae69b8bb4598 (2.0.4)
@@ -21712,6 +21710,7 @@ CVE-2018-10863
 CVE-2018-10862 (WildFly Core before version 6.0.0.Alpha3 does not properly validate ...)
 	- wildfly <itp> (bug #752018)
 CVE-2018-10861 (A flaw was found in the way ceph mon handles user requests. Any ...)
+	{DSA-4339-1}
 	- ceph 12.2.8+dfsg1-1 (bug #913470)
 	[jessie] - ceph <no-dsa> (Intrusive changes)
 	NOTE: http://tracker.ceph.com/issues/24838
@@ -27544,26 +27543,26 @@ CVE-2018-8611
 	RESERVED
 CVE-2018-8610
 	RESERVED
-CVE-2018-8609
-	RESERVED
-CVE-2018-8608
-	RESERVED
-CVE-2018-8607
-	RESERVED
-CVE-2018-8606
-	RESERVED
-CVE-2018-8605
-	RESERVED
+CVE-2018-8609 (A remote code execution vulnerability exists in Microsoft Dynamics 365 ...)
+	TODO: check
+CVE-2018-8608 (A cross site scripting vulnerability exists when Microsoft Dynamics ...)
+	TODO: check
+CVE-2018-8607 (A cross site scripting vulnerability exists when Microsoft Dynamics ...)
+	TODO: check
+CVE-2018-8606 (A cross site scripting vulnerability exists when Microsoft Dynamics ...)
+	TODO: check
+CVE-2018-8605 (A cross site scripting vulnerability exists when Microsoft Dynamics ...)
+	TODO: check
 CVE-2018-8604
 	RESERVED
 CVE-2018-8603
 	RESERVED
-CVE-2018-8602
-	RESERVED
+CVE-2018-8602 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
+	TODO: check
 CVE-2018-8601
 	RESERVED
-CVE-2018-8600
-	RESERVED
+CVE-2018-8600 (A Cross-site Scripting (XSS) vulnerability exists when Azure App ...)
+	TODO: check
 CVE-2018-8599
 	RESERVED
 CVE-2018-8598
@@ -27578,114 +27577,114 @@ CVE-2018-8594
 	RESERVED
 CVE-2018-8593
 	RESERVED
-CVE-2018-8592
-	RESERVED
+CVE-2018-8592 (An elevation of privilege vulnerability exists in Windows 10 version ...)
+	TODO: check
 CVE-2018-8591
 	RESERVED
 CVE-2018-8590
 	RESERVED
-CVE-2018-8589
-	RESERVED
-CVE-2018-8588
-	RESERVED
+CVE-2018-8589 (An elevation of privilege vulnerability exists when Windows improperly ...)
+	TODO: check
+CVE-2018-8588 (A remote code execution vulnerability exists in the way that the ...)
+	TODO: check
 CVE-2018-8587
 	RESERVED
 CVE-2018-8586
 	RESERVED
 CVE-2018-8585
 	RESERVED
-CVE-2018-8584
-	RESERVED
+CVE-2018-8584 (An elevation of privilege vulnerability exists when Windows improperly ...)
+	TODO: check
 CVE-2018-8583
 	RESERVED
-CVE-2018-8582
-	RESERVED
-CVE-2018-8581
-	RESERVED
+CVE-2018-8582 (A remote code execution vulnerability exists in the way that Microsoft ...)
+	TODO: check
+CVE-2018-8581 (An elevation of privilege vulnerability exists in Microsoft Exchange ...)
+	TODO: check
 CVE-2018-8580
 	RESERVED
-CVE-2018-8579
-	RESERVED
-CVE-2018-8578
-	RESERVED
-CVE-2018-8577
-	RESERVED
-CVE-2018-8576
-	RESERVED
-CVE-2018-8575
-	RESERVED
-CVE-2018-8574
-	RESERVED
-CVE-2018-8573
-	RESERVED
-CVE-2018-8572
-	RESERVED
+CVE-2018-8579 (An information disclosure vulnerability exists when attaching files to ...)
+	TODO: check
+CVE-2018-8578 (An information disclosure vulnerability exists when Microsoft ...)
+	TODO: check
+CVE-2018-8577 (A remote code execution vulnerability exists in Microsoft Excel ...)
+	TODO: check
+CVE-2018-8576 (A remote code execution vulnerability exists in Microsoft Outlook ...)
+	TODO: check
+CVE-2018-8575 (A remote code execution vulnerability exists in Microsoft Project ...)
+	TODO: check
+CVE-2018-8574 (A remote code execution vulnerability exists in Microsoft Excel ...)
+	TODO: check
+CVE-2018-8573 (A remote code execution vulnerability exists in Microsoft Word ...)
+	TODO: check
+CVE-2018-8572 (An elevation of privilege vulnerability exists when Microsoft ...)
+	TODO: check
 CVE-2018-8571
 	RESERVED
-CVE-2018-8570
-	RESERVED
+CVE-2018-8570 (A remote code execution vulnerability exists when Internet Explorer ...)
+	TODO: check
 CVE-2018-8569 (A remote code execution vulnerability exists in the Yammer desktop ...)
 	NOT-FOR-US: Yammer
-CVE-2018-8568
-	RESERVED
-CVE-2018-8567
-	RESERVED
-CVE-2018-8566
-	RESERVED
-CVE-2018-8565
-	RESERVED
-CVE-2018-8564
-	RESERVED
-CVE-2018-8563
-	RESERVED
-CVE-2018-8562
-	RESERVED
-CVE-2018-8561
-	RESERVED
+CVE-2018-8568 (An elevation of privilege vulnerability exists when Microsoft ...)
+	TODO: check
+CVE-2018-8567 (An elevation of privilege vulnerability exists when Microsoft Edge ...)
+	TODO: check
+CVE-2018-8566 (A security feature bypass vulnerability exists when Windows improperly ...)
+	TODO: check
+CVE-2018-8565 (An information disclosure vulnerability exists when the win32k ...)
+	TODO: check
+CVE-2018-8564 (A spoofing vulnerability exists when Microsoft Edge improperly handles ...)
+	TODO: check
+CVE-2018-8563 (An information disclosure vulnerability exists when DirectX improperly ...)
+	TODO: check
+CVE-2018-8562 (An elevation of privilege vulnerability exists in Windows when the ...)
+	TODO: check
+CVE-2018-8561 (An elevation of privilege vulnerability exists when DirectX improperly ...)
+	TODO: check
 CVE-2018-8560
 	RESERVED
 CVE-2018-8559
 	RESERVED
-CVE-2018-8558
-	RESERVED
-CVE-2018-8557
-	RESERVED
-CVE-2018-8556
-	RESERVED
-CVE-2018-8555
-	RESERVED
-CVE-2018-8554
-	RESERVED
-CVE-2018-8553
-	RESERVED
-CVE-2018-8552
-	RESERVED
-CVE-2018-8551
-	RESERVED
-CVE-2018-8550
-	RESERVED
-CVE-2018-8549
-	RESERVED
+CVE-2018-8558 (An information disclosure vulnerability exists when Microsoft Outlook ...)
+	TODO: check
+CVE-2018-8557 (A remote code execution vulnerability exists in the way that the ...)
+	TODO: check
+CVE-2018-8556 (A remote code execution vulnerability exists in the way that the ...)
+	TODO: check
+CVE-2018-8555 (A remote code execution vulnerability exists in the way that the ...)
+	TODO: check
+CVE-2018-8554 (An elevation of privilege vulnerability exists when DirectX improperly ...)
+	TODO: check
+CVE-2018-8553 (A remote code execution vulnerability exists in the way that Microsoft ...)
+	TODO: check
+CVE-2018-8552 (An information disclosure vulnerability exists when VBScript ...)
+	TODO: check
+CVE-2018-8551 (A remote code execution vulnerability exists in the way that the ...)
+	TODO: check
+CVE-2018-8550 (An elevation of privilege exists in Windows COM Aggregate Marshaler, ...)
+	TODO: check
+CVE-2018-8549 (A security feature bypass exists when Windows incorrectly validates ...)
+	TODO: check
 CVE-2018-8548
 	RESERVED
-CVE-2018-8547
-	RESERVED
-CVE-2018-8546
-	RESERVED
-CVE-2018-8545
-	RESERVED
-CVE-2018-8544
-	RESERVED
-CVE-2018-8543
-	RESERVED
-CVE-2018-8542
-	RESERVED
-CVE-2018-8541
-	RESERVED
+CVE-2018-8547 (A cross-site-scripting (XSS) vulnerability exists when an open source ...)
+	TODO: check
+CVE-2018-8546 (A denial of service vulnerability exists in Skype for Business, aka ...)
+	TODO: check
+CVE-2018-8545 (An information disclosure vulnerability exists in the way that ...)
+	TODO: check
+CVE-2018-8544 (A remote code execution vulnerability exists in the way that the ...)
+	TODO: check
+CVE-2018-8543 (A remote code execution vulnerability exists in the way that the ...)
+	TODO: check
+CVE-2018-8542 (A remote code execution vulnerability exists in the way that the ...)
+	TODO: check
+CVE-2018-8541 (A remote code execution vulnerability exists in the way that the ...)
+	TODO: check
 CVE-2018-8540
 	RESERVED
-CVE-2018-8539
-	RESERVED
+CVE-2018-8539 (A remote code execution vulnerability exists in Microsoft Word ...)
+	TODO: check
 CVE-2018-8538
 	RESERVED
 CVE-2018-8537
@@ -27714,12 +27713,12 @@ CVE-2018-8526
 	RESERVED
 CVE-2018-8525
 	RESERVED
-CVE-2018-8524
-	RESERVED
+CVE-2018-8524 (A remote code execution vulnerability exists in Microsoft Outlook ...)
+	TODO: check
 CVE-2018-8523
 	RESERVED
-CVE-2018-8522
-	RESERVED
+CVE-2018-8522 (A remote code execution vulnerability exists in Microsoft Outlook ...)
+	TODO: check
 CVE-2018-8521
 	RESERVED
 CVE-2018-8520
@@ -27792,8 +27791,8 @@ CVE-2018-8487
 	RESERVED
 CVE-2018-8486 (An information disclosure vulnerability exists when DirectX improperly ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8485
-	RESERVED
+CVE-2018-8485 (An elevation of privilege vulnerability exists when DirectX improperly ...)
+	TODO: check
 CVE-2018-8484 (An elevation of privilege vulnerability exists when the DirectX ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8483
@@ -27810,8 +27809,8 @@ CVE-2018-8478
 	RESERVED
 CVE-2018-8477
 	RESERVED
-CVE-2018-8476
-	RESERVED
+CVE-2018-8476 (A remote code execution vulnerability exists in the way that Windows ...)
+	TODO: check
 CVE-2018-8475 (A remote code execution vulnerability exists when Windows does not ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8474 (A security feature bypass vulnerability exists when Lync for Mac 2011 ...)
@@ -27820,8 +27819,8 @@ CVE-2018-8473 (A remote code execution vulnerability exists when Microsoft Edge
 	NOT-FOR-US: Microsoft
 CVE-2018-8472 (An information disclosure vulnerability exists in the way that the ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8471
-	RESERVED
+CVE-2018-8471 (An elevation of privilege vulnerability exists in the way that the ...)
+	TODO: check
 CVE-2018-8470 (A security feature bypass vulnerability exists in Internet Explorer ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8469 (An elevation of privilege vulnerability exists in Microsoft Edge that ...)
@@ -27854,16 +27853,16 @@ CVE-2018-8456 (A remote code execution vulnerability exists in the way that the
 	NOT-FOR-US: Microsoft
 CVE-2018-8455 (An elevation of privilege vulnerability exists in the way that the ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8454
-	RESERVED
+CVE-2018-8454 (An information disclosure vulnerability exists when Windows Audio ...)
+	TODO: check
 CVE-2018-8453 (An elevation of privilege vulnerability exists in Windows when the ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8452 (An information disclosure vulnerability exists when the scripting ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8451
 	RESERVED
-CVE-2018-8450
-	RESERVED
+CVE-2018-8450 (A remote code execution vulnerability exists when Windows Search ...)
+	TODO: check
 CVE-2018-8449 (A security feature bypass exists when Device Guard incorrectly ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8448 (An elevation of privilege vulnerability exists when Microsoft Exchange ...)
@@ -27928,12 +27927,12 @@ CVE-2018-8419 (An information disclosure vulnerability exists when the Windows k
 	NOT-FOR-US: Microsoft
 CVE-2018-8418
 	RESERVED
-CVE-2018-8417
-	RESERVED
-CVE-2018-8416
-	RESERVED
-CVE-2018-8415
-	RESERVED
+CVE-2018-8417 (A security feature bypass vulnerability exists in Microsoft JScript ...)
+	TODO: check
+CVE-2018-8416 (A tampering vulnerability exists when .NET Core improperly handles ...)
+	TODO: check
+CVE-2018-8415 (A tampering vulnerability exists in PowerShell that could allow an ...)
+	TODO: check
 CVE-2018-8414 (A remote code execution vulnerability exists when the Windows Shell ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8413 (A remote code execution vulnerability exists when "Windows Theme API" ...)
@@ -27946,10 +27945,10 @@ CVE-2018-8410 (An elevation of privilege vulnerability exists when the Windows K
 	NOT-FOR-US: Microsoft
 CVE-2018-8409 (A denial of service vulnerability exists when System.IO.Pipelines ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8408
-	RESERVED
-CVE-2018-8407
-	RESERVED
+CVE-2018-8408 (An information disclosure vulnerability exists when the Windows kernel ...)
+	TODO: check
+CVE-2018-8407 (An information disclosure vulnerability exists when "Kernel Remote ...)
+	TODO: check
 CVE-2018-8406 (An elevation of privilege vulnerability exists when the DirectX ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8405 (An elevation of privilege vulnerability exists when the DirectX ...)
@@ -28251,8 +28250,8 @@ CVE-2018-8258
 	RESERVED
 CVE-2018-8257
 	RESERVED
-CVE-2018-8256
-	RESERVED
+CVE-2018-8256 (A remote code execution vulnerability exists when PowerShell ...)
+	TODO: check
 CVE-2018-8255
 	RESERVED
 CVE-2018-8254 (An elevation of privilege vulnerability exists when Microsoft ...)
@@ -28945,8 +28944,7 @@ CVE-2018-8010 (This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0
 	NOTE: Versions 5.x and earlier are not affected by the vulnerability, since
 	NOTE: those versions do not allow to upload configsets via the API.
 	NOTE: https://issues.apache.org/jira/browse/SOLR-12316
-CVE-2018-8009
-	RESERVED
+CVE-2018-8009 (Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to ...)
 	- hadoop <itp> (bug #793644)
 CVE-2018-8008 (Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version ...)
 	NOT-FOR-US: Apache Storm
@@ -32176,8 +32174,8 @@ CVE-2018-6981
 	RESERVED
 	NOT-FOR-US: VMware
 	NOTE: https://seclists.org/bugtraq/2018/Nov/12
-CVE-2018-6980
-	RESERVED
+CVE-2018-6980 (VMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before ...)
+	TODO: check
 CVE-2018-6979 (The VMware Workspace ONE Unified Endpoint Management Console (A/W ...)
 	NOT-FOR-US: VMware
 CVE-2018-6978
@@ -45759,44 +45757,44 @@ CVE-2018-2493
 	RESERVED
 CVE-2018-2492
 	RESERVED
-CVE-2018-2491
-	RESERVED
-CVE-2018-2490
-	RESERVED
-CVE-2018-2489
-	RESERVED
-CVE-2018-2488
-	RESERVED
-CVE-2018-2487
-	RESERVED
+CVE-2018-2491 (When opening a deep link URL in SAP Fiori Client with log level set to ...)
+	TODO: check
+CVE-2018-2490 (The broadcast messages received by SAP Fiori Client are not protected ...)
+	TODO: check
+CVE-2018-2489 (Locally, without any permission, an arbitrary android application ...)
+	TODO: check
+CVE-2018-2488 (It is possible for a malware application installed on an Android ...)
+	TODO: check
+CVE-2018-2487 (SAP Disclosure Management 10.x allows an attacker to exploit through a ...)
+	TODO: check
 CVE-2018-2486
 	RESERVED
-CVE-2018-2485
-	RESERVED
+CVE-2018-2485 (It is possible for a malicious application or malware to execute ...)
+	TODO: check
 CVE-2018-2484
 	RESERVED
-CVE-2018-2483
-	RESERVED
-CVE-2018-2482
-	RESERVED
-CVE-2018-2481
-	RESERVED
+CVE-2018-2483 (HTTP Verb Tampering is possible in SAP BusinessObjects Business ...)
+	TODO: check
+CVE-2018-2482 (SAP Mobile Secure Android Application, Mobile-secure.apk Android ...)
+	TODO: check
+CVE-2018-2481 (In some SAP standard roles, in SAP_ABA versions, 7.00 to 7.02, 7.10 to ...)
+	TODO: check
 CVE-2018-2480
 	RESERVED
-CVE-2018-2479
-	RESERVED
-CVE-2018-2478
-	RESERVED
-CVE-2018-2477
-	RESERVED
-CVE-2018-2476
-	RESERVED
+CVE-2018-2479 (SAP BusinessObjects Business Intelligence Platform (BIWorkspace), ...)
+	TODO: check
+CVE-2018-2478 (An attacker can use specially crafted inputs to execute commands on ...)
+	TODO: check
+CVE-2018-2477 (Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, ...)
+	TODO: check
+CVE-2018-2476 (Due to insufficient URL Validation in forums in SAP NetWeaver versions ...)
+	TODO: check
 CVE-2018-2475 (Following the Gardener architecture, the Kubernetes apiserver of a ...)
 	NOT-FOR-US: SAP
 CVE-2018-2474 (SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) ...)
 	NOT-FOR-US: SAP
-CVE-2018-2473
-	RESERVED
+CVE-2018-2473 (SAP BusinessObjects Business Intelligence Platform Server, versions ...)
+	TODO: check
 CVE-2018-2472 (SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 (Web ...)
 	NOT-FOR-US: SAP
 CVE-2018-2471 (Under certain conditions SAP BusinessObjects Business Intelligence ...)
@@ -49582,6 +49580,7 @@ CVE-2018-1130 (Linux kernel before version 4.16-rc7 is vulnerable to a null poin
 	[stretch] - linux 4.9.107-1
 	NOTE: Fixed by: https://git.kernel.org/linus/67f93df79aeefc3add4e4b31a752600f834236e2
 CVE-2018-1129 (A flaw was found in the way signature calculation was handled by cephx ...)
+	{DSA-4339-1}
 	- linux <unfixed>
 	[jessie] - linux <not-affected> (Message signatures not implemented)
 	NOTE: https://git.kernel.org/linus/cc255c76c70f7a87d97939621eae04b600d9f4a1
@@ -49590,6 +49589,7 @@ CVE-2018-1129 (A flaw was found in the way signature calculation was handled by
 	NOTE: http://tracker.ceph.com/issues/24837
 	NOTE: https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587
 CVE-2018-1128 (It was found that cephx authentication protocol did not verify ceph ...)
+	{DSA-4339-1}
 	- linux <unfixed>
 	[jessie] - linux <ignored> (Protocol change is too difficult)
 	NOTE: https://git.kernel.org/linus/6daca13d2e72bedaaacfc08f873114c9307d5aea
@@ -82368,6 +82368,7 @@ CVE-2017-7520 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to
 	NOTE: https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/21/6
 CVE-2017-7519 (In Ceph, a format string flaw was found in the way libradosstriper ...)
+	{DSA-4339-1}
 	- ceph 12.2.8+dfsg1-1 (bug #864535)
 	[jessie] - ceph <not-affected> (Vulnerable code not present)
 	NOTE: http://tracker.ceph.com/issues/20240



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3d3622867c8689e698ad0e4f9b826ef134727072

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3d3622867c8689e698ad0e4f9b826ef134727072
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181114/c6bf66b8/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list