[Git][security-tracker-team/security-tracker][master] new ckeditor issue
Moritz Muehlenhoff
jmm at debian.org
Wed Nov 14 16:05:23 GMT 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
52b5824e by Moritz Muehlenhoff at 2018-11-14T16:04:49Z
new ckeditor issue
libwpd, tiff no-dsa
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2018-XXXX [ckeditor XSS]
+ - ckeditor 4.11.1+dfsg-1 (low)
+ [stretch] - ckeditor <no-dsa> (Minor issue)
+ - fckeditor <removed>
CVE-2019-0185
RESERVED
CVE-2019-0184
@@ -335,6 +339,7 @@ CVE-2018-19211 (In ncurses 6.1, there is a NULL pointer dereference at function
TODO: check
CVE-2018-19210 (In LibTIFF 4.0.9, there is a NULL pointer dereference in the ...)
- tiff <unfixed> (bug #913675)
+ [stretch] - tiff <no-dsa> (Minor issue)
- tiff3 <removed>
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2820
CVE-2018-19209 (Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the ...)
@@ -343,6 +348,7 @@ CVE-2018-19209 (Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference
NOTE: No security impact, crash in CLI tool
CVE-2018-19208 (In libwpd 0.10.2, there is a NULL pointer dereference in the function ...)
- libwpd <unfixed> (low; bug #913702)
+ [stretch] - libwpd <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643752
NOTE: Patch used in Fedora: https://src.fedoraproject.org/rpms/libwpd/raw/e42834b844f3282d8ccb0889abf1b33f3f71e02f/f/0001-Resolves-rhbz-1643752-bounds-check-m_currentTable-ac.patch
CVE-2018-19204 (PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/52b5824eb2528eebeea4b039fab2080f6f63cf6a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/52b5824eb2528eebeea4b039fab2080f6f63cf6a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181114/2ecbc283/attachment.html>
More information about the debian-security-tracker-commits
mailing list