[Git][security-tracker-team/security-tracker][master] automatic update

Wed Nov 21 20:10:40 GMT 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
08c3bb4a by security tracker role at 2018-11-21T20:10:30Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2018-19417 (An issue was discovered in the MQTT server in Contiki-NG before 4.2. ...)
+	TODO: check
+CVE-2018-19416 (An issue was discovered in sysstat 12.1.1. The remap_struct function in ...)
+	TODO: check
+CVE-2018-19415
+	RESERVED
+CVE-2018-19414
+	RESERVED
+CVE-2018-19413
+	RESERVED
+CVE-2018-19412
+	RESERVED
+CVE-2018-19411 (PRTG Network Monitor before 18.2.40.1683 allows an authenticated user ...)
+	TODO: check
+CVE-2018-19410 (PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated ...)
+	TODO: check
+CVE-2018-19409 (An issue was discovered in Artifex Ghostscript before 9.26. ...)
+	TODO: check
+CVE-2009-5153 (In Novell NetWare before 6.5 SP8, a stack buffer overflow in processing ...)
+	TODO: check
 CVE-2018-19408
 	RESERVED
 CVE-2018-19407 (The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel ...)
@@ -1323,6 +1343,7 @@ CVE-2018-18982
 CVE-2018-18981
 	RESERVED
 CVE-2014-10077 (Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 ...)
+	{DLA-1584-1}
 	- ruby-i18n 0.7.0-3 (bug #913093)
 	[stretch] - ruby-i18n <no-dsa> (Minor issue)
 	NOTE: https://github.com/svenfuchs/i18n/pull/289
@@ -5014,6 +5035,7 @@ CVE-2018-17480
 	RESERVED
 CVE-2018-17479
 	RESERVED
+	{DSA-4342-1}
 	- chromium-browser 70.0.3538.110-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 CVE-2018-17478
@@ -7515,6 +7537,7 @@ CVE-2018-16473 (A path traversal in takeapeek module versions <=0.2.2 allows
 CVE-2018-16472 (A prototype pollution attack in cached-path-relative versions <=1.0.1 ...)
 	NOT-FOR-US: cached-path-relative
 CVE-2018-16471 (There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. ...)
+	{DLA-1585-1}
 	- ruby-rack 1.6.4-6 (bug #913005)
 	[stretch] - ruby-rack <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/rack/rack/commit/e5d58031b766e49687157b45edab1b8457d972bd (master)
@@ -47578,8 +47601,8 @@ CVE-2018-1845
 	RESERVED
 CVE-2018-1844 (IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a XML ...)
 	NOT-FOR-US: IBM
-CVE-2018-1843
-	RESERVED
+CVE-2018-1843 (The Identity and Access Management (IAM) services (IBM Cloud Private ...)
+	TODO: check
 CVE-2018-1842 (IBM Cognos Analytics 11 Configuration tool, under certain ...)
 	NOT-FOR-US: IBM
 CVE-2018-1841 (IBM Cloud Private 2.1.0 could allow a local user to obtain the CA ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/08c3bb4a42b5d159445d01d5b60c56045f44970f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/08c3bb4a42b5d159445d01d5b60c56045f44970f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181121/1bf0cfb5/attachment.html>
