[Git][security-tracker-team/security-tracker][master] Track fixes for some linux issues updated in sid branch

Salvatore Bonaccorso carnil at debian.org
Thu Nov 22 05:54:05 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8397b31a by Salvatore Bonaccorso at 2018-11-22T05:53:08Z
Track fixes for some linux issues updated in sid branch

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1405,7 +1405,7 @@ CVE-2018-18956 (The ProcessMimeEntity function in util-decode-mime.c in Suricata
 	NOTE: https://lists.openinfosecfoundation.org/pipermail/oisf-users/2018-October/016227.html
 	NOTE: https://redmine.openinfosecfoundation.org/issues/2658#change-10374
 CVE-2018-18955 (In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() ...)
-	- linux <unfixed>
+	- linux 4.18.20-1
 	[stretch] - linux <not-affected> (Introduced in 4.15-rc1)
 	[jessie] - linux <not-affected> (Introduced in 4.15-rc1)
 	NOTE: https://git.kernel.org/linus/d2f007dbe7e4c9583eea6eb04d60001e85c6f1bd
@@ -1972,7 +1972,7 @@ CVE-2016-10732 (ProjectSend (formerly cFTP) r582 allows authentication bypass vi
 CVE-2016-10731 (ProjectSend (formerly cFTP) r582 allows SQL injection via ...)
 	NOT-FOR-US: ProjectSend
 CVE-2018-18710 (An issue was discovered in the Linux kernel through 4.19. An ...)
-	- linux <unfixed>
+	- linux 4.18.20-1
 	NOTE: https://git.kernel.org/linus/e4f3aa2e1e67bb48dfbaaf1cad59013d5a5bc276
 CVE-2018-18705 (PhpTpoint hospital management system suffers from multiple SQL ...)
 	NOT-FOR-US: PhpTpoint hospital management system
@@ -2664,7 +2664,7 @@ CVE-2018-18439 (DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffe
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/02/2
 	NOTE: No security impact as supported/packaged in Debian
 CVE-2018-18445 (In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before ...)
-	- linux <unfixed>
+	- linux 4.18.20-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1686
@@ -3028,7 +3028,7 @@ CVE-2018-18283
 CVE-2018-18282 (Next.js 7.0.0 and 7.0.1 has XSS via the 404 or 500 /_error page. ...)
 	NOT-FOR-US: Next.js
 CVE-2018-18281 (Since Linux kernel version 3.2, the mremap() syscall performs TLB ...)
-	- linux <unfixed>
+	- linux 4.18.20-1
 	NOTE: https://git.kernel.org/linus/eb66ae030829605d61fbef1909ce310e29f78821
 CVE-2018-18280
 	RESERVED
@@ -3934,7 +3934,7 @@ CVE-2018-17971
 CVE-2018-17970
 	RESERVED
 CVE-2018-17972 (An issue was discovered in the proc_pid_stack function in ...)
-	- linux <unfixed>
+	- linux 4.18.20-1
 	NOTE: https://marc.info/?l=linux-fsdevel&m=153806242024956&w=2
 	NOTE: https://git.kernel.org/linus/f8a00cef17206ecd1b30d3d9f99e10d9fa707aa7
 CVE-2018-17969 (Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote ...)
@@ -16005,7 +16005,7 @@ CVE-2018-13055 (A cross-site scripting (XSS) vulnerability in the View Filters p
 	NOTE: https://mantisbt.org/blog/archives/mantisbt/602
 	NOTE: https://mantisbt.org/bugs/view.php?id=24580
 CVE-2018-13053 (The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the ...)
-	- linux <unfixed>
+	- linux 4.18.20-1
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200303
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=5f936e19cc0ef97dbe3a56e9498922ad5ba1edef
@@ -16391,7 +16391,7 @@ CVE-2018-12898
 CVE-2018-12897 (SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer ...)
 	NOT-FOR-US: SolarWinds DameWare Mini Remote Control
 CVE-2018-12896 (An issue was discovered in the Linux kernel through 4.17.3. An Integer ...)
-	- linux <unfixed>
+	- linux 4.18.20-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200189
 	NOTE: https://github.com/lcytxw/bug_repro/tree/master/bug_200189
 	NOTE: https://github.com/torvalds/linux/commit/78c9c4dfbf8c04883941445a195276bb4bb92c76



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8397b31a911394d64b54c85c3ba5de3a356162d4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8397b31a911394d64b54c85c3ba5de3a356162d4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181122/580734b5/attachment.html>

More information about the debian-security-tracker-commits mailing list