[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed Oct 3 09:10:38 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dee74f8c by security tracker role at 2018-10-03T08:10:29Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,119 @@
+CVE-2018-17945
+ RESERVED
+CVE-2018-17944
+ RESERVED
+CVE-2018-17943
+ RESERVED
+CVE-2018-17942
+ RESERVED
+CVE-2018-17941
+ RESERVED
+CVE-2018-17940
+ RESERVED
+CVE-2018-17939
+ RESERVED
+CVE-2018-17938
+ RESERVED
+CVE-2018-17937
+ RESERVED
+CVE-2018-17936
+ RESERVED
+CVE-2018-17935
+ RESERVED
+CVE-2018-17934
+ RESERVED
+CVE-2018-17933
+ RESERVED
+CVE-2018-17932
+ RESERVED
+CVE-2018-17931
+ RESERVED
+CVE-2018-17930
+ RESERVED
+CVE-2018-17929
+ RESERVED
+CVE-2018-17928
+ RESERVED
+CVE-2018-17927
+ RESERVED
+CVE-2018-17926
+ RESERVED
+CVE-2018-17925
+ RESERVED
+CVE-2018-17924
+ RESERVED
+CVE-2018-17923
+ RESERVED
+CVE-2018-17922
+ RESERVED
+CVE-2018-17921
+ RESERVED
+CVE-2018-17920
+ RESERVED
+CVE-2018-17919
+ RESERVED
+CVE-2018-17918
+ RESERVED
+CVE-2018-17917
+ RESERVED
+CVE-2018-17916
+ RESERVED
+CVE-2018-17915
+ RESERVED
+CVE-2018-17914
+ RESERVED
+CVE-2018-17913
+ RESERVED
+CVE-2018-17912
+ RESERVED
+CVE-2018-17911
+ RESERVED
+CVE-2018-17910
+ RESERVED
+CVE-2018-17909
+ RESERVED
+CVE-2018-17908
+ RESERVED
+CVE-2018-17907
+ RESERVED
+CVE-2018-17906
+ RESERVED
+CVE-2018-17905
+ RESERVED
+CVE-2018-17904
+ RESERVED
+CVE-2018-17903
+ RESERVED
+CVE-2018-17902
+ RESERVED
+CVE-2018-17901
+ RESERVED
+CVE-2018-17900
+ RESERVED
+CVE-2018-17899
+ RESERVED
+CVE-2018-17898
+ RESERVED
+CVE-2018-17897
+ RESERVED
+CVE-2018-17896
+ RESERVED
+CVE-2018-17895
+ RESERVED
+CVE-2018-17894
+ RESERVED
+CVE-2018-17893
+ RESERVED
+CVE-2018-17892
+ RESERVED
+CVE-2018-17891
+ RESERVED
+CVE-2018-17890
+ RESERVED
+CVE-2018-17889
+ RESERVED
+CVE-2018-17888
+ RESERVED
CVE-2018-17887
RESERVED
CVE-2018-17886 (An issue was discovered in JEESNS 1.3. The XSS filter in ...)
@@ -1513,7 +1629,7 @@ CVE-2018-17185
CVE-2018-17184
RESERVED
CVE-2018-17182 (An issue was discovered in the Linux kernel through 4.18.8. The ...)
- {DSA-4308-1}
+ {DSA-4308-1 DLA-1529-1}
- linux 4.18.10-1
NOTE: https://git.kernel.org/linus/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2
NOTE: https://googleprojectzero.blogspot.com/2018/09/a-cache-invalidation-bug-in-linux.html
@@ -2733,7 +2849,7 @@ CVE-2018-16657 (In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP m
NOTE: https://github.com/kamailio/kamailio/commit/d67b2f9874ca23bd69f18df71b8f53b1b6151f6d (5.1)
NOTE: https://github.com/kamailio/kamailio/commit/f07dabffef98c7088cdbc2bd695a4ae7a241b159 (5.0)
CVE-2018-16658 (An issue was discovered in the Linux kernel before 4.18.6. An ...)
- {DSA-4308-1}
+ {DSA-4308-1 DLA-1529-1}
- linux 4.18.6-1
NOTE: Fixed by: https://git.kernel.org/linus/8f3fafc9c2f0ece10832c25f7ffcb07c97a32ad4 (4.19-rc2)
CVE-2018-16656
@@ -3707,7 +3823,7 @@ CVE-2018-16277 (The Image Import function in XWiki through 10.7 has XSS. ...)
CVE-2018-16275 (OPSWAT MetaDefender before v4.11.2 allows CSV injection. ...)
NOT-FOR-US: OPSWAT MetaDefender
CVE-2018-16276 (An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in ...)
- {DSA-4308-1}
+ {DSA-4308-1 DLA-1529-1}
- linux 4.17.8-1
NOTE: Fixed by: https://git.kernel.org/linus/f1e255d60ae66a9f672ff9a207ee6cd8e33d2679 (4.18-rc5)
CVE-2018-16274
@@ -5532,12 +5648,12 @@ CVE-2018-15574 (** DISPUTED ** An issue was discovered in the license editor in
CVE-2018-15573 (** DISPUTED ** An issue was discovered in Reprise License Manager (RLM) ...)
NOT-FOR-US: Reprise License Manager
CVE-2018-15594 (arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles ...)
- {DSA-4308-1}
+ {DSA-4308-1 DLA-1529-1}
- linux 4.17.15-1
NOTE: https://twitter.com/grsecurity/status/1029324426142199808
NOTE: https://git.kernel.org/linus/5800dc5c19f34e6e03b5adab1282535cb102fafd
CVE-2018-15572 (The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c ...)
- {DSA-4308-1}
+ {DSA-4308-1 DLA-1529-1}
- linux 4.17.15-1
NOTE: https://git.kernel.org/linus/fdf82a7856b32d905c39afc85e34364491e46346
CVE-2018-15571 (The Export Users to CSV plugin through 1.1.1 for WordPress allows CSV ...)
@@ -7124,16 +7240,16 @@ CVE-2018-14828
RESERVED
CVE-2018-14827 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A ...)
NOT-FOR-US: Rockwell Automation RSLinx Classic
-CVE-2018-14826
- RESERVED
+CVE-2018-14826 (Entes EMG12 versions 2.57 and prior The application uses a web ...)
+ TODO: check
CVE-2018-14825 (On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 ...)
NOT-FOR-US: Honeywell
CVE-2018-14824 (Delta Electronics Delta Industrial Automation PMSoft v2.11 or prior ...)
NOT-FOR-US: Delta Electronics Delta Industrial Automation PMSoft
CVE-2018-14823 (Fuji Electric V-Server 4.0.3.0 and prior, A stack-based buffer ...)
NOT-FOR-US: Fuji Electric V-Server
-CVE-2018-14822
- RESERVED
+CVE-2018-14822 (Entes EMG12 versions 2.57 and prior an information exposure through ...)
+ TODO: check
CVE-2018-14821 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This ...)
NOT-FOR-US: Rockwell Automation RSLinx Classic
CVE-2018-14820
@@ -7401,7 +7517,7 @@ CVE-2018-14735 (An Information Exposure issue was discovered in Hitachi Command
CVE-2018-14733
RESERVED
CVE-2018-14734 (drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 ...)
- {DSA-4308-1}
+ {DSA-4308-1 DLA-1529-1}
- linux 4.17.14-1
NOTE: https://git.kernel.org/linus/cb2595c1393b4a5211534e6f0a0fbad369e21ad8 (4.18-rc1)
CVE-2018-14732 (An issue was discovered in lib/Server.js in webpack-dev-server before ...)
@@ -7506,7 +7622,7 @@ CVE-2018-14684
CVE-2018-14683
RESERVED
CVE-2018-14678 (An issue was discovered in the Linux kernel through 4.17.11, as used in ...)
- {DSA-4308-1}
+ {DSA-4308-1 DLA-1529-1}
- linux 4.17.14-1
NOTE: https://xenbits.xen.org/xsa/advisory-274.html
NOTE: https://git.kernel.org/linus/b3681dd548d06deb2e1573890829dff4b15abf46
@@ -7647,11 +7763,12 @@ CVE-2018-14635 (When using the Linux bridge ml2 driver, non-privileged tenants a
NOTE: https://bugs.launchpad.net/neutron/+bug/1757482
NOTE: https://git.openstack.org/cgit/openstack/neutron/commit/?id=54aa6e81cb17b33ce4d5d469cc11dec2869c762d
CVE-2018-14634 (An integer overflow flaw was found in the Linux kernel's ...)
+ {DLA-1529-1}
- linux 4.12.6-1
[stretch] - linux 4.9.47-1
NOTE: https://www.openwall.com/lists/oss-security/2018/09/25/4
CVE-2018-14633 (A security flaw was found in the chap_server_compute_md5() function in ...)
- {DSA-4308-1}
+ {DSA-4308-1 DLA-1529-1}
- linux 4.18.10-1
NOTE: https://www.openwall.com/lists/oss-security/2018/09/24/2
CVE-2018-14632 (An out of bound write can occur when patching an Openshift object ...)
@@ -7712,7 +7829,7 @@ CVE-2018-14618 (curl before version 7.61.1 is vulnerable to a buffer overrun in
NOTE: https://github.com/curl/curl/issues/2756
NOTE: https://github.com/curl/curl/commit/57d299a499155d4b327e341c6024e293b0418243
CVE-2018-14617 (An issue was discovered in the Linux kernel through 4.17.10. There is a ...)
- {DSA-4308-1}
+ {DSA-4308-1 DLA-1529-1}
- linux 4.18.8-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200297
NOTE: https://www.spinics.net/lists/linux-fsdevel/msg130021.html
@@ -7743,7 +7860,7 @@ CVE-2018-14610 (An issue was discovered in the Linux kernel through 4.17.10. The
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199837
NOTE: https://patchwork.kernel.org/patch/10503415/
CVE-2018-14609 (An issue was discovered in the Linux kernel through 4.17.10. There is ...)
- {DSA-4308-1}
+ {DSA-4308-1 DLA-1529-1}
- linux 4.18.8-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199833
NOTE: https://patchwork.kernel.org/patch/10500521/
@@ -10744,10 +10861,11 @@ CVE-2018-13408 (An issue was discovered in Jirafeau before 3.4.1. The "sear
CVE-2018-13407 (A CSRF issue was discovered in Jirafeau before 3.4.1. The "delete file" ...)
NOT-FOR-US: Jirafeau
CVE-2018-13406 (An integer overflow in the uvesafb_setcmap function in ...)
+ {DLA-1529-1}
- linux 4.17.6-1
NOTE: https://git.kernel.org/linus/9f645bcc566a1e9f921bdae7528a01ced5bc3713
CVE-2018-13405 (The inode_init_owner function in fs/inode.c in the Linux kernel through ...)
- {DSA-4266-1 DLA-1466-1}
+ {DSA-4266-1 DLA-1529-1 DLA-1466-1}
- linux 4.17.6-1
NOTE: https://git.kernel.org/linus/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7
NOTE: http://www.openwall.com/lists/oss-security/2018/07/13/2
@@ -11423,11 +11541,13 @@ CVE-2018-13095 (An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199915
NOTE: https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=23fcb3340d033d9f081e21e6c12c2db7eaa541d3
CVE-2018-13094 (An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux ...)
+ {DLA-1529-1}
- linux 4.17.14-1
[jessie] - linux-4.9 <unfixed>
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199969
NOTE: https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=bb3d48dcf86a97dc25fe9fc2c11938e19cb4399a
CVE-2018-13093 (An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel ...)
+ {DLA-1529-1}
- linux 4.17.14-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199367
NOTE: https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=afca6c5b2595fc44383919fba740c194b0b76aff
@@ -17459,7 +17579,7 @@ CVE-2018-10903 (A flaw was found in python-cryptography versions between >=1.
NOTE: https://github.com//pyca/cryptography/pull/4342
NOTE: https://github.com/pyca/cryptography/pull/4342/commits/688e0f673bfbf43fa898994326c6877f00ab19ef
CVE-2018-10902 (It was found that the raw midi kernel driver does not protect against ...)
- {DSA-4308-1}
+ {DSA-4308-1 DLA-1529-1}
- linux 4.17.15-1
NOTE: https://git.kernel.org/linus/39675f7a7c7e7702f7d5341f1e0d01db746543a0 (4.18-rc6)
CVE-2018-10901 (A flaw was found in Linux kernel's KVM virtualization subsystem. The ...)
@@ -17542,42 +17662,42 @@ CVE-2018-10885 (In atomic-openshift before version 3.10.9 a malicious network-po
CVE-2018-10884 (Ansible Tower before versions 3.1.8 and 3.2.6 is vulnerable to ...)
NOT-FOR-US: Ansible Tower
CVE-2018-10883 (A flaw was found in the Linux kernel's ext4 filesystem. A local user ...)
- {DLA-1423-1}
+ {DLA-1529-1 DLA-1423-1}
- linux 4.17.3-1
[stretch] - linux 4.9.110-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200071
CVE-2018-10882 (A flaw was found in the Linux kernel's ext4 filesystem. A local user ...)
- {DLA-1423-1}
+ {DLA-1529-1 DLA-1423-1}
- linux 4.17.3-1
[stretch] - linux 4.9.110-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200069
CVE-2018-10881 (A flaw was found in the Linux kernel's ext4 filesystem. A local user ...)
- {DLA-1423-1}
+ {DLA-1529-1 DLA-1423-1}
- linux 4.17.3-1
[stretch] - linux 4.9.110-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200015
CVE-2018-10880 (Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 ...)
- {DLA-1423-1}
+ {DLA-1529-1 DLA-1423-1}
- linux 4.17.3-1
[stretch] - linux 4.9.110-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200005
CVE-2018-10879 (A flaw was found in the Linux kernel's ext4 filesystem. A local user ...)
- {DLA-1423-1}
+ {DLA-1529-1 DLA-1423-1}
- linux 4.17.3-1
[stretch] - linux 4.9.110-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596806
CVE-2018-10878 (A flaw was found in the Linux kernel's ext4 filesystem. A local user ...)
- {DLA-1423-1}
+ {DLA-1529-1 DLA-1423-1}
- linux 4.17.3-1
[stretch] - linux 4.9.110-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199865
CVE-2018-10877 (Linux kernel ext4 filesystem is vulnerable to an out-of-bound access ...)
- {DLA-1423-1}
+ {DLA-1529-1 DLA-1423-1}
- linux 4.17.3-1
[stretch] - linux 4.9.110-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199417
CVE-2018-10876 (A flaw was found in Linux kernel in the ext4 filesystem code. A ...)
- {DLA-1423-1}
+ {DLA-1529-1 DLA-1423-1}
- linux 4.17.3-1
[stretch] - linux 4.9.110-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199403
@@ -19041,7 +19161,7 @@ CVE-2018-10325
CVE-2018-10324
RESERVED
CVE-2018-10323 (The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in ...)
- {DSA-4188-1}
+ {DSA-4188-1 DLA-1529-1}
- linux 4.16.5-1
[wheezy] - linux <ignored> (Too much work to backport)
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199423
@@ -19836,7 +19956,7 @@ CVE-2018-10023 (Catfish CMS V4.7.21 allows XSS via the pinglun parameter to ...)
CVE-2018-10022
RESERVED
CVE-2018-10021 (** DISPUTED ** drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel ...)
- {DLA-1423-1}
+ {DLA-1529-1 DLA-1423-1}
- linux 4.15.17-1
[stretch] - linux 4.9.107-1
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -20970,7 +21090,7 @@ CVE-2018-9517
NOTE: https://source.android.com/security/bulletin/pixel/2018-09-01
CVE-2018-9516
RESERVED
- {DSA-4308-1}
+ {DSA-4308-1 DLA-1529-1}
- linux 4.17.6-1
NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=717adfdaf14704fd3ec7fa2c04520c0723247eac
NOTE: https://source.android.com/security/bulletin/pixel/2018-09-01
@@ -21351,7 +21471,7 @@ CVE-2018-9364
RESERVED
CVE-2018-9363 [HID: Bluetooth: hidp: buffer overflow in hidp_process_report]
RESERVED
- {DSA-4308-1}
+ {DSA-4308-1 DLA-1529-1}
- linux 4.17.15-1
CVE-2018-9362
RESERVED
@@ -25475,7 +25595,7 @@ CVE-2017-18222 (In the Linux kernel before 4.12, Hisilicon Network Subsystem (HN
CVE-2018-7756 (RunExeFile.exe in the installer for DEWESoft X3 SP1 (64-bit) devices ...)
NOT-FOR-US: RunExeFile.exe in the installer for DEWESoft X3 SP1 devices
CVE-2018-7755 (An issue was discovered in the fd_locked_ioctl function in ...)
- {DSA-4308-1}
+ {DSA-4308-1 DLA-1529-1}
- linux 4.18.10-1
[jessie] - linux-4.9 <unfixed>
NOTE: https://lkml.org/lkml/2018/5/29/495
@@ -29446,11 +29566,11 @@ CVE-2018-6556 (lxc-user-nic when asked to delete a network interface will ...)
NOTE: Prerequisite: https://github.com/lxc/lxc/commit/f96f5f3c1341e73ee51c8b49bef4ba571c562d8c
NOTE: Fixed by: https://github.com/lxc/lxc/commit/5eb45428b312e978fb9e294dde16efb14dd9fa4d
CVE-2018-6555 (The irda_setsockopt function in net/irda/af_irda.c and later in ...)
- {DSA-4308-1}
+ {DSA-4308-1 DLA-1529-1}
- linux 4.17.3-1
NOTE: http://www.openwall.com/lists/oss-security/2018/09/04/2
CVE-2018-6554 (Memory leak in the irda_bind function in net/irda/af_irda.c and later ...)
- {DSA-4308-1}
+ {DSA-4308-1 DLA-1529-1}
- linux 4.17.3-1
NOTE: http://www.openwall.com/lists/oss-security/2018/09/04/2
CVE-2018-6553 (The CUPS AppArmor profile incorrectly confined the dnssd backend due ...)
@@ -33195,7 +33315,7 @@ CVE-2018-5392 (mingw-w64 version 5.0.4 by default produces executables that opt
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=19011
NOTE: https://www.kb.cert.org/vuls/id/307144 (describes workaround)
CVE-2018-5391 (The Linux kernel, versions 3.9+, is vulnerable to a denial of service ...)
- {DSA-4272-1 DLA-1466-1}
+ {DSA-4272-1 DLA-1529-1 DLA-1466-1}
- linux 4.17.15-1
NOTE: Mitigation: Change the default values of net.ipv4.ipfrag_high_thresh and
NOTE: net.ipv4.ipfrag_low_thresh back to 256kB and 192 kB (respectively) or
@@ -36863,18 +36983,18 @@ CVE-2018-3964
RESERVED
CVE-2018-3963
RESERVED
-CVE-2018-3962
- RESERVED
-CVE-2018-3961
- RESERVED
-CVE-2018-3960
- RESERVED
-CVE-2018-3959
- RESERVED
-CVE-2018-3958
- RESERVED
-CVE-2018-3957
- RESERVED
+CVE-2018-3962 (A use-after-free vulnerability exists in the JavaScript engine of ...)
+ TODO: check
+CVE-2018-3961 (A use-after-free vulnerability exists in the JavaScript engine of ...)
+ TODO: check
+CVE-2018-3960 (A use-after-free vulnerability exists in the JavaScript engine of ...)
+ TODO: check
+CVE-2018-3959 (A use-after-free vulnerability exists in the JavaScript engine of ...)
+ TODO: check
+CVE-2018-3958 (A use-after-free vulnerability exists in the JavaScript engine of ...)
+ TODO: check
+CVE-2018-3957 (A use-after-free vulnerability exists in the JavaScript engine of ...)
+ TODO: check
CVE-2018-3956
RESERVED
CVE-2018-3955
@@ -36899,10 +37019,10 @@ CVE-2018-3946
RESERVED
CVE-2018-3945
RESERVED
-CVE-2018-3944
- RESERVED
-CVE-2018-3943
- RESERVED
+CVE-2018-3944 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+ TODO: check
+CVE-2018-3943 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+ TODO: check
CVE-2018-3942
RESERVED
CVE-2018-3941
@@ -37924,7 +38044,7 @@ CVE-2018-3640 (Systems with microprocessors utilizing speculative execution and
NOTE: The 3.20180703.1 release for intel-microcode was the first batch of updates which targeted
NOTE: most server type CPUs, additional models were supported in the 3.20180807a.1 release
CVE-2018-3639 (Systems with microprocessors utilizing speculative execution and ...)
- {DSA-4273-2 DSA-4273-1 DSA-4210-1 DLA-1446-1 DLA-1423-1}
+ {DSA-4273-2 DSA-4273-1 DSA-4210-1 DLA-1529-1 DLA-1446-1 DLA-1423-1}
- intel-microcode 3.20180703.1
- linux 4.16.12-1
[stretch] - linux 4.9.107-1
@@ -37977,7 +38097,7 @@ CVE-2018-3622
CVE-2018-3621
RESERVED
CVE-2018-3620 (Systems with microprocessors utilizing speculative execution and ...)
- {DSA-4279-1 DSA-4274-1 DLA-1481-1}
+ {DSA-4279-1 DSA-4274-1 DLA-1529-1 DLA-1481-1}
- linux 4.17.15-1
- xen <unfixed>
- intel-microcode 3.20180703.1
@@ -76383,8 +76503,8 @@ CVE-2017-7910 (A Stack-Based Buffer Overflow issue was discovered in Digital Can
NOT-FOR-US: Digital Canal Structural Wind Analysis
CVE-2017-7909 (A Use of Client-Side Authentication issue was discovered in Advantech ...)
NOT-FOR-US: Advantech
-CVE-2017-7908
- RESERVED
+CVE-2017-7908 (A heap-based buffer overflow exists in the third-party product ...)
+ TODO: check
CVE-2017-7907 (An Improper XML Parser Configuration issue was discovered in Schneider ...)
NOT-FOR-US: Schneider
CVE-2017-7906 (In ABB IP GATEWAY 3.39 and prior, the web server does not sufficiently ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dee74f8c775d01ff61981e51389c6fff74b5e02b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dee74f8c775d01ff61981e51389c6fff74b5e02b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181003/db18e607/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list