[Git][security-tracker-team/security-tracker][master] automatic update

Wed Oct 24 21:10:32 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
68d6d1d8 by security tracker role at 2018-10-24T20:10:23Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2018-18631
+	RESERVED
 CVE-2018-18630
 	RESERVED
 CVE-2018-18629
@@ -66,7 +68,7 @@ CVE-2018-18605 (A heap-based buffer over-read issue was discovered in the functi
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61
 CVE-2018-18604
 	RESERVED
-CVE-2018-18603 (360 Total Security 3.5.0.1033 allows a Sandbox Escape via an "import ...)
+CVE-2018-18603 (** DISPUTED ** 360 Total Security 3.5.0.1033 allows a Sandbox Escape ...)
 	NOT-FOR-US: 360 Total Security
 CVE-2018-18602
 	RESERVED
@@ -1818,8 +1820,8 @@ CVE-2018-17937
 	RESERVED
 CVE-2018-17936
 	RESERVED
-CVE-2018-17935
-	RESERVED
+CVE-2018-17935 (All versions of Telecrane F25 Series Radio Controls before 00.0A use ...)
+	TODO: check
 CVE-2018-17934
 	RESERVED
 CVE-2018-17933
@@ -7850,8 +7852,8 @@ CVE-2018-15444
 	RESERVED
 CVE-2018-15443
 	RESERVED
-CVE-2018-15442
-	RESERVED
+CVE-2018-15442 (A vulnerability in the update service of Cisco Webex Meetings Desktop ...)
+	TODO: check
 CVE-2018-15441
 	RESERVED
 CVE-2018-15440
@@ -7979,6 +7981,7 @@ CVE-2018-15380
 CVE-2018-15379 (A vulnerability in which the HTTP web server for Cisco Prime ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15378 (A vulnerability in ClamAV versions prior to 0.100.2 could allow an ...)
+	{DLA-1553-1}
 	- clamav 0.100.2+dfsg-1 (bug #910430)
 	[stretch] - clamav <no-dsa> (clamav is updated via -updates)
 	NOTE: https://blog.clamav.net/2018/10/clamav-01002-has-been-released.html
@@ -17037,8 +17040,8 @@ CVE-2018-1000182 (A server-side request forgery vulnerability exists in Jenkins
 	NOT-FOR-US: Jenkins plugin
 CVE-2018-11805
 	RESERVED
-CVE-2018-11804
-	RESERVED
+CVE-2018-11804 (Spark's Apache Maven-based build includes a convenience script, ...)
+	TODO: check
 CVE-2018-11803
 	RESERVED
 CVE-2018-11802
@@ -45704,8 +45707,8 @@ CVE-2018-1543 (IBM WebSphere MQ 8.0 and 9.0 could allow a remote attacker to obt
 	NOT-FOR-US: IBM
 CVE-2018-1542 (IBM FileNet Content Manager, IBM Content Foundation, and IBM Case ...)
 	NOT-FOR-US: IBM
-CVE-2018-1541
-	RESERVED
+CVE-2018-1541 (IBM WebSphere Commerce Enterprise V7, V8, and V9 is vulnerable to ...)
+	TODO: check
 CVE-2018-1540
 	RESERVED
 CVE-2018-1539 (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/68d6d1d88c2a860ba5b3d2acf285dbf979f7cf20

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/68d6d1d88c2a860ba5b3d2acf285dbf979f7cf20
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181024/bfd233b6/attachment.html>
