[Git][security-tracker-team/security-tracker][master] Track more glusterfs issues

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
84f1bbfe by Salvatore Bonaccorso at 2018-09-04T09:22:43Z
Track more glusterfs issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13762,6 +13762,8 @@ CVE-2018-10924
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1611785
 CVE-2018-10923
 	RESERVED
+	- glusterfs <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1610659
 CVE-2018-10922 (An input validation flaw exists in ttembed. With a crafted input file, ...)
 	NOT-FOR-US: ttembed
 CVE-2018-10921 (Certain input files may trigger an integer overflow in ttembed input ...)
@@ -13799,12 +13801,19 @@ CVE-2018-10915 (A vulnerability was found in libpq, the default PostgreSQL clien
 	NOTE: https://www.postgresql.org/about/news/1878/
 CVE-2018-10914
 	RESERVED
+	- glusterfs <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1607617
 CVE-2018-10913
 	RESERVED
+	- glusterfs <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1607618
 CVE-2018-10912 (keycloak before version 4.0.0.final is vulnerable to a infinite loop ...)
 	NOT-FOR-US: Keycloak
 CVE-2018-10911
 	RESERVED
+	- glusterfs <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601657
+	NOTE: https://review.gluster.org/21067
 CVE-2018-10910 [ailure in disabling Bluetooth discoverability in certain cases may lead to the unauthorized pairing of Bluetooth devices]
 	RESERVED
 	- bluez <unfixed>
@@ -13820,6 +13829,9 @@ CVE-2018-10908 (It was found that vdsm before version 4.20.37 invokes qemu-img o
 	NOT-FOR-US: ovirt
 CVE-2018-10907
 	RESERVED
+	- glusterfs <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601642
+	NOTE: https://review.gluster.org/21070
 CVE-2018-10906 (In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is ...)
 	{DSA-4257-1 DLA-1468-1}
 	- fuse3 <itp> (bug #904216)
@@ -13830,6 +13842,9 @@ CVE-2018-10905 (CloudForms Management Engine (cfme) is vulnerable to an improper
 	NOT-FOR-US: Red Hat CloudForms Management Engine
 CVE-2018-10904
 	RESERVED
+	- glusterfs <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601298
+	NOTE: https://review.gluster.org/21072
 CVE-2018-10903 (A flaw was found in python-cryptography versions between >=1.9.0 and ...)
 	- python-cryptography 2.3-1 (bug #904072)
 	[stretch] - python-cryptography <not-affected> (Vulnerable code introduced later)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/84f1bbfe6fe0ca158361c924c50a6dad66cbfe11

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/84f1bbfe6fe0ca158361c924c50a6dad66cbfe11
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180904/278f0f8e/attachment.html>