[Git][security-tracker-team/security-tracker][master] Add CVE-2018-16509
Salvatore Bonaccorso
carnil at debian.org
Wed Sep 5 08:15:47 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
00d977df by Salvatore Bonaccorso at 2018-09-05T07:15:28Z
Add CVE-2018-16509
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1366,6 +1366,12 @@ CVE-2018-15878
RESERVED
CVE-2017-18345 (The Joomanager component through 2.0.0 for Joomla! has an arbitrary ...)
NOT-FOR-US: Joomla addon
+CVE-2018-16509
+ - ghostscript <unfixed> (bug #907332; bug #907703)
+ NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5516c614dc33662a2afdc377159f70218e67bde5
+ NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=78911a01b67d590b4a91afac2e8417360b934156
+ NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=79cccf641486a6595c43f1de1cd7ade696020a31
+ NOTE: Partially fixed in 9.22~dfsg-3 but missing one commit as per #907703
CVE-2018-XXXX [Multiple -dSAFER sandbox bypass vulnerabilities]
- ghostscript 9.22~dfsg-3 (bug #907332)
NOTE: https://www.kb.cert.org/vuls/id/332928
@@ -1375,8 +1381,6 @@ CVE-2018-XXXX [Multiple -dSAFER sandbox bypass vulnerabilities]
NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0edd3d6c
NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a054156d
NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b326a716
- NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=78911a01
- NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5516c614
NOTE: https://marc.info/?l=oss-security&m=153544835030871&w=2
CVE-2018-XXXX [More required fixes not included in 9.22~dfsg-3]
- ghostscript <unfixed>
@@ -1385,9 +1389,6 @@ CVE-2018-XXXX [More required fixes not included in 9.22~dfsg-3]
NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=520bb0ea7519aa3e79db78aaf0589dae02103764
NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5b5536fa88a9e885032bc0df3852c3439399a5c0
NOTE: https://marc.info/?l=oss-security&m=153544835030871&w=2
-CVE-2018-XXXX [preserve LockSafetyParams in the nulldevice]
- - ghostscript <unfixed> (bug #907703)
- NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=79cccf641486
CVE-2018-15877 (The Plainview Activity Monitor plugin 4.7.11 for WordPress is ...)
NOT-FOR-US: Wordpress plugin
CVE-2018-15876 (An issue was discovered in the ajax-bootmodal-login plugin 1.4.3 for ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/00d977df3ddc97083529f38f14c145ab31f01a86
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/00d977df3ddc97083529f38f14c145ab31f01a86
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180905/96e8665d/attachment.html>
More information about the debian-security-tracker-commits
mailing list