[Git][security-tracker-team/security-tracker][master] automatic update

Sun Sep 16 09:10:25 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e7822033 by security tracker role at 2018-09-16T08:10:17Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2018-17081
+	RESERVED
+CVE-2018-17080
+	RESERVED
+CVE-2018-17079
+	RESERVED
+CVE-2018-17078
+	RESERVED
+CVE-2018-17077 (An issue was discovered in yiqicms through 2016-11-20. There is stored ...)
+	TODO: check
+CVE-2018-17076 (GPP through 2.25 will try to use more memory space than is available on ...)
+	TODO: check
+CVE-2018-17075 (The html package (aka x/net/html) before 2018-07-13 in Go mishandles ...)
+	TODO: check
+CVE-2018-17074 (The Feed Statistics plugin before 4.0 for WordPress has an Open ...)
+	TODO: check
+CVE-2018-17073 (wernsey/bitmap before 2018-08-18 allows a NULL pointer dereference via ...)
+	TODO: check
+CVE-2018-17072 (JSON++ through 2016-06-15 has a buffer over-read in yyparse() in ...)
+	TODO: check
+CVE-2018-17071
+	RESERVED
+CVE-2018-17070 (An issue was discovered in UNL-CMS 7.59. A CSRF attack can update the ...)
+	TODO: check
+CVE-2018-17069 (An issue was discovered in UNL-CMS 7.59. A CSRF attack can create new ...)
+	TODO: check
+CVE-2018-17068 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP ...)
+	TODO: check
+CVE-2018-17067 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very ...)
+	TODO: check
+CVE-2018-17066 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP ...)
+	TODO: check
+CVE-2018-17065 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. Within ...)
+	TODO: check
+CVE-2018-17064 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP ...)
+	TODO: check
+CVE-2018-17063 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP ...)
+	TODO: check
 CVE-2018-17062
 	RESERVED
 CVE-2018-17061 (BullGuard Safe Browsing 18.1.355 allows XSS on Google, Bing, and Yahoo! ...)
@@ -1236,7 +1274,7 @@ CVE-2018-16516 (helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted
 	- python-flask-admin <itp> (bug #765509)
 CVE-2018-16514
 	RESERVED
-CVE-2018-16554 [Buffer Overflow while running jhead]
+CVE-2018-16554 (The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may ...)
 	- jhead <unfixed> (bug #907925; bug #908176)
 CVE-2018-16515 [Synapse: Failures to correctly validate signatures on transactions and events]
 	RESERVED
@@ -4967,6 +5005,7 @@ CVE-2018-14940 (PHPCMS 9 allows remote attackers to cause a denial of service (r
 CVE-2018-14939 (The get_app_path function in desktop/unx/source/start.c in LibreOffice ...)
 	- libreoffice <not-affected> (Doesn't affect LibreOffice running on glibc)
 CVE-2018-1000637 (zutils version prior to version 1.8-pre2 contains a Buffer Overflow ...)
+	{DLA-1505-1}
 	- zutils 1.7-3 (bug #902936; bug #904819)
 	[stretch] - zutils <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/05/1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e78220335fc0e8b09d309911cda6b0aade17b4f8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e78220335fc0e8b09d309911cda6b0aade17b4f8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180916/eb8432a4/attachment.html>
