[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sun Sep 30 21:10:54 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
12f9c0fd by security tracker role at 2018-09-30T20:10:46Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,21 @@
+CVE-2018-17793 (Virtualenv 16.0.0 allows a sandbox escape via "python $(bash >&2)" and ...)
+	TODO: check
+CVE-2018-17792
+	RESERVED
+CVE-2018-17791
+	RESERVED
+CVE-2018-17790
+	RESERVED
+CVE-2018-17789
+	RESERVED
+CVE-2018-17788
+	RESERVED
+CVE-2018-17787
+	RESERVED
+CVE-2018-17786
+	RESERVED
+CVE-2018-17785 (In blynk-server in Blynk before 0.39.7, Directory Traversal exists via ...)
+	TODO: check
 CVE-2018-17784
 	RESERVED
 CVE-2018-17783
@@ -1479,7 +1497,7 @@ CVE-2018-17096 (The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli
 	[jessie] - soundtouch <ignored> (Minor issue)
 	NOTE: https://gitlab.com/soundtouch/soundtouch/issues/14
 CVE-2018-17183 (Artifex Ghostscript before 9.25 allowed a user-writable error exception ...)
-	{DSA-4294-1}
+	{DSA-4294-1 DLA-1527-1}
 	- ghostscript 9.25~dfsg-1
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699708
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=fb713b3818b52d8a6cf62c951eba2e1795ff9624
@@ -4402,7 +4420,7 @@ CVE-2018-15878
 CVE-2017-18345 (The Joomanager component through 2.0.0 for Joomla! has an arbitrary ...)
 	NOT-FOR-US: Joomla addon
 CVE-2018-16543 (In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution ...)
-	{DSA-4288-1}
+	{DSA-4288-1 DLA-1527-1}
 	[experimental] - ghostscript 9.25~dfsg-1~exp1
 	- ghostscript 9.25~dfsg-1 (bug #908303)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5b5536fa88a9e885032bc0df3852c3439399a5c0



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/12f9c0fd5c0a80c7cfb173ccf03fbde2765dd2be

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/12f9c0fd5c0a80c7cfb173ccf03fbde2765dd2be
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180930/83e4ed3d/attachment.html>

More information about the debian-security-tracker-commits mailing list