[Git][security-tracker-team/security-tracker][master] "new" linux issue

Thu Apr 4 08:00:17 BST 2019


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f518730f by Moritz Muehlenhoff at 2019-04-04T06:59:33Z
"new" linux issue
new wget issue (needs more info)
new evolution-ews issue
NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12325,6 +12325,8 @@ CVE-2019-5954
 	RESERVED
 CVE-2019-5953
 	RESERVED
+	- wget <unfixed>
+	NOTE: https://jvn.jp/en/jp/JVN25261088/
 CVE-2019-5952
 	RESERVED
 CVE-2019-5951
@@ -16749,6 +16751,9 @@ CVE-2019-3891
 	RESERVED
 CVE-2019-3890
 	RESERVED
+	- evolution-ews <unfixed>
+	NOTE: https://gitlab.gnome.org/GNOME/evolution-ews/issues/36
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1678313
 CVE-2019-3889
 	RESERVED
 CVE-2019-3888
@@ -16789,7 +16794,7 @@ CVE-2019-3877 (A vulnerability was found in mod_auth_mellon before v0.14.2. An o
 	[jessie] - libapache2-mod-auth-mellon <no-dsa> (Open redirect protection not present in the first place)
 	NOTE: https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8
 CVE-2019-3876 (A flaw was found in the /oauth/token/request custom endpoint of the Op ...)
-	TODO: check
+	NOT-FOR-US: Openshift OAuth server
 CVE-2019-3875
 	RESERVED
 CVE-2019-3874 (The SCTP socket buffer used by a userspace application is not accounte ...)
@@ -16920,6 +16925,9 @@ CVE-2019-3838 (It was found that the forceput operator could be extracted from t
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700576
 CVE-2019-3837
 	RESERVED
+	- linux 3.13.4-1
+	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=77873803363c
+	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7bced397510a
 CVE-2019-3836 (It was discovered in gnutls before version 3.6.7 upstream that there i ...)
 	[experimental] - gnutls28 3.6.7-1
 	- gnutls28 3.6.7-2



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f518730f8e24c4999f37973456bcd018507ebe30

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f518730f8e24c4999f37973456bcd018507ebe30
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190404/a03d9253/attachment-0001.html>
