[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed Apr 10 09:11:17 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0b00186a by security tracker role at 2019-04-10T08:11:08Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2019-11066
+ RESERVED
+CVE-2019-11065 (Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download ...)
+ TODO: check
CVE-2019-XXXX [arbitrary code execution by any identified visitor]
- spip 3.2.4-1 (bug #926764)
NOTE: https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-Sortie-de-SPIP-3-1-10-et-SPIP-3-2-4.html?lang=fr
@@ -3958,8 +3962,8 @@ CVE-2019-9698
RESERVED
CVE-2019-9697
RESERVED
-CVE-2019-9696
- RESERVED
+CVE-2019-9696 (Symantec VIP Enterprise Gateway (all versions) may be susceptible to a ...)
+ TODO: check
CVE-2019-9695 (Norton Core prior to v278 may be susceptible to an arbitrary code exec ...)
NOT-FOR-US: Norton Core
CVE-2019-9694
@@ -6990,8 +6994,8 @@ CVE-2019-8458
RESERVED
CVE-2019-8457
RESERVED
-CVE-2019-8456
- RESERVED
+CVE-2019-8456 (Check Point IKEv2 IPsec VPN up to R80.30, in some less common conditio ...)
+ TODO: check
CVE-2019-8455
RESERVED
CVE-2019-8454
@@ -9572,14 +9576,14 @@ CVE-2019-7363
RESERVED
CVE-2019-7362
RESERVED
-CVE-2019-7361
- RESERVED
-CVE-2019-7360
- RESERVED
-CVE-2019-7359
- RESERVED
-CVE-2019-7358
- RESERVED
+CVE-2019-7361 (An attacker may convince a victim to open a malicious action micro (.a ...)
+ TODO: check
+CVE-2019-7360 (An exploitable heap overflow vulnerability in the DXF-parsing function ...)
+ TODO: check
+CVE-2019-7359 (An exploitable heap overflow vulnerability in the DXF-parsing function ...)
+ TODO: check
+CVE-2019-7358 (An exploitable heap overflow vulnerability in the DXF-parsing function ...)
+ TODO: check
CVE-2019-7357
RESERVED
CVE-2019-7356
@@ -12662,8 +12666,8 @@ CVE-2019-6142
RESERVED
CVE-2019-6141
RESERVED
-CVE-2019-6140
- RESERVED
+CVE-2019-6140 (A configuration issue has been discovered in Forcepoint Email Security ...)
+ TODO: check
CVE-2019-6139 (Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbi ...)
NOT-FOR-US: Forcepoint User ID (FUID) server
CVE-2019-6138 (An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memor ...)
@@ -14107,8 +14111,8 @@ CVE-2019-5587
RESERVED
CVE-2019-5586
RESERVED
-CVE-2019-5585
- RESERVED
+CVE-2019-5585 (An improper access control vulnerability in FortiClientMac before 6.0. ...)
+ TODO: check
CVE-2019-5584
RESERVED
CVE-2019-5583
@@ -14251,12 +14255,12 @@ CVE-2019-5515 (VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) and F
NOT-FOR-US: VMware
CVE-2019-5514 (VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerab ...)
NOT-FOR-US: VMware
-CVE-2019-5513
- RESERVED
-CVE-2019-5512
- RESERVED
-CVE-2019-5511
- RESERVED
+CVE-2019-5513 (VMware Horizon Connection Server (7.x before 7.8, 7.5.x before 7.5.2, ...)
+ TODO: check
+CVE-2019-5512 (VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on ...)
+ TODO: check
+CVE-2019-5511 (VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on ...)
+ TODO: check
CVE-2019-5510
RESERVED
CVE-2019-5509
@@ -15248,7 +15252,7 @@ CVE-2019-5021
RESERVED
CVE-2019-5020
RESERVED
-CVE-2019-5019 (A heap overflow vulnerability exists in the PowerPoint document conver ...)
+CVE-2019-5019 (A heap-based overflow vulnerability exists in the PowerPoint document ...)
NOT-FOR-US: Rainbow PDF Office Server Document Converter
CVE-2019-5018
RESERVED
@@ -17591,7 +17595,7 @@ CVE-2019-3882 [DoS through vfio/type1 DMA mappings]
CVE-2019-3881
RESERVED
CVE-2019-3880 (A flaw was found in the way samba implemented an RPC endpoint emulatin ...)
- {DSA-4427-1}
+ {DSA-4427-1 DLA-1754-1}
- samba 2:4.9.5+dfsg-3
NOTE: https://www.samba.org/samba/security/CVE-2019-3880.html
CVE-2019-3879 (It was discovered that in the ovirt's REST API before version 4.3.2.1, ...)
@@ -17721,8 +17725,7 @@ CVE-2019-3844
RESERVED
CVE-2019-3843
RESERVED
-CVE-2019-3842 [unsafe environment usage in pam_systemd]
- RESERVED
+CVE-2019-3842 (In systemd before v242-rc4, it was discovered that pam_systemd does no ...)
{DSA-4428-1}
- systemd 241-3
NOTE: https://bugs.launchpad.net/bugs/1812316
@@ -24862,8 +24865,8 @@ CVE-2019-1575
RESERVED
CVE-2019-1574
RESERVED
-CVE-2019-1573
- RESERVED
+CVE-2019-1573 (GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 a ...)
+ TODO: check
CVE-2019-1572 (PAN-OS 9.0.0 may allow an unauthenticated remote user to access php fi ...)
NOT-FOR-US: PAN-OS
CVE-2019-1571 (The Expedition Migration tool 1.1.8 and earlier may allow an authentic ...)
@@ -24874,8 +24877,8 @@ CVE-2019-1569 (The Expedition Migration tool 1.1.8 and earlier may allow an auth
NOT-FOR-US: Expedition Migration tool
CVE-2019-1568
RESERVED
-CVE-2019-1567
- RESERVED
+CVE-2019-1567 (The Expedition Migration tool 1.1.6 and earlier may allow an authentic ...)
+ TODO: check
CVE-2019-1566 (The PAN-OS management web interface in PAN-OS 7.1.21 and earlier, PAN- ...)
NOT-FOR-US: PAN-OS
CVE-2019-1565 (The PAN-OS external dynamics lists in PAN-OS 7.1.21 and earlier, PAN-O ...)
@@ -27104,122 +27107,122 @@ CVE-2019-0881
RESERVED
CVE-2019-0880
RESERVED
-CVE-2019-0879
- RESERVED
+CVE-2019-0879 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
CVE-2019-0878
RESERVED
-CVE-2019-0877
- RESERVED
-CVE-2019-0876
- RESERVED
-CVE-2019-0875
- RESERVED
-CVE-2019-0874
- RESERVED
+CVE-2019-0877 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-0876 (An information disclosure vulnerability exists when affected Open Encl ...)
+ TODO: check
+CVE-2019-0875 (An elevation of privilege vulnerability exists when Azure DevOps Serve ...)
+ TODO: check
+CVE-2019-0874 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
+ TODO: check
CVE-2019-0873
RESERVED
CVE-2019-0872
RESERVED
-CVE-2019-0871
- RESERVED
-CVE-2019-0870
- RESERVED
-CVE-2019-0869
- RESERVED
-CVE-2019-0868
- RESERVED
-CVE-2019-0867
- RESERVED
-CVE-2019-0866
- RESERVED
+CVE-2019-0871 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
+ TODO: check
+CVE-2019-0870 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
+ TODO: check
+CVE-2019-0869 (A spoofing vulnerability exists in Microsoft Azure DevOps Server when ...)
+ TODO: check
+CVE-2019-0868 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
+ TODO: check
+CVE-2019-0867 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
+ TODO: check
+CVE-2019-0866 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
+ TODO: check
CVE-2019-0865
RESERVED
CVE-2019-0864
RESERVED
CVE-2019-0863
RESERVED
-CVE-2019-0862
- RESERVED
-CVE-2019-0861
- RESERVED
-CVE-2019-0860
- RESERVED
-CVE-2019-0859
- RESERVED
-CVE-2019-0858
- RESERVED
-CVE-2019-0857
- RESERVED
-CVE-2019-0856
- RESERVED
+CVE-2019-0862 (A remote code execution vulnerability exists in the way that the scrip ...)
+ TODO: check
+CVE-2019-0861 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0860 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0859 (An elevation of privilege vulnerability exists in Windows when the Win ...)
+ TODO: check
+CVE-2019-0858 (A spoofing vulnerability exists in Microsoft Exchange Server when Outl ...)
+ TODO: check
+CVE-2019-0857 (A spoofing vulnerability that could allow a security feature bypass ex ...)
+ TODO: check
+CVE-2019-0856 (A remote code execution vulnerability exists when Windows improperly h ...)
+ TODO: check
CVE-2019-0855
RESERVED
CVE-2019-0854
RESERVED
-CVE-2019-0853
- RESERVED
+CVE-2019-0853 (A remote code execution vulnerability exists in the way that the Windo ...)
+ TODO: check
CVE-2019-0852
RESERVED
-CVE-2019-0851
- RESERVED
+CVE-2019-0851 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
CVE-2019-0850
RESERVED
-CVE-2019-0849
- RESERVED
-CVE-2019-0848
- RESERVED
-CVE-2019-0847
- RESERVED
-CVE-2019-0846
- RESERVED
-CVE-2019-0845
- RESERVED
-CVE-2019-0844
- RESERVED
+CVE-2019-0849 (An information disclosure vulnerability exists when the Windows GDI co ...)
+ TODO: check
+CVE-2019-0848 (An information disclosure vulnerability exists when the win32k compone ...)
+ TODO: check
+CVE-2019-0847 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-0846 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-0845 (A remote code execution vulnerability exists when the IOleCvt interfac ...)
+ TODO: check
+CVE-2019-0844 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
CVE-2019-0843
RESERVED
-CVE-2019-0842
- RESERVED
-CVE-2019-0841
- RESERVED
-CVE-2019-0840
- RESERVED
-CVE-2019-0839
- RESERVED
-CVE-2019-0838
- RESERVED
-CVE-2019-0837
- RESERVED
-CVE-2019-0836
- RESERVED
-CVE-2019-0835
- RESERVED
+CVE-2019-0842 (A remote code execution vulnerability exists in the way that the VBScr ...)
+ TODO: check
+CVE-2019-0841 (An elevation of privilege vulnerability exists when Windows AppX Deplo ...)
+ TODO: check
+CVE-2019-0840 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
+CVE-2019-0839 (An information disclosure vulnerability exists when the Terminal Servi ...)
+ TODO: check
+CVE-2019-0838 (An information disclosure vulnerability exists when Windows Task Sched ...)
+ TODO: check
+CVE-2019-0837 (An information disclosure vulnerability exists when DirectX improperly ...)
+ TODO: check
+CVE-2019-0836 (An elevation of privilege vulnerability exists when Windows improperly ...)
+ TODO: check
+CVE-2019-0835 (An information disclosure vulnerability exists when the scripting engi ...)
+ TODO: check
CVE-2019-0834
RESERVED
-CVE-2019-0833
- RESERVED
+CVE-2019-0833 (An information disclosure vulnerability exists when Microsoft Edge imp ...)
+ TODO: check
CVE-2019-0832
RESERVED
-CVE-2019-0831
- RESERVED
-CVE-2019-0830
- RESERVED
-CVE-2019-0829
- RESERVED
-CVE-2019-0828
- RESERVED
-CVE-2019-0827
- RESERVED
-CVE-2019-0826
- RESERVED
-CVE-2019-0825
- RESERVED
-CVE-2019-0824
- RESERVED
-CVE-2019-0823
- RESERVED
-CVE-2019-0822
- RESERVED
+CVE-2019-0831 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+ TODO: check
+CVE-2019-0830 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+ TODO: check
+CVE-2019-0829 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0828 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
+ TODO: check
+CVE-2019-0827 (A remote code execution vulnerability exists when the Microsoft Office ...)
+ TODO: check
+CVE-2019-0826 (A remote code execution vulnerability exists when the Microsoft Office ...)
+ TODO: check
+CVE-2019-0825 (A remote code execution vulnerability exists when the Microsoft Office ...)
+ TODO: check
+CVE-2019-0824 (A remote code execution vulnerability exists when the Microsoft Office ...)
+ TODO: check
+CVE-2019-0823 (A remote code execution vulnerability exists when the Microsoft Office ...)
+ TODO: check
+CVE-2019-0822 (A remote code execution vulnerability exists in the way that Microsoft ...)
+ TODO: check
CVE-2019-0821 (An information disclosure vulnerability exists in the way that the Win ...)
NOT-FOR-US: Windows SMB Server
CVE-2019-0820
@@ -27228,8 +27231,8 @@ CVE-2019-0819
RESERVED
CVE-2019-0818
RESERVED
-CVE-2019-0817
- RESERVED
+CVE-2019-0817 (A spoofing vulnerability exists in Microsoft Exchange Server when Outl ...)
+ TODO: check
CVE-2019-0816 (A security feature bypass exists in Azure SSH Keypairs, due to a chang ...)
- cloud-init <unfixed> (low; bug #926043)
[buster] - cloud-init <no-dsa> (Doesn't affect default provisioning for Azure, only limited use cases)
@@ -27237,37 +27240,37 @@ CVE-2019-0816 (A security feature bypass exists in Azure SSH Keypairs, due to a
[jessie] - cloud-init <not-affected> (version uses a different mechanism to set public keys.)
NOTE: https://code.launchpad.net/~jasonzio/cloud-init/+git/cloud-init/+merge/363445
NOTE: https://support.microsoft.com/en-us/help/4491476/extraneous-ssh-public-keys-added-to-authorized-keys-file-on-linux-vm
-CVE-2019-0815
- RESERVED
-CVE-2019-0814
- RESERVED
-CVE-2019-0813
- RESERVED
-CVE-2019-0812
- RESERVED
+CVE-2019-0815 (A denial of service vulnerability exists when ASP.NET Core improperly ...)
+ TODO: check
+CVE-2019-0814 (An information disclosure vulnerability exists when the win32k compone ...)
+ TODO: check
+CVE-2019-0813 (An elevation of privilege vulnerability exists when Windows Admin Cent ...)
+ TODO: check
+CVE-2019-0812 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
CVE-2019-0811
RESERVED
-CVE-2019-0810
- RESERVED
+CVE-2019-0810 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
CVE-2019-0809 (A remote code execution vulnerability exists when the Visual Studio C+ ...)
NOT-FOR-US: Microsoft
CVE-2019-0808 (An elevation of privilege vulnerability exists in Windows when the Win ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0807
RESERVED
-CVE-2019-0806
- RESERVED
-CVE-2019-0805
- RESERVED
+CVE-2019-0806 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0805 (An elevation of privilege vulnerability exists when Windows improperly ...)
+ TODO: check
CVE-2019-0804 (An information disclosure vulnerability exists in the way Azure WaLinu ...)
{DSA-4406-1 DLA-1709-1}
- waagent 2.2.34-3
-CVE-2019-0803
- RESERVED
-CVE-2019-0802
- RESERVED
-CVE-2019-0801
- RESERVED
+CVE-2019-0803 (An elevation of privilege vulnerability exists in Windows when the Win ...)
+ TODO: check
+CVE-2019-0802 (An information disclosure vulnerability exists when the Windows GDI co ...)
+ TODO: check
+CVE-2019-0801 (A remote code execution vulnerability exists when Microsoft Office fai ...)
+ TODO: check
CVE-2019-0800
RESERVED
CVE-2019-0799
@@ -27276,28 +27279,28 @@ CVE-2019-0798 (A spoofing vulnerability exists when a Lync Server or Skype for B
NOT-FOR-US: Microsoft
CVE-2019-0797 (An elevation of privilege vulnerability exists in Windows when the Win ...)
NOT-FOR-US: Microsoft Windows
-CVE-2019-0796
- RESERVED
-CVE-2019-0795
- RESERVED
-CVE-2019-0794
- RESERVED
-CVE-2019-0793
- RESERVED
-CVE-2019-0792
- RESERVED
-CVE-2019-0791
- RESERVED
-CVE-2019-0790
- RESERVED
+CVE-2019-0796 (An elevation of privilege vulnerability exists when Windows improperly ...)
+ TODO: check
+CVE-2019-0795 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
+ TODO: check
+CVE-2019-0794 (A remote code execution vulnerability exists when OLE automation impro ...)
+ TODO: check
+CVE-2019-0793 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
+ TODO: check
+CVE-2019-0792 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
+ TODO: check
+CVE-2019-0791 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
+ TODO: check
+CVE-2019-0790 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
+ TODO: check
CVE-2019-0789
RESERVED
CVE-2019-0788
RESERVED
CVE-2019-0787
RESERVED
-CVE-2019-0786
- RESERVED
+CVE-2019-0786 (An elevation of privilege vulnerability exists in the Microsoft Server ...)
+ TODO: check
CVE-2019-0785
RESERVED
CVE-2019-0784 (A remote code execution vulnerability exists in the way that the Activ ...)
@@ -27340,8 +27343,8 @@ CVE-2019-0766 (An elevation of privilege vulnerability exists in Windows AppX De
NOT-FOR-US: Microsoft
CVE-2019-0765 (A remote code execution vulnerability exists in the way that comctl32. ...)
TODO: check
-CVE-2019-0764
- RESERVED
+CVE-2019-0764 (A tampering vulnerability exists when Microsoft browsers do not proper ...)
+ TODO: check
CVE-2019-0763 (A remote code execution vulnerability exists when Internet Explorer im ...)
NOT-FOR-US: Microsoft
CVE-2019-0762 (A security feature bypass vulnerability exists when Microsoft browsers ...)
@@ -27366,10 +27369,10 @@ CVE-2019-0755 (An information disclosure vulnerability exists when the Windows k
NOT-FOR-US: Microsoft Windows
CVE-2019-0754 (A denial of service vulnerability exists when Windows improperly handl ...)
NOT-FOR-US: Microsoft Windows
-CVE-2019-0753
- RESERVED
-CVE-2019-0752
- RESERVED
+CVE-2019-0753 (A remote code execution vulnerability exists in the way that the scrip ...)
+ TODO: check
+CVE-2019-0752 (A remote code execution vulnerability exists in the way that the scrip ...)
+ TODO: check
CVE-2019-0751
RESERVED
CVE-2019-0750
@@ -27394,26 +27397,26 @@ CVE-2019-0741 (An information disclosure vulnerability exists in the way Azure I
NOT-FOR-US: Microsoft
CVE-2019-0740
RESERVED
-CVE-2019-0739
- RESERVED
+CVE-2019-0739 (A remote code execution vulnerability exists in the way that the scrip ...)
+ TODO: check
CVE-2019-0738
RESERVED
CVE-2019-0737
RESERVED
CVE-2019-0736
RESERVED
-CVE-2019-0735
- RESERVED
+CVE-2019-0735 (An elevation of privilege vulnerability exists when the Windows Client ...)
+ TODO: check
CVE-2019-0734
RESERVED
CVE-2019-0733
RESERVED
-CVE-2019-0732
- RESERVED
-CVE-2019-0731
- RESERVED
-CVE-2019-0730
- RESERVED
+CVE-2019-0732 (A security feature bypass vulnerability exists in Windows which could ...)
+ TODO: check
+CVE-2019-0731 (An elevation of privilege vulnerability exists when Windows improperly ...)
+ TODO: check
+CVE-2019-0730 (An elevation of privilege vulnerability exists when Windows improperly ...)
+ TODO: check
CVE-2019-0729 (An Elevation of Privilege vulnerability exists in the way Azure IoT Ja ...)
NOT-FOR-US: Microsoft
CVE-2019-0728 (A remote code execution vulnerability exists in Visual Studio Code whe ...)
@@ -27496,14 +27499,14 @@ CVE-2019-0690 (A denial of service vulnerability exists when Microsoft Hyper-V N
NOT-FOR-US: Microsoft
CVE-2019-0689 (An elevation of privilege vulnerability exists due to an integer overf ...)
NOT-FOR-US: Microsoft Windows Subsystem for Linux
-CVE-2019-0688
- RESERVED
+CVE-2019-0688 (An information disclosure vulnerability exists when the Windows TCP/IP ...)
+ TODO: check
CVE-2019-0687
RESERVED
CVE-2019-0686 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
NOT-FOR-US: Microsoft
-CVE-2019-0685
- RESERVED
+CVE-2019-0685 (An elevation of privilege vulnerability exists in Windows when the Win ...)
+ TODO: check
CVE-2019-0684
RESERVED
CVE-2019-0683 (An elevation of privilege vulnerability exists in Active Directory For ...)
@@ -78732,8 +78735,8 @@ CVE-2018-1358
RESERVED
CVE-2018-1357
RESERVED
-CVE-2018-1356
- RESERVED
+CVE-2018-1356 (A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet Forti ...)
+ TODO: check
CVE-2018-1355 (An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 a ...)
NOT-FOR-US: Fortinet
CVE-2018-1354 (An improper access control vulnerability in Fortinet FortiManager 6.0. ...)
@@ -80304,7 +80307,7 @@ CVE-2018-1058 (A flaw was found in the way Postgresql allowed a user to modify t
NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=582edc369cdbd348d68441fc50fa26a84afd0c1a
NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=5770172cb0c9df9e6ce27c507b449557e5b45124
CVE-2018-1057 (On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 ...)
- {DSA-4135-1}
+ {DSA-4135-1 DLA-1754-1}
- samba 2:4.7.4+dfsg-2
[wheezy] - samba <not-affected> (Vulnerable code introduced later in 4.0.0alpha13)
NOTE: https://www.samba.org/samba/security/CVE-2018-1057.html
@@ -80344,7 +80347,7 @@ CVE-2018-1051 (It was found that the fix for CVE-2016-9606 in versions 3.0.22 an
- resteasy3.0 <not-affected> (Incomplete fix for CVE-2016-9606 not applied)
NOTE: Removing deprecated YamlProvider was done in 4.0.0.Beta4
CVE-2018-1050 (All versions of Samba from 4.0.0 onwards are vulnerable to a denial of ...)
- {DSA-4135-1 DLA-1320-1}
+ {DSA-4135-1 DLA-1754-1 DLA-1320-1}
- samba 2:4.7.4+dfsg-2
NOTE: https://www.samba.org/samba/security/CVE-2018-1050.html
CVE-2018-1049 (In systemd prior to 234 a race condition exists between .mount and .au ...)
@@ -106433,6 +106436,7 @@ CVE-2017-9462 (In Mercurial before 4.1.3, "hg serve --stdio" allows remote authe
NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.1.3_.282017-4-18.29
NOTE: https://www.mercurial-scm.org/repo/hg/rev/77eaf9539499
CVE-2017-9461 (smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of ser ...)
+ {DLA-1754-1}
- samba 2:4.5.6+dfsg-1 (bug #864291)
[wheezy] - samba <no-dsa> (Minor, non reproducible issue)
NOTE: https://git.samba.org/?p=samba.git;a=commitdiff;h=10c3e3923022485c720f322ca4f0aca5d7501310
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0b00186aba2a2d56c31f1e772e7da810916eff08
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0b00186aba2a2d56c31f1e772e7da810916eff08
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190410/cf1b5317/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list