[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat Apr 20 09:10:28 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
045b1bfc by security tracker role at 2019-04-20T08:10:19Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2019-11360
+	RESERVED
+CVE-2019-11359 (Cross-site scripting (XSS) vulnerability in display.php in I, Libraria ...)
+	TODO: check
+CVE-2019-11357
+	RESERVED
+CVE-2019-11356
+	RESERVED
+CVE-2019-11355
+	RESERVED
+CVE-2019-11354 (The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows te ...)
+	TODO: check
+CVE-2019-11353
+	RESERVED
+CVE-2019-11352
+	RESERVED
+CVE-2019-11351 (TeamSpeak 3 Client before 3.2.5 allows remote code execution in the Qt ...)
+	TODO: check
+CVE-2019-11350 (CloudBees Jenkins Operations Center 2.150.2.3, when an expired trial l ...)
+	TODO: check
+CVE-2019-11349
+	RESERVED
+CVE-2019-11348
+	RESERVED
+CVE-2019-11347
+	RESERVED
+CVE-2018-20817 (SV_SteamAuthClient in various Activision Infinity Ward Call of Duty ga ...)
+	TODO: check
 CVE-2019-XXXX [EAP-pwd message reassembly issue with unexpected fragment]
 	- wpa <unfixed> (bug #927439)
 	NOTE: https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt
@@ -165,7 +193,7 @@ CVE-2019-11269
 	RESERVED
 CVE-2019-11268
 	RESERVED
-CVE-2019-11358 [Cross Site Scripting - SA-CORE-2019-006 / Object.prototype pollution in jQuery]
+CVE-2019-11358 (jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other produc ...)
 	- drupal7 <removed> (bug #927330)
 	- jquery 3.3.1~dfsg-2 (bug #927385)
 	- node-jquery <unfixed>
@@ -24396,52 +24424,37 @@ CVE-2019-2043
 	RESERVED
 CVE-2019-2042
 	RESERVED
-CVE-2019-2041
-	RESERVED
+CVE-2019-2041 (In the configuration of NFC modules on certain devices, there is a pos ...)
 	NOT-FOR-US: Android
-CVE-2019-2040
-	RESERVED
+CVE-2019-2040 (In rw_i93_process_ext_sys_info of rw_i93.cc, there is a possible out-o ...)
 	NOT-FOR-US: Android
-CVE-2019-2039
-	RESERVED
+CVE-2019-2039 (In rw_i93_sm_detect_ndef of rw_i93.cc, there is a possible out-of-boun ...)
 	NOT-FOR-US: Android
-CVE-2019-2038
-	RESERVED
+CVE-2019-2038 (In rw_i93_process_sys_info of rw_i93.cc, there is a possible out-of-bo ...)
 	NOT-FOR-US: Android
-CVE-2019-2037
-	RESERVED
+CVE-2019-2037 (In l2cu_send_peer_config_rej of l2c_utils.cc, there is a possible out- ...)
 	NOT-FOR-US: Android
 CVE-2019-2036
 	RESERVED
-CVE-2019-2035
-	RESERVED
+CVE-2019-2035 (In rw_i93_sm_update_ndef of rw_i93.cc, there is a possible out-of-boun ...)
 	NOT-FOR-US: Android
-CVE-2019-2034
-	RESERVED
+CVE-2019-2034 (In rw_i93_sm_read_ndef of rw_i93.cc, there is a possible out-of-bounds ...)
 	NOT-FOR-US: Android
-CVE-2019-2033
-	RESERVED
+CVE-2019-2033 (In create_hdr of dnssd_clientstub.c, there is a possible use after fre ...)
 	NOT-FOR-US: Android
-CVE-2019-2032
-	RESERVED
+CVE-2019-2032 (In SetScanResponseData of ble_advertiser_hci_interface.cc, there is a  ...)
 	NOT-FOR-US: Android
-CVE-2019-2031
-	RESERVED
+CVE-2019-2031 (In rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible  ...)
 	NOT-FOR-US: Android
-CVE-2019-2030
-	RESERVED
+CVE-2019-2030 (In removeInterfaceAddress of NetworkController.cpp, there is a possibl ...)
 	NOT-FOR-US: Android
-CVE-2019-2029
-	RESERVED
+CVE-2019-2029 (In btm_proc_smp_cback of tm_ble.cc, there is a possible memory corrupt ...)
 	NOT-FOR-US: Android
-CVE-2019-2028
-	RESERVED
+CVE-2019-2028 (In numerous hand-crafted functions in libmpeg2, NEON registers are not ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2019-2027
-	RESERVED
+CVE-2019-2027 (In floor0_inverse1 of floor0.c, there is a possible out of bounds writ ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2019-2026
-	RESERVED
+CVE-2019-2026 (In updateAssistMenuItems of Editor.java, there is a possible escape fr ...)
 	NOT-FOR-US: Android
 CVE-2019-2025 [binder: fix race that allows malicious free of live buffer]
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/045b1bfc49d912f8f7aeb704a29b44c6b18f67d1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/045b1bfc49d912f8f7aeb704a29b44c6b18f67d1
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190420/60c9c889/attachment.html>

More information about the debian-security-tracker-commits mailing list