[Git][security-tracker-team/security-tracker][master] automatic update

Wed Apr 24 09:10:28 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8795715b by security tracker role at 2019-04-24T08:10:19Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2019-11498 (WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack t ...)
+	TODO: check
+CVE-2019-11497
+	RESERVED
+CVE-2019-11496
+	RESERVED
+CVE-2019-11495
+	RESERVED
+CVE-2019-11494
+	RESERVED
+CVE-2019-11493
+	RESERVED
+CVE-2019-11492
+	RESERVED
+CVE-2019-11491
+	RESERVED
+CVE-2019-11490 (An issue was discovered in Npcap 0.992. Sending a malformed .pcap file ...)
+	TODO: check
+CVE-2019-11489
+	RESERVED
+CVE-2019-11488
+	RESERVED
+CVE-2019-11487 (The Linux kernel before 5.1-rc5 allows page->_refcount reference co ...)
+	TODO: check
+CVE-2019-11486 (The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in t ...)
+	TODO: check
 CVE-2019-11485
 	RESERVED
 CVE-2019-11484
@@ -916,7 +942,7 @@ CVE-2019-11074
 	RESERVED
 CVE-2019-11073
 	RESERVED
-CVE-2019-11072 (lighttpd before 1.4.54 has a signed integer overflow, which might allo ...)
+CVE-2019-11072 (** DISPUTED ** lighttpd before 1.4.54 has a signed integer overflow, w ...)
 	- lighttpd 1.4.53-4 (bug #926885)
 	[stretch] - lighttpd <not-affected> (Vulnerable code introduced later)
 	[jessie] - lighttpd <not-affected> (Vulnerable code introduced later)
@@ -1925,8 +1951,8 @@ CVE-2019-10713
 	RESERVED
 CVE-2019-10712
 	RESERVED
-CVE-2019-10711
-	RESERVED
+CVE-2019-10711 (Incorrect access control in the RTSP stream and web portal on all IP c ...)
+	TODO: check
 CVE-2019-10710 (Insecure permissions in the Web management portal on all IP cameras ba ...)
 	TODO: check
 CVE-2019-10709
@@ -1975,8 +2001,8 @@ CVE-2019-10690
 	RESERVED
 CVE-2019-10689
 	RESERVED
-CVE-2019-10688
-	RESERVED
+CVE-2019-10688 (VVX products using UCS software version 5.8.0 and earlier with Better  ...)
+	TODO: check
 CVE-2019-10687
 	RESERVED
 CVE-2019-10686 (An SSRF vulnerability was found in an API from Ctrip Apollo through 1. ...)
@@ -58474,8 +58500,8 @@ CVE-2018-8827 (The admin web interface on Technicolor MediaAccess TG789vac v2 HP
 	NOT-FOR-US: Technicolor
 CVE-2018-8826 (ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 ...)
 	NOT-FOR-US: ASUS routers
-CVE-2018-8825
-	RESERVED
+CVE-2018-8825 (Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The i ...)
+	TODO: check
 CVE-2018-8824 (modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horiz ...)
 	NOT-FOR-US: Responsive Mega Menu Pro module for PrestaShop
 CVE-2018-8823 (modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horiz ...)
@@ -61778,8 +61804,8 @@ CVE-2018-7578
 	RESERVED
 CVE-2018-7577
 	RESERVED
-CVE-2018-7576
-	RESERVED
+CVE-2018-7576 (Google TensorFlow 1.6.x and earlier is affected by: Null Pointer Deref ...)
+	TODO: check
 CVE-2018-7575
 	RESERVED
 CVE-2018-7574



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8795715b29ebb7b37345046f9cefbc793120b55d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8795715b29ebb7b37345046f9cefbc793120b55d
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190424/b7bc0f5c/attachment-0001.html>
