[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3fc25561 by security tracker role at 2019-08-06T08:10:22Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,10 +1,58 @@
+CVE-2019-14689
+	RESERVED
+CVE-2019-14688
+	RESERVED
+CVE-2019-14687
+	RESERVED
+CVE-2019-14686
+	RESERVED
+CVE-2019-14685
+	RESERVED
+CVE-2019-14684
+	RESERVED
+CVE-2019-14683
+	RESERVED
+CVE-2019-14682
+	RESERVED
+CVE-2019-14681
+	RESERVED
+CVE-2019-14680
+	RESERVED
+CVE-2019-14679
+	RESERVED
+CVE-2019-14678
+	RESERVED
+CVE-2019-14677
+	RESERVED
+CVE-2019-14676
+	RESERVED
+CVE-2019-14675
+	RESERVED
+CVE-2019-14674
+	RESERVED
+CVE-2019-14673
+	RESERVED
+CVE-2019-14672 (Firefly III 4.7.17.5 is vulnerable to stored XSS due to the lack of fi ...)
+	TODO: check
+CVE-2019-14671 (Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attac ...)
+	TODO: check
+CVE-2019-14670 (Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of fi ...)
+	TODO: check
+CVE-2019-14669 (Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of fi ...)
+	TODO: check
+CVE-2019-14668 (Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of fi ...)
+	TODO: check
+CVE-2019-14667 (Firefly III 4.7.17.4 is vulnerable to multiple stored XSS issues due t ...)
+	TODO: check
+CVE-2015-9292
+	RESERVED
 CVE-2019-14666
 	RESERVED
 CVE-2019-14665 (Brandy 1.20.1 has a heap-based buffer overflow in define_array in vari ...)
 	- brandy <unfixed> (bug #933996)
 	NOTE: https://sourceforge.net/p/brandy/bugs/8/
-CVE-2019-14664
-	RESERVED
+CVE-2019-14664 (In Enigmail below 2.1, an attacker in possession of PGP encrypted emai ...)
+	TODO: check
 CVE-2019-14663 (Brandy 1.20.1 has a stack-based buffer overflow in fileio_openin in fi ...)
 	- brandy <unfixed> (bug #933996)
 	NOTE: https://sourceforge.net/p/brandy/bugs/6/
@@ -447,8 +495,8 @@ CVE-2019-14477
 	RESERVED
 CVE-2019-14476
 	RESERVED
-CVE-2019-14475
-	RESERVED
+CVE-2019-14475 (eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use s ...)
+	TODO: check
 CVE-2019-14474
 	RESERVED
 CVE-2019-14473
@@ -5804,7 +5852,8 @@ CVE-2019-12934 (An issue was discovered in the wp-code-highlightjs plugin throug
 	NOT-FOR-US: wp-code-highlightjs plugin for WordPress
 CVE-2019-12935 (Shopware before 5.5.8 has XSS via the Query String to the backend/Logi ...)
 	NOT-FOR-US: Shopware
-CVE-2019-12933 (An XSS issue on the PIX-Link Repeater/Router LV-WR09 with firmware v28 ...)
+CVE-2019-12933
+	REJECTED
 	NOT-FOR-US: PIX-Link Repeater/Router LV-WR09
 CVE-2019-12932 (A stored XSS vulnerability was found in SeedDMS 5.1.11 due to poorly e ...)
 	NOT-FOR-US: SeedDMS
@@ -7027,7 +7076,7 @@ CVE-2019-12452 (types/types.go in Containous Traefik 1.7.x through 1.7.11, when
 CVE-2019-12451
 	RESERVED
 CVE-2019-13012 (The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 ...)
-	{DLA-1866-1}
+	{DLA-1866-2 DLA-1866-1}
 	[experimental] - glib2.0 2.60.0-1
 	- glib2.0 2.60.5-1 (bug #931234)
 	[buster] - glib2.0 <no-dsa> (Minor issue)
@@ -14436,7 +14485,7 @@ CVE-2019-1010027
 	RESERVED
 CVE-2019-1010026
 	RESERVED
-CVE-2019-1010025 (GNU Libc current is affected by: Mitigation bypass. The impact is: Att ...)
+CVE-2019-1010025 (** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The ...)
 	- glibc <unfixed> (unimportant)
 	NOTE: Not treated as a security issue by upstream
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22853



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3fc25561532264c8f0b02fd8b4efae1a24fa8620

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3fc25561532264c8f0b02fd8b4efae1a24fa8620
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190806/2c84d962/attachment-0001.html>