[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Dec 20 08:10:26 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bb6e7e32 by security tracker role at 2019-12-20T08:10:13Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,20 +1,20 @@
CVE-2019-19913
- RESERVED
+ TODO: check
CVE-2019-19912
- RESERVED
+ TODO: check
CVE-2019-19911
- RESERVED
-CVE-2019-19910 (The MinervaNeue Skin in MediaWiki from 2019-11-05 to 2019-12-13 (1.35 ...)
TODO: check
-CVE-2019-19909 (An issue was discovered in Public Knowledge Project (PKP) pkp-lib befo ...)
+CVE-2019-19910
+ TODO: check
+CVE-2019-19909
NOT-FOR-US: Public Knowledge Project (PKP) pkp-lib
CVE-2019-19908
- RESERVED
-CVE-2019-19907 (HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core ...)
+ TODO: check
+CVE-2019-19907
- kopanocore <unfixed>
NOTE: https://stash.kopano.io/projects/KC/repos/kopanocore/commits/4e02b420fff
CVE-2019-19904
- RESERVED
+ TODO: check
CVE-2019-19903 (An issue was discovered in Backdrop CMS 1.14.x before 1.14.2. It doesn ...)
- backdrop <itp> (bug #914257)
CVE-2019-19902 (An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14. ...)
@@ -41,11 +41,11 @@ CVE-2019-19892
RESERVED
CVE-2019-19891
RESERVED
-CVE-2019-19906 (cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading ...)
+CVE-2019-19906
- cyrus-sasl2 <unfixed> (bug #947043)
NOTE: https://github.com/cyrusimap/cyrus-sasl/issues/587
NOTE: https://www.openldap.org/its/index.cgi/Incoming?id=9123
-CVE-2019-19905 (NetHack before 3.6.4 is prone to a buffer overflow vulnerability when ...)
+CVE-2019-19905
- nethack <unfixed> (low; bug #947005)
[buster] - nethack <no-dsa> (Minor issue)
[stretch] - nethack <no-dsa> (Minor issue)
@@ -918,6 +918,7 @@ CVE-2019-19785 (ATasm 1.06 has a stack-based buffer overflow in the to_comma() f
CVE-2019-19784
RESERVED
CVE-2019-19783 (An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0. ...)
+ {DSA-4590-1}
- cyrus-imapd 3.0.13-1
NOTE: https://www.cyrusimap.org/imap/download/release-notes/3.0/x/3.0.13.html#security-fixes
CVE-2019-19782 (The FTP client in AceaXe Plus 1.0 allows a buffer overflow via a long ...)
@@ -6882,7 +6883,8 @@ CVE-2019-18957 (Microstrategy Library in MicroStrategy before 2019 before 11.1.3
NOT-FOR-US: Microstrategy Library
CVE-2019-18956 (Divisa Proxia Suite 9 < 9.12.16, 9.11.19, 9.10.26, 9.9.8, 9.8.43 an ...)
TODO: check
-CVE-2019-18955 (The web console in Lansweeper 7.2.105.2 has XSS via the URL path. Prod ...)
+CVE-2019-18955
+ RESERVED
TODO: check
CVE-2019-18954 (Pomelo v2.2.5 allows external control of critical state data. A malici ...)
NOT-FOR-US: Pomelo
@@ -9882,7 +9884,8 @@ CVE-2019-18617
RESERVED
CVE-2019-18616
RESERVED
-CVE-2019-18615 (In CloudVision Portal (CVP) for all releases in the 2018.2 Train, unde ...)
+CVE-2019-18615
+ RESERVED
TODO: check
CVE-2019-18614
RESERVED
@@ -12086,7 +12089,8 @@ CVE-2019-18183
RESERVED
CVE-2019-18182
RESERVED
-CVE-2019-18181 (In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train ...)
+CVE-2019-18181
+ RESERVED
TODO: check
CVE-2019-18180 (Improper Check for filenames with overly long extensions in PostMaster ...)
- otrs2 <unfixed> (bug #945251)
@@ -13176,7 +13180,8 @@ CVE-2019-17635
RESERVED
CVE-2019-17634
RESERVED
-CVE-2019-17633 (For Eclipse Che versions 6.16 to 7.3.0, with both authentication and T ...)
+CVE-2019-17633
+ RESERVED
TODO: check
CVE-2019-17632 (In Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022, and 9.4. ...)
- jetty9 <unfixed>
@@ -16368,49 +16373,70 @@ CVE-2019-16467
RESERVED
CVE-2019-16466
RESERVED
-CVE-2019-16465 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16465
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16464 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16464
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16463 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16463
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16462 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16462
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16461 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16461
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16460 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16460
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16459 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16459
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16458 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16458
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16457 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16457
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16456 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16456
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16455 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16455
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16454 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16454
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16453 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16453
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16452 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16452
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16451 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16451
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16450 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16450
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16449 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16449
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16448 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16448
+ RESERVED
NOT-FOR-US: Adobe
CVE-2019-16447
RESERVED
-CVE-2019-16446 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16446
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16445 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16445
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16444 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
+CVE-2019-16444
+ RESERVED
NOT-FOR-US: Adobe
CVE-2019-16443
RESERVED
@@ -31150,7 +31176,8 @@ CVE-2019-11782
RESERVED
CVE-2019-11781
RESERVED
-CVE-2019-11780 (Improper access control in the computed fields system of the framework ...)
+CVE-2019-11780
+ RESERVED
NOT-FOR-US: Odoo
CVE-2019-11779 (In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT cli ...)
{DSA-4570-1 DLA-1972-1}
@@ -252094,7 +252121,7 @@ CVE-2014-0085 (JBoss Fuse did not enable encrypted passwords by default in its u
NOT-FOR-US: Fuse Fabric
CVE-2014-0084 (Ruby gem openshift-origin-node before 2014-02-14 does not contain a cr ...)
NOT-FOR-US: rubygem-openshift-origin-node
-CVE-2014-0083 (The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSH ...)
+CVE-2014-0083 (The Ruby net-ldap gem before 0.16.2 uses a weak salt when generating S ...)
- ruby-net-ldap <not-affected> (SSHA support not present)
NOTE: SSHA support only from version v0.5.0, see #742706
CVE-2014-0082 (actionpack/lib/action_view/template/text.rb in Action View in Ruby on ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bb6e7e32bdfd1daa1c0827ae7edec089cc558f1d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bb6e7e32bdfd1daa1c0827ae7edec089cc558f1d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191220/62e737d7/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list