[Git][security-tracker-team/security-tracker][master] new python-aioxmpp, recon-ng issues

Moritz Muehlenhoff jmm at debian.org
Tue Feb 5 13:14:51 GMT 2019 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
be163cb3 by Moritz Muehlenhoff at 2019-02-05T13:14:13Z
new python-aioxmpp, recon-ng issues
audacity dupe

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -135,7 +135,7 @@ CVE-2019-1000009 (Helm ChartMuseum version >=0.1.0 and < 0.8.1 contains a
 CVE-2019-1000008 (All versions of Helm between Helm >=2.0.0 and < 2.12.2 contains a ...)
 	NOT-FOR-US: Helm Kubernetes package manager, different from src:helm
 CVE-2019-1000007 (aioxmpp version 0.10.2 and earlier contains a Improper Handling of ...)
-	TODO: check
+	- python-aioxmpp 0.10.3-1
 CVE-2019-1000006 (RIOT RIOT-OS version after commit ...)
 	NOT-FOR-US: RIOT RIOT-OS
 CVE-2019-1000005 (mPDF version 7.1.7 and earlier contains a CWE-502: Deserialization of ...)
@@ -151,7 +151,7 @@ CVE-2019-1000001 (TeamPass version 2.1.27 and earlier contains a Storing Passwor
 CVE-2018-20753 (Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 ...)
 	NOT-FOR-US: Kaseya VSA RMM
 CVE-2018-20752 (An issue was discovered in Recon-ng before 4.9.5. Lack of validation in ...)
-	TODO: check
+	- recon-ng 4.9.5-1
 CVE-2018-1000999 (Fastnet SA MailCleaner version 2018092601 contains a Command Injection ...)
 	NOT-FOR-US: Fastnet SA MailCleaner
 CVE-2018-1000998 (FreeBSD CVSweb version 2.x contains a Cross Site Scripting (XSS) ...)
@@ -161,7 +161,7 @@ CVE-2017-18362 (ConnectWise ManagedITSync integration through 2017 for Kaseya VS
 CVE-2016-1000282
 	RESERVED
 CVE-2016-1000276 (Audacity version 2.1.2 is vulnerable to DLL Hijack, it tries to load ...)
-	TODO: check
+	TODO: check, probably a dupe of CVE-2017-1000010
 CVE-2016-1000271 (Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / ...)
 	NOT-FOR-US: Joomla extension
 CVE-2019-7355



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/be163cb3b20fc4b77e3387e4ca42a95e28b5dd84

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/be163cb3b20fc4b77e3387e4ca42a95e28b5dd84
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190205/be58f62e/attachment.html>

More information about the debian-security-tracker-commits mailing list