[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Thu Feb 7 20:10:30 GMT 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d1fc77db by security tracker role at 2019-02-07T20:10:16Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,99 @@
+CVE-2019-7627
+	RESERVED
+CVE-2019-7626
+	RESERVED
+CVE-2019-7625
+	RESERVED
+CVE-2019-7624
+	RESERVED
+CVE-2019-7623
+	RESERVED
+CVE-2019-7622
+	RESERVED
+CVE-2019-7621
+	RESERVED
+CVE-2019-7620
+	RESERVED
+CVE-2019-7619
+	RESERVED
+CVE-2019-7618
+	RESERVED
+CVE-2019-7617
+	RESERVED
+CVE-2019-7616
+	RESERVED
+CVE-2019-7615
+	RESERVED
+CVE-2019-7614
+	RESERVED
+CVE-2019-7613
+	RESERVED
+CVE-2019-7612
+	RESERVED
+CVE-2019-7611
+	RESERVED
+CVE-2019-7610
+	RESERVED
+CVE-2019-7609
+	RESERVED
+CVE-2019-7608
+	RESERVED
+CVE-2019-7607
+	RESERVED
+CVE-2019-7606
+	RESERVED
+CVE-2019-7605
+	RESERVED
+CVE-2019-7604
+	RESERVED
+CVE-2019-7603
+	RESERVED
+CVE-2019-7602
+	RESERVED
+CVE-2019-7601
+	RESERVED
+CVE-2019-7600
+	RESERVED
+CVE-2019-7599
+	RESERVED
+CVE-2019-7598
+	RESERVED
+CVE-2019-7597
+	RESERVED
+CVE-2019-7596
+	RESERVED
+CVE-2019-7595
+	RESERVED
+CVE-2019-7594
+	RESERVED
+CVE-2019-7593
+	RESERVED
+CVE-2019-7592
+	RESERVED
+CVE-2019-7591
+	RESERVED
+CVE-2019-7590
+	RESERVED
+CVE-2019-7589
+	RESERVED
+CVE-2019-7588
+	RESERVED
+CVE-2019-7587 (Bo-blog Wind through 1.6.0-r allows SQL Injection via the ...)
+	TODO: check
+CVE-2019-7586
+	RESERVED
+CVE-2019-7585 (An issue was discovered in Waimai Super Cms 20150505. ...)
+	TODO: check
+CVE-2019-7584
+	RESERVED
+CVE-2019-7583
+	RESERVED
+CVE-2019-7582 (The readBytes function in util/read.c in libming through 0.4.8 allows ...)
+	TODO: check
+CVE-2019-7581 (The parseSWF_ACTIONRECORD function in util/parser.c in libming through ...)
+	TODO: check
+CVE-2019-7580 (ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP ...)
+	TODO: check
 CVE-2019-7579
 	RESERVED
 CVE-2019-7578 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
@@ -120,8 +216,8 @@ CVE-2019-7537
 	RESERVED
 CVE-2019-7536
 	RESERVED
-CVE-2019-7535
-	RESERVED
+CVE-2019-7535 (index.php in Gurock TestRail 5.3.0.3603 returns potentially sensitive ...)
+	TODO: check
 CVE-2019-7534
 	RESERVED
 CVE-2019-7533
@@ -559,10 +655,12 @@ CVE-2019-1000021 (slixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab
 	- slixmpp 1.4.2-1
 	NOTE: https://lab.louiz.org/poezio/slixmpp/commit/7cd73b594e8122dddf847953fcfc85ab4d316416
 CVE-2019-1000020 (libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 ...)
+	{DLA-1668-1}
 	- libarchive 3.3.3-4
 	NOTE: https://github.com/libarchive/libarchive/pull/1120
 	NOTE: https://github.com/libarchive/libarchive/commit/8312eaa576014cd9b965012af51bc1f967b12423
 CVE-2019-1000019 (libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 ...)
+	{DLA-1668-1}
 	- libarchive 3.3.3-4
 	NOTE: https://github.com/libarchive/libarchive/pull/1120
 	NOTE: https://github.com/libarchive/libarchive/commit/65a23f5dbee4497064e9bb467f81138a62b0dae1
@@ -8073,8 +8171,8 @@ CVE-2019-4010
 	RESERVED
 CVE-2019-4009
 	RESERVED
-CVE-2019-4008
-	RESERVED
+CVE-2019-4008 (API Connect V2018.1 through 2018.4.1.1 is impacted by access token ...)
+	TODO: check
 CVE-2019-4007
 	RESERVED
 CVE-2019-4006
@@ -8498,7 +8596,7 @@ CVE-2019-3815 (A memory leak was discovered in the backport of fixes for ...)
 	NOTE: specifically the backport of the fix for CVE-2018-16864.
 CVE-2019-3814 [Suitable client certificate can be used to login as other user]
 	RESERVED
-	{DSA-4385-1}
+	{DSA-4385-1 DLA-1667-1}
 	- dovecot 1:2.3.4.1-1
 	NOTE: https://www.openwall.com/lists/oss-security/2019/02/05/1
 CVE-2019-3813 (Spice, versions 0.5.2 through 0.14.1, are vulnerable to an ...)
@@ -8745,8 +8843,8 @@ CVE-2019-3706
 	RESERVED
 CVE-2019-3705
 	RESERVED
-CVE-2019-3704
-	RESERVED
+CVE-2019-3704 (VNX Control Station in Dell EMC VNX2 OE for File versions prior to ...)
+	TODO: check
 CVE-2019-3703
 	RESERVED
 CVE-2019-3702
@@ -15099,8 +15197,8 @@ CVE-2019-1679
 	RESERVED
 CVE-2019-1678
 	RESERVED
-CVE-2019-1677
-	RESERVED
+CVE-2019-1677 (A vulnerability in Cisco Webex Meetings for Android could allow an ...)
+	TODO: check
 CVE-2019-1676
 	RESERVED
 CVE-2019-1675
@@ -67935,8 +68033,8 @@ CVE-2018-1668 (IBM DataPower Gateway 7.5.0.0 through 7.5.0.19, 7.5.1.0 through .
 	NOT-FOR-US: IBM
 CVE-2018-1667 (IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through ...)
 	NOT-FOR-US: IBM
-CVE-2018-1666
-	RESERVED
+CVE-2018-1666 (IBM DataPower Gateway 2018.4.1.0, 7.6.0.0 through 7.6.0.11, 7.5.2.0 ...)
+	TODO: check
 CVE-2018-1665 (IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through ...)
 	NOT-FOR-US: IBM
 CVE-2018-1664 (IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d1fc77dbb3ce561d2bc5e1078ca09c4de4800ccd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d1fc77dbb3ce561d2bc5e1078ca09c4de4800ccd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190207/97726484/attachment.html>


More information about the debian-security-tracker-commits mailing list