[Git][security-tracker-team/security-tracker][master] Add new CVEs from mfsa2019-04 and mfsa2019-05

Thu Feb 14 06:27:23 GMT 2019

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a3b971e7 by Salvatore Bonaccorso at 2019-02-14T06:25:45Z
Add new CVEs from mfsa2019-04 and mfsa2019-05

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5893,6 +5893,11 @@ CVE-2019-5786
 	RESERVED
 CVE-2019-5785
 	RESERVED
+	- firefox <unfixed>
+	- firefox-esr <unfixed>
+	- skia <itp> (bug #818180)
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/#CVE-2019-5785
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2019-5785
 CVE-2019-5784
 	RESERVED
 	- chromium <unfixed>
@@ -23583,6 +23588,9 @@ CVE-2018-18512
 	RESERVED
 CVE-2018-18511
 	RESERVED
+	- firefox <unfixed>
+	- skia <itp> (bug #818180)
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/#CVE-2018-18511
 CVE-2018-18510
 	RESERVED
 CVE-2018-18509
@@ -24044,6 +24052,11 @@ CVE-2018-18357 (Incorrect handling of confusable characters in URL Formatter in
 CVE-2018-18356 (An integer overflow in path handling lead to a use after free in Skia ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
+	- firefox <unfixed>
+	- firefox-esr <unfixed>
+	- skia <itp> (bug #818180)
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/#CVE-2018-18356
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2018-18356
 CVE-2018-18355 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
@@ -24107,6 +24120,9 @@ CVE-2018-18336 (Incorrect object lifecycle in PDFium in Google Chrome prior to .
 CVE-2018-18335 (Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
+	- firefox-esr <unfixed>
+	- skia <itp> (bug #818180)
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2018-18335
 CVE-2018-18334 (A vulnerability in the Private Browser of Trend Micro Dr. Safety for ...)
 	NOT-FOR-US: Trend Micro
 CVE-2018-18333 (A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a3b971e75a3d97c5fbf505afa24ea1b3a3e8eda4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a3b971e75a3d97c5fbf505afa24ea1b3a3e8eda4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190214/37e5f4cb/attachment.html>
