[Git][security-tracker-team/security-tracker][master] Add new CVEs from mfsa2019-04 and mfsa2019-05
Salvatore Bonaccorso
carnil at debian.org
Thu Feb 14 06:27:23 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a3b971e7 by Salvatore Bonaccorso at 2019-02-14T06:25:45Z
Add new CVEs from mfsa2019-04 and mfsa2019-05
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5893,6 +5893,11 @@ CVE-2019-5786
RESERVED
CVE-2019-5785
RESERVED
+ - firefox <unfixed>
+ - firefox-esr <unfixed>
+ - skia <itp> (bug #818180)
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/#CVE-2019-5785
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2019-5785
CVE-2019-5784
RESERVED
- chromium <unfixed>
@@ -23583,6 +23588,9 @@ CVE-2018-18512
RESERVED
CVE-2018-18511
RESERVED
+ - firefox <unfixed>
+ - skia <itp> (bug #818180)
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/#CVE-2018-18511
CVE-2018-18510
RESERVED
CVE-2018-18509
@@ -24044,6 +24052,11 @@ CVE-2018-18357 (Incorrect handling of confusable characters in URL Formatter in
CVE-2018-18356 (An integer overflow in path handling lead to a use after free in Skia ...)
{DSA-4352-1}
- chromium 71.0.3578.80-1
+ - firefox <unfixed>
+ - firefox-esr <unfixed>
+ - skia <itp> (bug #818180)
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/#CVE-2018-18356
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2018-18356
CVE-2018-18355 (Incorrect handling of confusable characters in URL Formatter in Google ...)
{DSA-4352-1}
- chromium 71.0.3578.80-1
@@ -24107,6 +24120,9 @@ CVE-2018-18336 (Incorrect object lifecycle in PDFium in Google Chrome prior to .
CVE-2018-18335 (Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 ...)
{DSA-4352-1}
- chromium 71.0.3578.80-1
+ - firefox-esr <unfixed>
+ - skia <itp> (bug #818180)
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2018-18335
CVE-2018-18334 (A vulnerability in the Private Browser of Trend Micro Dr. Safety for ...)
NOT-FOR-US: Trend Micro
CVE-2018-18333 (A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a3b971e75a3d97c5fbf505afa24ea1b3a3e8eda4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a3b971e75a3d97c5fbf505afa24ea1b3a3e8eda4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190214/37e5f4cb/attachment.html>
More information about the debian-security-tracker-commits
mailing list