[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Fri Feb 15 20:10:37 GMT 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a53fe151 by security tracker role at 2019-02-15T20:10:29Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2019-8350
+	RESERVED
+CVE-2019-8349
+	RESERVED
+CVE-2019-8348
+	RESERVED
+CVE-2019-8347 (BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP accounts via ...)
+	TODO: check
+CVE-2019-8346
+	RESERVED
+CVE-2019-8345 (The Help feature in the ES File Explorer File Manager application ...)
+	TODO: check
+CVE-2019-8344
+	RESERVED
 CVE-2019-8343 (In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in ...)
 	- nasm <unfixed>
 	[stretch] - nasm <no-dsa> (Minor issue)
@@ -3198,8 +3212,7 @@ CVE-2019-6975 (Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x befo
 	NOTE: Upstream re-released https://code.djangoproject.com/ticket/30175
 	NOTE: https://www.djangoproject.com/weblog/2019/feb/11/security-releases/
 	NOTE: https://github.com/django/django/commit/0bbb560183fabf0533289700845dafa94951f227 (1.11 branch)
-CVE-2019-6974 [kvm: fix kvm_ioctl_create_device() reference counting]
-	RESERVED
+CVE-2019-6974 (In the Linux kernel before 4.20.8, kvm_ioctl_create_device in ...)
 	- linux 4.19.20-1
 	NOTE: https://git.kernel.org/linus/cfa39381173d5f969daf43582c95ad679189cbc9
 CVE-2019-6973
@@ -6003,7 +6016,7 @@ CVE-2019-5786
 	RESERVED
 CVE-2019-5785
 	RESERVED
-	{DSA-4391-1}
+	{DSA-4391-1 DLA-1677-1}
 	- firefox 65.0.1-1
 	- firefox-esr 60.5.1esr-1
 	- thunderbird 1:60.5.1-1
@@ -20709,40 +20722,40 @@ CVE-2019-0269
 	RESERVED
 CVE-2019-0268
 	RESERVED
-CVE-2019-0267
-	RESERVED
-CVE-2019-0266
-	RESERVED
-CVE-2019-0265
-	RESERVED
+CVE-2019-0267 (SAP Manufacturing Integration and Intelligence, versions 15.0, 15.1 ...)
+	TODO: check
+CVE-2019-0266 (Under certain conditions SAP HANA Extended Application Services, ...)
+	TODO: check
+CVE-2019-0265 (SLD Registration of ABAP Platform allows an attacker to prevent ...)
+	TODO: check
 CVE-2019-0264
 	RESERVED
 CVE-2019-0263
 	RESERVED
-CVE-2019-0262
-	RESERVED
-CVE-2019-0261
-	RESERVED
+CVE-2019-0262 (SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not ...)
+	TODO: check
+CVE-2019-0261 (Under certain circumstances, SAP HANA Extended Application Services, ...)
+	TODO: check
 CVE-2019-0260
 	RESERVED
-CVE-2019-0259
-	RESERVED
-CVE-2019-0258
-	RESERVED
-CVE-2019-0257
-	RESERVED
-CVE-2019-0256
-	RESERVED
-CVE-2019-0255
-	RESERVED
-CVE-2019-0254
-	RESERVED
+CVE-2019-0259 (SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows ...)
+	TODO: check
+CVE-2019-0258 (SAP Disclosure Management, version 10.01, does not perform necessary ...)
+	TODO: check
+CVE-2019-0257 (Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in ...)
+	TODO: check
+CVE-2019-0256 (Under certain conditions SAP Business One Mobile Android App, version ...)
+	TODO: check
+CVE-2019-0255 (SAP NetWeaver AS ABAP Platform, Krnl64nuc 7.74, krnl64UC 7.73, 7.74, ...)
+	TODO: check
+CVE-2019-0254 (SAP Disclosure Management (before version 10.1 Stack 1301) does not ...)
+	TODO: check
 CVE-2019-0253
 	RESERVED
 CVE-2019-0252
 	RESERVED
-CVE-2019-0251
-	RESERVED
+CVE-2019-0251 (The Fiori Launchpad of SAP BusinessObjects, before versions 4.2 and ...)
+	TODO: check
 CVE-2019-0250
 	RESERVED
 CVE-2019-0249 (Under certain conditions SAP Landscape Management (VCM 3.0) allows an ...)
@@ -24184,7 +24197,7 @@ CVE-2018-18357 (Incorrect handling of confusable characters in URL Formatter in
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
 CVE-2018-18356 (An integer overflow in path handling lead to a use after free in Skia ...)
-	{DSA-4391-1 DSA-4352-1}
+	{DSA-4391-1 DSA-4352-1 DLA-1677-1}
 	- chromium 71.0.3578.80-1
 	- firefox 65.0.1-1
 	- firefox-esr 60.5.1esr-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a53fe15166d37c690fb940206ba1b65d6fe87033

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a53fe15166d37c690fb940206ba1b65d6fe87033
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190215/8b4e72c1/attachment.html>


More information about the debian-security-tracker-commits mailing list