[Git][security-tracker-team/security-tracker][master] automatic update

Sat Feb 16 20:10:31 GMT 2019

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
acd21dd5 by security tracker role at 2019-02-16T20:10:23Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2019-8358 (In Hiawatha before 10.8.4, a remote attacker is able to do directory ...)
+	TODO: check
 CVE-2019-8357 (An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c ...)
 	- sox <unfixed>
 	NOTE: https://sourceforge.net/p/sox/bugs/318
@@ -6038,7 +6040,7 @@ CVE-2019-5786
 	RESERVED
 CVE-2019-5785
 	RESERVED
-	{DSA-4391-1 DLA-1677-1}
+	{DSA-4392-1 DSA-4391-1 DLA-1678-1 DLA-1677-1}
 	- firefox 65.0.1-1
 	- firefox-esr 60.5.1esr-1
 	- thunderbird 1:60.5.1-1
@@ -23768,6 +23770,7 @@ CVE-2018-18510
 	RESERVED
 CVE-2018-18509
 	RESERVED
+	{DSA-4392-1 DLA-1678-1}
 	- thunderbird 1:60.5.1-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/#CVE-2018-18511
 CVE-2018-18508 [NULL pointer dereference in several CMS functions resulting in a denial of service]
@@ -23782,7 +23785,7 @@ CVE-2018-18506 (When proxy auto-detection is enabled, if a web server serves a P
 	- firefox 65.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18506
 CVE-2018-18505 (An earlier fix for an Inter-process Communication (IPC) vulnerability, ...)
-	{DSA-4376-1 DLA-1648-1}
+	{DSA-4392-1 DSA-4376-1 DLA-1678-1 DLA-1648-1}
 	- firefox 65.0-1
 	- firefox-esr 60.5.0esr-1
 	- thunderbird 1:60.5.0-1
@@ -23799,7 +23802,7 @@ CVE-2018-18502 (Mozilla developers and community members reported memory safety
 	- firefox 65.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18502
 CVE-2018-18501 (Mozilla developers and community members reported memory safety bugs ...)
-	{DSA-4376-1 DLA-1648-1}
+	{DSA-4392-1 DSA-4376-1 DLA-1678-1 DLA-1648-1}
 	- firefox 65.0-1
 	- firefox-esr 60.5.0esr-1
 	- thunderbird 1:60.5.0-1
@@ -23807,7 +23810,7 @@ CVE-2018-18501 (Mozilla developers and community members reported memory safety
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/#CVE-2018-18501
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/#CVE-2018-18501
 CVE-2018-18500 (A use-after-free vulnerability can occur while parsing an HTML5 stream ...)
-	{DSA-4376-1 DLA-1648-1}
+	{DSA-4392-1 DSA-4376-1 DLA-1678-1 DLA-1648-1}
 	- firefox 65.0-1
 	- firefox-esr 60.5.0esr-1
 	- thunderbird 1:60.5.0-1
@@ -24225,7 +24228,7 @@ CVE-2018-18357 (Incorrect handling of confusable characters in URL Formatter in
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
 CVE-2018-18356 (An integer overflow in path handling lead to a use after free in Skia ...)
-	{DSA-4391-1 DSA-4352-1 DLA-1677-1}
+	{DSA-4392-1 DSA-4391-1 DSA-4352-1 DLA-1678-1 DLA-1677-1}
 	- chromium 71.0.3578.80-1
 	- firefox 65.0.1-1
 	- firefox-esr 60.5.1esr-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/acd21dd55d6aae425aa4f9cb8395105f40d00014

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/acd21dd55d6aae425aa4f9cb8395105f40d00014
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190216/2407a7a1/attachment.html>
