[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8b621e4d by security tracker role at 2019-02-26T20:10:19Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2019-9195 (util/src/zip.rs in Grin before 1.0.2 mishandles suspicious files in an ...)
+	TODO: check
+CVE-2019-9194 (elFinder before 2.1.48 has a command injection vulnerability in the PHP ...)
+	TODO: check
+CVE-2019-9193
+	RESERVED
+CVE-2019-9191 (The ETSI Enterprise Transport Security (ETS, formerly known as eTLS) ...)
+	TODO: check
+CVE-2019-9190
+	RESERVED
+CVE-2019-9189
+	RESERVED
+CVE-2019-9188
+	RESERVED
+CVE-2019-9187
+	RESERVED
+CVE-2019-9186
+	RESERVED
+CVE-2019-9185
+	RESERVED
+CVE-2019-9184 (SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for ...)
+	TODO: check
 CVE-2019-9183
 	RESERVED
 CVE-2019-9182 (There is a CSRF in ZZZCMS zzzphp V1.6.1 via a ...)
@@ -57,7 +79,7 @@ CVE-2019-9157
 	RESERVED
 CVE-2019-9156
 	RESERVED
-CVE-2019-9192 [regexec: Infinite recursion in check_dst_limits_calc_pos_1]
+CVE-2019-9192 (** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, ...)
 	- glibc <unfixed> (unimportant)
 	- eglibc <removed> (unimportant)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24269
@@ -4066,8 +4088,8 @@ CVE-2019-7394
 	RESERVED
 CVE-2019-7393
 	RESERVED
-CVE-2019-7392
-	RESERVED
+CVE-2019-7392 (An improper authentication vulnerability in CA Privileged Access ...)
+	TODO: check
 CVE-2019-7391
 	RESERVED
 CVE-2019-7390 (An issue was discovered in /bin/goahead on D-Link DIR-823G devices with ...)
@@ -4339,6 +4361,7 @@ CVE-2019-7316 (An issue was discovered in CSS-TRICKS Chat2 through 2015-05-05. T
 CVE-2019-7315
 	RESERVED
 CVE-2019-7314 (liblivemedia in Live555 before 2019.02.03 mishandles the termination of ...)
+	{DLA-1690-1}
 	[experimental] - liblivemedia 2019.02.03-1
 	- liblivemedia <unfixed>
 	NOTE: http://lists.live555.com/pipermail/live-devel/2019-February/021143.html
@@ -5999,14 +6022,14 @@ CVE-2019-6597
 	RESERVED
 CVE-2019-6596
 	RESERVED
-CVE-2019-6595
-	RESERVED
-CVE-2019-6594
-	RESERVED
-CVE-2019-6593
-	RESERVED
-CVE-2019-6592
-	RESERVED
+CVE-2019-6595 (Cross-site scripting (XSS) vulnerability in F5 BIG-IP Access Policy ...)
+	TODO: check
+CVE-2019-6594 (On BIG-IP 11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 HF1-13.1.1.1, and ...)
+	TODO: check
+CVE-2019-6593 (On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server ...)
+	TODO: check
+CVE-2019-6592 (On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file ...)
+	TODO: check
 CVE-2019-6591 (On BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to ...)
 	NOT-FOR-US: BIG-IP
 CVE-2019-6590 (On BIG-IP LTM 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6, under certain ...)
@@ -6910,6 +6933,7 @@ CVE-2019-6258
 CVE-2019-6257 (A Server Side Request Forgery (SSRF) vulnerability in elFinder before ...)
 	NOT-FOR-US: elFinder
 CVE-2019-6256 (A Denial of Service issue was discovered in the LIVE555 Streaming Media ...)
+	{DLA-1690-1}
 	- liblivemedia 2018.11.26-1 (bug #919529)
 	NOTE: https://github.com/rgaufman/live555/issues/19
 CVE-2019-6255



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8b621e4d4d617d32c0587c00ad9eee7f0a780b8e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8b621e4d4d617d32c0587c00ad9eee7f0a780b8e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190226/a79cf882/attachment.html>