[Git][security-tracker-team/security-tracker][master] agg, svgpp bugs
Moritz Muehlenhoff
jmm at debian.org
Mon Jan 14 22:33:37 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ac80a0d7 by Moritz Muehlenhoff at 2019-01-14T22:33:10Z
agg, svgpp bugs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -73,13 +73,13 @@ CVE-2019-6250 (A pointer overflow, with code execution, was discovered in ZeroMQ
CVE-2019-6248 (PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 ...)
NOT-FOR-US: PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script
CVE-2019-6247 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in ...)
- - agg <unfixed>
- - svgpp <unfixed>
+ - agg <unfixed> (bug #919322)
+ - svgpp <unfixed> (bug #919321)
CVE-2019-6246 (An issue was discovered in SVG++ (aka svgpp) 1.2.3. After calling the ...)
- - svgpp <unfixed>
+ - svgpp <unfixed> (bug #919321)
CVE-2019-6245 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in ...)
- - agg <unfixed>
- - svgpp <unfixed>
+ - agg <unfixed> (bug #919322)
+ - svgpp <unfixed> (bug #919321)
CVE-2018-20703 (CubeCart 6.2.2 has Reflected XSS via a /{ADMIN-FILE}/ query string. ...)
NOT-FOR-US: CubeCart
CVE-2018-20702
@@ -413,7 +413,7 @@ CVE-2018-20686
CVE-2018-20684 (In WinSCP before 5.14 beta, due to missing validation, the scp ...)
NOT-FOR-US: WinSCP
CVE-2017-1002157 (modulemd 1.3.1 and earlier uses an unsafe function for processing ...)
- TODO: check
+ NOT-FOR-US: modulemd
CVE-2017-1002152 (Bodhi 2.9.0 and lower is vulnerable to cross-site scripting resulting ...)
NOT-FOR-US: Bodhi
CVE-2019-6108
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ac80a0d70653f4b673204f568c16306e39050a31
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ac80a0d70653f4b673204f568c16306e39050a31
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190114/ead97590/attachment.html>
More information about the debian-security-tracker-commits
mailing list