[Git][security-tracker-team/security-tracker][master] automatic update

Thu Jan 17 20:10:34 GMT 2019

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dfb47f9c by security tracker role at 2019-01-17T20:10:25Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5742,6 +5742,7 @@ CVE-2019-3813
 CVE-2019-3812
 	RESERVED
 CVE-2019-3811 (A vulnerability was found in sssd. If a user was configured with no ...)
+	{DLA-1635-1}
 	- sssd <unfixed> (bug #919051)
 	NOTE: Upstream ticket: https://pagure.io/SSSD/sssd/issue/3901
 	NOTE: Pull request: https://github.com/SSSD/sssd/pull/703
@@ -15195,10 +15196,10 @@ CVE-2019-0649
 	RESERVED
 CVE-2019-0648
 	RESERVED
-CVE-2019-0647
-	RESERVED
-CVE-2019-0646
-	RESERVED
+CVE-2019-0647 (An information disclosure vulnerability exists when Team Foundation ...)
+	TODO: check
+CVE-2019-0646 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
+	TODO: check
 CVE-2019-0645
 	RESERVED
 CVE-2019-0644
@@ -15241,8 +15242,8 @@ CVE-2019-0626
 	RESERVED
 CVE-2019-0625
 	RESERVED
-CVE-2019-0624
-	RESERVED
+CVE-2019-0624 (A spoofing vulnerability exists when a Skype for Business 2015 server ...)
+	TODO: check
 CVE-2019-0623
 	RESERVED
 CVE-2019-0622 (An elevation of privilege vulnerability exists when Skype for Andriod ...)
@@ -41116,7 +41117,7 @@ CVE-2018-10146
 CVE-2018-10145
 	REJECTED
 CVE-2018-10144
-	RESERVED
+	REJECTED
 CVE-2018-10143 (The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier ...)
 	NOT-FOR-US: Palo Alto Networks Expedition Migration tool
 CVE-2018-10142 (The Expedition Migration tool 1.0.106 and earlier may allow an ...)
@@ -49592,99 +49593,99 @@ CVE-2018-7033 (SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows S
 	NOTE: https://github.com/SchedMD/slurm/commit/db468895240ad6817628d07054fe54e71273b2fe
 	NOTE: https://github.com/SchedMD/slurm/commit/2f5e924bf6e018dbcef24bcda9683d6b3662f6d4
 CVE-2018-7031
-	RESERVED
+	REJECTED
 CVE-2018-7030
-	RESERVED
+	REJECTED
 CVE-2018-7029
-	RESERVED
+	REJECTED
 CVE-2018-7028
-	RESERVED
+	REJECTED
 CVE-2018-7027
-	RESERVED
+	REJECTED
 CVE-2018-7026
-	RESERVED
+	REJECTED
 CVE-2018-7025
-	RESERVED
+	REJECTED
 CVE-2018-7024
-	RESERVED
+	REJECTED
 CVE-2018-7023
-	RESERVED
+	REJECTED
 CVE-2018-7022
-	RESERVED
+	REJECTED
 CVE-2018-7021
-	RESERVED
+	REJECTED
 CVE-2018-7020
-	RESERVED
+	REJECTED
 CVE-2018-7019
-	RESERVED
+	REJECTED
 CVE-2018-7018
-	RESERVED
+	REJECTED
 CVE-2018-7017
-	RESERVED
+	REJECTED
 CVE-2018-7016
-	RESERVED
+	REJECTED
 CVE-2018-7015
-	RESERVED
+	REJECTED
 CVE-2018-7014
-	RESERVED
+	REJECTED
 CVE-2018-7013
-	RESERVED
+	REJECTED
 CVE-2018-7012
-	RESERVED
+	REJECTED
 CVE-2018-7011
-	RESERVED
+	REJECTED
 CVE-2018-7010
-	RESERVED
+	REJECTED
 CVE-2018-7009
-	RESERVED
+	REJECTED
 CVE-2018-7008
-	RESERVED
+	REJECTED
 CVE-2018-7007
-	RESERVED
+	REJECTED
 CVE-2018-7006
-	RESERVED
+	REJECTED
 CVE-2018-7005
-	RESERVED
+	REJECTED
 CVE-2018-7004
-	RESERVED
+	REJECTED
 CVE-2018-7003
-	RESERVED
+	REJECTED
 CVE-2018-7002
-	RESERVED
+	REJECTED
 CVE-2018-7001
-	RESERVED
+	REJECTED
 CVE-2018-7000
-	RESERVED
+	REJECTED
 CVE-2018-6999
-	RESERVED
+	REJECTED
 CVE-2018-6998
-	RESERVED
+	REJECTED
 CVE-2018-6997
-	RESERVED
+	REJECTED
 CVE-2018-6996
-	RESERVED
+	REJECTED
 CVE-2018-6995
-	RESERVED
+	REJECTED
 CVE-2018-6994
-	RESERVED
+	REJECTED
 CVE-2018-6993
-	RESERVED
+	REJECTED
 CVE-2018-6992
-	RESERVED
+	REJECTED
 CVE-2018-6991
-	RESERVED
+	REJECTED
 CVE-2018-6990
-	RESERVED
+	REJECTED
 CVE-2018-6989
-	RESERVED
+	REJECTED
 CVE-2018-6988
-	RESERVED
+	REJECTED
 CVE-2018-6987
-	RESERVED
+	REJECTED
 CVE-2018-6986
-	RESERVED
+	REJECTED
 CVE-2018-6985
-	RESERVED
+	REJECTED
 CVE-2018-6984
 	RESERVED
 CVE-2018-6983 (VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and ...)
@@ -75469,6 +75470,7 @@ CVE-2017-15429 (Inappropriate implementation in V8 WebAssembly JS bindings in Go
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
 CVE-2017-15428 (Insufficient data validation in V8 builtins string generator could ...)
+	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -85478,6 +85480,7 @@ CVE-2017-12202
 CVE-2017-12201
 	RESERVED
 CVE-2016-10403 (Insufficient data validation on image data in PDFium in Google Chrome ...)
+	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-12425 (An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dfb47f9c1f6fb161ddfcba90d4c3a2640f189268

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dfb47f9c1f6fb161ddfcba90d4c3a2640f189268
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190117/2e524cbc/attachment.html>
