[Git][security-tracker-team/security-tracker][master] automatic update

Wed Jan 23 08:10:23 GMT 2019

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fd7b119a by security tracker role at 2019-01-23T08:10:15Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,349 @@
+CVE-2019-6689
+	RESERVED
+CVE-2019-6688
+	RESERVED
+CVE-2019-6687
+	RESERVED
+CVE-2019-6686
+	RESERVED
+CVE-2019-6685
+	RESERVED
+CVE-2019-6684
+	RESERVED
+CVE-2019-6683
+	RESERVED
+CVE-2019-6682
+	RESERVED
+CVE-2019-6681
+	RESERVED
+CVE-2019-6680
+	RESERVED
+CVE-2019-6679
+	RESERVED
+CVE-2019-6678
+	RESERVED
+CVE-2019-6677
+	RESERVED
+CVE-2019-6676
+	RESERVED
+CVE-2019-6675
+	RESERVED
+CVE-2019-6674
+	RESERVED
+CVE-2019-6673
+	RESERVED
+CVE-2019-6672
+	RESERVED
+CVE-2019-6671
+	RESERVED
+CVE-2019-6670
+	RESERVED
+CVE-2019-6669
+	RESERVED
+CVE-2019-6668
+	RESERVED
+CVE-2019-6667
+	RESERVED
+CVE-2019-6666
+	RESERVED
+CVE-2019-6665
+	RESERVED
+CVE-2019-6664
+	RESERVED
+CVE-2019-6663
+	RESERVED
+CVE-2019-6662
+	RESERVED
+CVE-2019-6661
+	RESERVED
+CVE-2019-6660
+	RESERVED
+CVE-2019-6659
+	RESERVED
+CVE-2019-6658
+	RESERVED
+CVE-2019-6657
+	RESERVED
+CVE-2019-6656
+	RESERVED
+CVE-2019-6655
+	RESERVED
+CVE-2019-6654
+	RESERVED
+CVE-2019-6653
+	RESERVED
+CVE-2019-6652
+	RESERVED
+CVE-2019-6651
+	RESERVED
+CVE-2019-6650
+	RESERVED
+CVE-2019-6649
+	RESERVED
+CVE-2019-6648
+	RESERVED
+CVE-2019-6647
+	RESERVED
+CVE-2019-6646
+	RESERVED
+CVE-2019-6645
+	RESERVED
+CVE-2019-6644
+	RESERVED
+CVE-2019-6643
+	RESERVED
+CVE-2019-6642
+	RESERVED
+CVE-2019-6641
+	RESERVED
+CVE-2019-6640
+	RESERVED
+CVE-2019-6639
+	RESERVED
+CVE-2019-6638
+	RESERVED
+CVE-2019-6637
+	RESERVED
+CVE-2019-6636
+	RESERVED
+CVE-2019-6635
+	RESERVED
+CVE-2019-6634
+	RESERVED
+CVE-2019-6633
+	RESERVED
+CVE-2019-6632
+	RESERVED
+CVE-2019-6631
+	RESERVED
+CVE-2019-6630
+	RESERVED
+CVE-2019-6629
+	RESERVED
+CVE-2019-6628
+	RESERVED
+CVE-2019-6627
+	RESERVED
+CVE-2019-6626
+	RESERVED
+CVE-2019-6625
+	RESERVED
+CVE-2019-6624
+	RESERVED
+CVE-2019-6623
+	RESERVED
+CVE-2019-6622
+	RESERVED
+CVE-2019-6621
+	RESERVED
+CVE-2019-6620
+	RESERVED
+CVE-2019-6619
+	RESERVED
+CVE-2019-6618
+	RESERVED
+CVE-2019-6617
+	RESERVED
+CVE-2019-6616
+	RESERVED
+CVE-2019-6615
+	RESERVED
+CVE-2019-6614
+	RESERVED
+CVE-2019-6613
+	RESERVED
+CVE-2019-6612
+	RESERVED
+CVE-2019-6611
+	RESERVED
+CVE-2019-6610
+	RESERVED
+CVE-2019-6609
+	RESERVED
+CVE-2019-6608
+	RESERVED
+CVE-2019-6607
+	RESERVED
+CVE-2019-6606
+	RESERVED
+CVE-2019-6605
+	RESERVED
+CVE-2019-6604
+	RESERVED
+CVE-2019-6603
+	RESERVED
+CVE-2019-6602
+	RESERVED
+CVE-2019-6601
+	RESERVED
+CVE-2019-6600
+	RESERVED
+CVE-2019-6599
+	RESERVED
+CVE-2019-6598
+	RESERVED
+CVE-2019-6597
+	RESERVED
+CVE-2019-6596
+	RESERVED
+CVE-2019-6595
+	RESERVED
+CVE-2019-6594
+	RESERVED
+CVE-2019-6593
+	RESERVED
+CVE-2019-6592
+	RESERVED
+CVE-2019-6591
+	RESERVED
+CVE-2019-6590
+	RESERVED
+CVE-2019-6589
+	RESERVED
+CVE-2019-6588
+	RESERVED
+CVE-2019-6587
+	RESERVED
+CVE-2019-6586
+	RESERVED
+CVE-2019-6585
+	RESERVED
+CVE-2019-6584
+	RESERVED
+CVE-2019-6583
+	RESERVED
+CVE-2019-6582
+	RESERVED
+CVE-2019-6581
+	RESERVED
+CVE-2019-6580
+	RESERVED
+CVE-2019-6579
+	RESERVED
+CVE-2019-6578
+	RESERVED
+CVE-2019-6577
+	RESERVED
+CVE-2019-6576
+	RESERVED
+CVE-2019-6575
+	RESERVED
+CVE-2019-6574
+	RESERVED
+CVE-2019-6573
+	RESERVED
+CVE-2019-6572
+	RESERVED
+CVE-2019-6571
+	RESERVED
+CVE-2019-6570
+	RESERVED
+CVE-2019-6569
+	RESERVED
+CVE-2019-6568
+	RESERVED
+CVE-2019-6567
+	RESERVED
+CVE-2019-6566
+	RESERVED
+CVE-2019-6565
+	RESERVED
+CVE-2019-6564
+	RESERVED
+CVE-2019-6563
+	RESERVED
+CVE-2019-6562
+	RESERVED
+CVE-2019-6561
+	RESERVED
+CVE-2019-6560
+	RESERVED
+CVE-2019-6559
+	RESERVED
+CVE-2019-6558
+	RESERVED
+CVE-2019-6557
+	RESERVED
+CVE-2019-6556
+	RESERVED
+CVE-2019-6555
+	RESERVED
+CVE-2019-6554
+	RESERVED
+CVE-2019-6553
+	RESERVED
+CVE-2019-6552
+	RESERVED
+CVE-2019-6551
+	RESERVED
+CVE-2019-6550
+	RESERVED
+CVE-2019-6549
+	RESERVED
+CVE-2019-6548
+	RESERVED
+CVE-2019-6547
+	RESERVED
+CVE-2019-6546
+	RESERVED
+CVE-2019-6545
+	RESERVED
+CVE-2019-6544
+	RESERVED
+CVE-2019-6543
+	RESERVED
+CVE-2019-6542
+	RESERVED
+CVE-2019-6541
+	RESERVED
+CVE-2019-6540
+	RESERVED
+CVE-2019-6539
+	RESERVED
+CVE-2019-6538
+	RESERVED
+CVE-2019-6537
+	RESERVED
+CVE-2019-6536
+	RESERVED
+CVE-2019-6535
+	RESERVED
+CVE-2019-6534
+	RESERVED
+CVE-2019-6533
+	RESERVED
+CVE-2019-6532
+	RESERVED
+CVE-2019-6531
+	RESERVED
+CVE-2019-6530
+	RESERVED
+CVE-2019-6529
+	RESERVED
+CVE-2019-6528
+	RESERVED
+CVE-2019-6527
+	RESERVED
+CVE-2019-6526
+	RESERVED
+CVE-2019-6525
+	RESERVED
+CVE-2019-6524
+	RESERVED
+CVE-2019-6523
+	RESERVED
+CVE-2019-6522
+	RESERVED
+CVE-2019-6521
+	RESERVED
+CVE-2019-6520
+	RESERVED
+CVE-2019-6519
+	RESERVED
+CVE-2019-6518
+	RESERVED
+CVE-2019-6517
+	RESERVED
 CVE-2019-6516
 	RESERVED
 CVE-2019-6515
@@ -684,8 +1030,8 @@ CVE-2019-6262 (An issue was discovered in Joomla! before 3.9.2. Inadequate check
 	NOT-FOR-US: Joomla
 CVE-2019-6261 (An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in ...)
 	NOT-FOR-US: Joomla
-CVE-2019-6260
-	RESERVED
+CVE-2019-6260 (The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) ...)
+	TODO: check
 CVE-2019-6259 (An issue was discovered in idreamsoft iCMS V7.0.13. There is SQL ...)
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-20707
@@ -18026,24 +18372,24 @@ CVE-2018-19021
 	RESERVED
 CVE-2018-19020
 	RESERVED
-CVE-2018-19019
-	RESERVED
+CVE-2018-19019 (A type confusion vulnerability exists when processing project files in ...)
+	TODO: check
 CVE-2018-19018
 	RESERVED
-CVE-2018-19017
-	RESERVED
+CVE-2018-19017 (Several use after free vulnerabilities have been identified in ...)
+	TODO: check
 CVE-2018-19016
 	RESERVED
 CVE-2018-19015
 	RESERVED
 CVE-2018-19014
 	RESERVED
-CVE-2018-19013
-	RESERVED
+CVE-2018-19013 (An attacker could inject commands to delete files and/or delete the ...)
+	TODO: check
 CVE-2018-19012
 	RESERVED
-CVE-2018-19011
-	RESERVED
+CVE-2018-19011 (CX-Supervisor (Versions 3.42 and prior) can execute code that has been ...)
+	TODO: check
 CVE-2018-19010
 	RESERVED
 CVE-2018-19009
@@ -19271,7 +19617,7 @@ CVE-2018-18499
 	RESERVED
 CVE-2018-18498
 	RESERVED
-	{DSA-4354-1 DLA-1605-1}
+	{DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
 	- firefox 64.0-1
 	- firefox-esr 60.4.0esr-1
 	- thunderbird 1:60.4.0-1
@@ -19292,7 +19638,7 @@ CVE-2018-18495
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18495
 CVE-2018-18494
 	RESERVED
-	{DSA-4354-1 DLA-1605-1}
+	{DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
 	- firefox 64.0-1
 	- firefox-esr 60.4.0esr-1
 	- thunderbird 1:60.4.0-1
@@ -19301,7 +19647,7 @@ CVE-2018-18494
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-31/#CVE-2018-18494
 CVE-2018-18493
 	RESERVED
-	{DSA-4354-1 DLA-1605-1}
+	{DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
 	- firefox 64.0-1
 	- firefox-esr 60.4.0esr-1
 	- thunderbird 1:60.4.0-1
@@ -19310,7 +19656,7 @@ CVE-2018-18493
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-31/#CVE-2018-18493
 CVE-2018-18492
 	RESERVED
-	{DSA-4354-1 DLA-1605-1}
+	{DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
 	- firefox 64.0-1
 	- firefox-esr 60.4.0esr-1
 	- thunderbird 1:60.4.0-1
@@ -21971,7 +22317,7 @@ CVE-2018-17467 (Insufficiently quick clearing of stale rendered content in Navig
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 CVE-2018-17466 (Incorrect texture handling in Angle in Google Chrome prior to ...)
-	{DSA-4354-1 DSA-4330-1 DLA-1605-1}
+	{DSA-4362-1 DSA-4354-1 DSA-4330-1 DLA-1624-1 DLA-1605-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	- firefox 64.0-1
@@ -23490,7 +23836,7 @@ CVE-2018-16866 (An out of bounds read was discovered in systemd-journald in the
 	NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
 	NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
 CVE-2018-16865 (An allocation of memory without limits, that could result in the stack ...)
-	{DSA-4367-1}
+	{DSA-4367-1 DLA-1639-1}
 	- systemd 240-4 (bug #918848)
 	NOTE: Intorduced in: https://github.com/systemd/systemd/commit/cf244689e9d1ab50082c9ddd0f3c4d1eb982badc (v38)
 	NOTE: Exploitable since: https://github.com/systemd/systemd/commit/c4aa09b06f835c91cea9e021df4c3605cff2318d (v201)
@@ -23500,7 +23846,7 @@ CVE-2018-16865 (An allocation of memory without limits, that could result in the
 	NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
 	NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
 CVE-2018-16864 (An allocation of memory without limits, that could result in the stack ...)
-	{DSA-4367-1}
+	{DSA-4367-1 DLA-1639-1}
 	- systemd 240-4 (bug #918841)
 	NOTE: Introduced in: https://github.com/systemd/systemd/commit/ae018d9bc900d6355dea4af05119b49c67945184 (v203)
 	NOTE: Exploitable since: https://github.com/systemd/systemd/commit/ac2e41f5103ce2c679089c4f8fb6be61d7caec07 (v230)
@@ -34976,7 +35322,7 @@ CVE-2018-12406
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-12406
 CVE-2018-12405
 	RESERVED
-	{DSA-4354-1 DLA-1605-1}
+	{DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
 	- firefox 64.0-1
 	- firefox-esr 60.4.0esr-1
 	- thunderbird 1:60.4.0-1
@@ -38356,14 +38702,17 @@ CVE-2018-11216
 CVE-2018-11215
 	RESERVED
 CVE-2018-11214 (An issue was discovered in libjpeg 9a. The get_text_rgb_row function in ...)
+	{DLA-1638-1}
 	- libjpeg9 1:9c-1 (low; bug #902176)
 	- libjpeg-turbo 1:1.4.2-1
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/6709e4a0cfa44d4f54ee8ad05753d4aa9260cb91 (1.4.2)
 CVE-2018-11213 (An issue was discovered in libjpeg 9a. The get_text_gray_row function ...)
+	{DLA-1638-1}
 	- libjpeg9 1:9c-1 (low; bug #902176)
 	- libjpeg-turbo 1:1.4.2-1
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/6709e4a0cfa44d4f54ee8ad05753d4aa9260cb91 (1.4.2)
 CVE-2018-11212 (An issue was discovered in libjpeg 9a. The alloc_sarray function in ...)
+	{DLA-1638-1}
 	- libjpeg9 1:9c-1 (low; bug #902176)
 	- libjpeg-turbo 1:1.4.2-1
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/82923eb93a2eacf4a593e00e3e672bbb86a8a3a0 (1.4.2)
@@ -67113,6 +67462,7 @@ CVE-2018-1154 (In SecurityCenter versions prior to 5.7.0, a username enumeration
 CVE-2018-1153 (Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the ...)
 	NOT-FOR-US: Burp Suite (different from src:burp)
 CVE-2018-1152 (libjpeg-turbo 1.5.90 is vulnerable to a denial of service ...)
+	{DLA-1638-1}
 	- libjpeg-turbo <unfixed> (low; bug #902950)
 	[stretch] - libjpeg-turbo <no-dsa> (Minor issue)
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6
@@ -140839,6 +141189,7 @@ CVE-2016-3618
 CVE-2016-3617
 	RESERVED
 CVE-2016-3616 (The cjpeg utility in libjpeg allows remote attackers to cause a denial ...)
+	{DLA-1638-1}
 	- libjpeg-turbo 1:1.4.2-1
 	NOTE: libjpeg-turbo: Fixed by: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/6709e4a0cfa44d4f54ee8ad05753d4aa9260cb91 (1.4.2)
 	- libjpeg6b <unfixed> (unimportant)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fd7b119add0062a6fdeb42d1752c5eec24b1314b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fd7b119add0062a6fdeb42d1752c5eec24b1314b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190123/6323a16d/attachment.html>
