[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed Jul 3 09:10:37 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
23257ad7 by security tracker role at 2019-07-03T08:10:27Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,24 @@
-CVE-2019-13173 [File overwrite in fstream.DirWriter() function]
+CVE-2019-13183
+ RESERVED
+CVE-2019-13182
+ RESERVED
+CVE-2019-13181
+ RESERVED
+CVE-2019-13180
+ RESERVED
+CVE-2019-13179 (Calamares through 3.2.4 copies a LUKS encryption keyfile from /crypto_ ...)
+ TODO: check
+CVE-2019-13178 (modules/luksbootkeyfile/main.py in Calamares through 3.2.4 has a race ...)
+ TODO: check
+CVE-2019-13177 (verification.py in django-rest-registration (aka Django REST Registrat ...)
+ TODO: check
+CVE-2019-13176
+ RESERVED
+CVE-2019-13175 (Read the Docs before 3.5.1 has an Open Redirect if certain user-define ...)
+ TODO: check
+CVE-2019-13174
+ RESERVED
+CVE-2019-13173 (fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extra ...)
- node-fstream <unfixed>
[stretch] - node-fstream <ignored> (Nodejs in stretch not covered by security support)
NOTE: https://www.npmjs.com/advisories/886
@@ -5571,8 +5591,8 @@ CVE-2019-10977 (In Mitsubishi Electric MELSEC-Q series Ethernet module QJ71E71-1
NOT-FOR-US: Mitsubishi
CVE-2019-10976
RESERVED
-CVE-2019-10975
- RESERVED
+CVE-2019-10975 (An out-of-bounds read vulnerability has been identified in Fuji Electr ...)
+ TODO: check
CVE-2019-10974
RESERVED
CVE-2019-10973
@@ -7665,11 +7685,9 @@ CVE-2019-10139 (During HE deployment via cockpit-ovirt, cockpit-ovirt generates
CVE-2019-10138
RESERVED
NOT-FOR-US: python-novajoin plugin for OpenStack
-CVE-2019-10137
- RESERVED
+CVE-2019-10137 (A path traversal flaw was found in spacewalk-proxy, all versions throu ...)
NOT-FOR-US: Red Hat Satellite / Spacewalk
-CVE-2019-10136
- RESERVED
+CVE-2019-10136 (It was found that Spacewalk, all versions through 2.8, did not safely ...)
NOT-FOR-US: Red Hat Satellite / Spacewalk
CVE-2019-10135
RESERVED
@@ -17306,16 +17324,16 @@ CVE-2019-6626
RESERVED
CVE-2019-6625
RESERVED
-CVE-2019-6624
- RESERVED
-CVE-2019-6623
- RESERVED
-CVE-2019-6622
- RESERVED
-CVE-2019-6621
- RESERVED
-CVE-2019-6620
- RESERVED
+CVE-2019-6624 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1. ...)
+ TODO: check
+CVE-2019-6623 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1. ...)
+ TODO: check
+CVE-2019-6622 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12 ...)
+ TODO: check
+CVE-2019-6621 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12 ...)
+ TODO: check
+CVE-2019-6620 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12 ...)
+ TODO: check
CVE-2019-6619 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, the Tra ...)
NOT-FOR-US: F5 BIG-IP
CVE-2019-6618 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6 ...)
@@ -19991,8 +20009,7 @@ CVE-2019-5601
RESERVED
CVE-2019-5600
RESERVED
-CVE-2019-5599
- RESERVED
+CVE-2019-5599 (In FreeBSD 12.0-STABLE before r349197 and 12.0-RELEASE before 12.0-REL ...)
- kfreebsd-10 <not-affected> (Only affects FreeBSD 12)
CVE-2019-5598 (In FreeBSD 11.3-PRERELEASE before r345378, 12.0-STABLE before r345377, ...)
- kfreebsd-10 <unfixed> (unimportant)
@@ -102923,7 +102940,7 @@ CVE-2017-12780 (The ReadData function in ebmlstring.c in libebml2 through 2012-0
NOT-FOR-US: libembl2 (different codebase than src:libebml)
CVE-2017-12779 (The Node_GetData function in corec/corec/node/node.c in mkvalidator 0. ...)
NOT-FOR-US: libembl2 (different codebase than src:libebml)
-CVE-2017-12778 (The UI Lock feature in qBittorrent version 3.3.15 is vulnerable to Aut ...)
+CVE-2017-12778 (** DISPUTED ** The UI Lock feature in qBittorrent version 3.3.15 is vu ...)
TODO: check
CVE-2017-1000112 (Linux kernel: Exploitable memory corruption due to UFO to non-UFO path ...)
{DSA-3981-1}
@@ -106362,12 +106379,12 @@ CVE-2017-11582 (dayrui FineCms 5.0.9 has SQL Injection via the num parameter in
NOT-FOR-US: FineCms
CVE-2017-11581 (dayrui FineCms 5.0.9 has Cross Site Scripting (XSS) in admin/Login.php ...)
NOT-FOR-US: FineCms
-CVE-2017-11580
- RESERVED
-CVE-2017-11579
- RESERVED
-CVE-2017-11578
- RESERVED
+CVE-2017-11580 (Blipcare Wifi blood pressure monitor BP700 10.1 devices allow memory c ...)
+ TODO: check
+CVE-2017-11579 (In the most recent firmware for Blipcare, the device provides an open ...)
+ TODO: check
+CVE-2017-11578 (It was discovered as a part of the research on IoT devices in the most ...)
+ TODO: check
CVE-2017-11577 (FontForge 20161012 is vulnerable to a buffer over-read in getsid (pars ...)
{DSA-3958-1 DLA-1065-1}
- fontforge 1:20170731~dfsg-1 (bug #869614)
@@ -115836,32 +115853,32 @@ CVE-2017-8418 (RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowin
- rubocop 0.49.1+dfsg-1 (bug #870852)
NOTE: https://github.com/bbatsov/rubocop/issues/4336
NOTE: https://github.com/bbatsov/rubocop/commit/dcb258fabd5f2624c1ea0e1634763094590c09d7
-CVE-2017-8417
- RESERVED
-CVE-2017-8416
- RESERVED
-CVE-2017-8415
- RESERVED
-CVE-2017-8414
- RESERVED
-CVE-2017-8413
- RESERVED
-CVE-2017-8412
- RESERVED
+CVE-2017-8417 (An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The d ...)
+ TODO: check
+CVE-2017-8416 (An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The d ...)
+ TODO: check
+CVE-2017-8415 (An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The d ...)
+ TODO: check
+CVE-2017-8414 (An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The b ...)
+ TODO: check
+CVE-2017-8413 (An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The d ...)
+ TODO: check
+CVE-2017-8412 (An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The d ...)
+ TODO: check
CVE-2017-8411 (An issue was discovered on D-Link DCS-1130 devices. The device provide ...)
TODO: check
-CVE-2017-8410
- RESERVED
-CVE-2017-8409
- RESERVED
+CVE-2017-8410 (An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The b ...)
+ TODO: check
+CVE-2017-8409 (An issue was discovered on D-Link DCS-1130 devices. The device require ...)
+ TODO: check
CVE-2017-8408 (An issue was discovered on D-Link DCS-1130 devices. The device provide ...)
TODO: check
CVE-2017-8407 (An issue was discovered on D-Link DCS-1130 devices. The device provide ...)
TODO: check
CVE-2017-8406 (An issue was discovered on D-Link DCS-1130 devices. The device provide ...)
TODO: check
-CVE-2017-8405
- RESERVED
+CVE-2017-8405 (An issue was discovered on D-Link DCS-1130 and DCS-1100 devices. The b ...)
+ TODO: check
CVE-2017-8404 (An issue was discovered on D-Link DCS-1130 devices. The device provide ...)
TODO: check
CVE-2017-8403 (360fly 4K cameras allow unauthenticated Wi-Fi password changes and com ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/23257ad735dc9b6f166680a88c25e3aced778abe
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/23257ad735dc9b6f166680a88c25e3aced778abe
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190703/f92f6588/attachment.html>
More information about the debian-security-tracker-commits
mailing list