[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Thu Jul 4 21:11:16 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bbad1011 by security tracker role at 2019-07-04T20:11:05Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,104 @@
-CVE-2019-13233 [x86/insn-eval: Fix use-after-free access to LDT entry]
+CVE-2019-13275 (An issue was discovered in the VeronaLabs wp-statistics plugin before  ...)
+	TODO: check
+CVE-2019-13274
+	RESERVED
+CVE-2019-13273
+	RESERVED
+CVE-2019-13272
+	RESERVED
+CVE-2019-13271
+	RESERVED
+CVE-2019-13270
+	RESERVED
+CVE-2019-13269
+	RESERVED
+CVE-2019-13268
+	RESERVED
+CVE-2019-13267
+	RESERVED
+CVE-2019-13266
+	RESERVED
+CVE-2019-13265
+	RESERVED
+CVE-2019-13264
+	RESERVED
+CVE-2019-13263
+	RESERVED
+CVE-2019-13262 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
+	TODO: check
+CVE-2019-13261 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
+	TODO: check
+CVE-2019-13260 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
+	TODO: check
+CVE-2019-13259 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
+	TODO: check
+CVE-2019-13258 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
+	TODO: check
+CVE-2019-13257 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
+	TODO: check
+CVE-2019-13256 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
+	TODO: check
+CVE-2019-13255 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
+	TODO: check
+CVE-2019-13254 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
+	TODO: check
+CVE-2019-13253 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
+	TODO: check
+CVE-2019-13252 (ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP ...)
+	TODO: check
+CVE-2019-13251 (ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP ...)
+	TODO: check
+CVE-2019-13250 (ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP ...)
+	TODO: check
+CVE-2019-13249 (ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP ...)
+	TODO: check
+CVE-2019-13248 (ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!JPE ...)
+	TODO: check
+CVE-2019-13247 (ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!JPE ...)
+	TODO: check
+CVE-2019-13246 (FastStone Image Viewer 7.0 has a User Mode Write AV starting at image0 ...)
+	TODO: check
+CVE-2019-13245 (FastStone Image Viewer 7.0 has a User Mode Write AV starting at image0 ...)
+	TODO: check
+CVE-2019-13244 (FastStone Image Viewer 7.0 has a User Mode Write AV starting at image0 ...)
+	TODO: check
+CVE-2019-13243 (IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x00 ...)
+	TODO: check
+CVE-2019-13242 (IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x00 ...)
+	TODO: check
+CVE-2019-13241 (FlightCrew v0.9.2 and older are vulnerable to a directory traversal, a ...)
+	TODO: check
+CVE-2019-13240
+	RESERVED
+CVE-2019-13239 (inc/user.class.php in GLPI before 9.4.3 allows XSS via a user picture. ...)
+	TODO: check
+CVE-2019-13238 (An issue was discovered in Bento4 1.5.1.0. A memory allocation failure ...)
+	TODO: check
+CVE-2019-13237
+	RESERVED
+CVE-2019-13236
+	RESERVED
+CVE-2019-13235
+	RESERVED
+CVE-2019-13234
+	RESERVED
+CVE-2019-13232 (Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP co ...)
+	TODO: check
+CVE-2019-13231
+	RESERVED
+CVE-2019-13230
+	RESERVED
+CVE-2019-13229 (deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the  ...)
+	TODO: check
+CVE-2019-13228 (deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootD ...)
+	TODO: check
+CVE-2019-13227 (In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed ...)
+	TODO: check
+CVE-2019-13226 (deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/m ...)
+	TODO: check
+CVE-2018-20850 (Stormshield Network Security 2.0.0 through 2.13.0 and 3.0.0 through 3. ...)
+	TODO: check
+CVE-2019-13233 (In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is ...)
 	- linux <unfixed>
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
@@ -672,6 +772,7 @@ CVE-2018-20845 (Division-by-zero vulnerabilities in the functions pi_next_pcrl,
 CVE-2018-20844
 	RESERVED
 CVE-2019-13031 (LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue whe ...)
+	{DLA-1844-1}
 	- lemonldap-ng 2.0.0+ds-1 (bug #931117)
 	[stretch] - lemonldap-ng <no-dsa> (Minor issue, can be fixed via point release, notification server not enabled by default)
 	NOTE: Upstream issue: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues/1820



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bbad10111af23305c83f8e945cc46a52552493a4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bbad10111af23305c83f8e945cc46a52552493a4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190704/beb4b382/attachment.html>

More information about the debian-security-tracker-commits mailing list