[Git][security-tracker-team/security-tracker][master] automatic update

Tue Jul 23 09:10:32 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c954af81 by security tracker role at 2019-07-23T08:10:20Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2019-14239
+	RESERVED
+CVE-2019-14238
+	RESERVED
+CVE-2019-14237
+	RESERVED
+CVE-2019-14236
+	RESERVED
 CVE-2019-14235
 	RESERVED
 CVE-2019-14234
@@ -3051,7 +3059,7 @@ CVE-2019-13274
 CVE-2019-13273
 	RESERVED
 CVE-2019-13272 (In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mish ...)
-	{DSA-4484-1}
+	{DSA-4484-1 DLA-1863-1 DLA-1862-1}
 	- linux 4.19.37-6
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1140671
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1903
@@ -4900,10 +4908,10 @@ CVE-2019-12554 (In SweetScape 010 Editor 9.0.1, improper validation of arguments
 	NOT-FOR-US: SweetScape 010 Editor
 CVE-2019-12553 (In SweetScape 010 Editor 9.0.1, improper validation of arguments in th ...)
 	NOT-FOR-US: SweetScape 010 Editor
-CVE-2019-12552
-	RESERVED
-CVE-2019-12551
-	RESERVED
+CVE-2019-12552 (In SweetScape 010 Editor 9.0.1, an integer overflow during the initial ...)
+	TODO: check
+CVE-2019-12551 (In SweetScape 010 Editor 9.0.1, improper validation of arguments in th ...)
+	TODO: check
 CVE-2019-12550 (WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW ...)
 	NOT-FOR-US: WAGO devices
 CVE-2019-12549 (WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW ...)
@@ -10033,6 +10041,7 @@ CVE-2019-10640 (An issue was discovered in GitLab Community and Enterprise Editi
 	- gitlab 11.8.6+dfsg-1 (bug #926482)
 	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
 CVE-2019-10639 (The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows I ...)
+	{DLA-1862-1}
 	- linux 4.19.37-1
 	NOTE: https://arxiv.org/pdf/1906.10478.pdf
 CVE-2019-10638 (In the Linux kernel before 5.1.7, a device can be tracked by an attack ...)
@@ -23297,7 +23306,7 @@ CVE-2019-5739 (Keep-alive HTTP and HTTPS connections can remain open and inactiv
 	NOTE: Nodejs not covered by security support
 CVE-2019-5738
 	RESERVED
-CVE-2019-5737 (An attacker can cause a Denial of Service (DoS) by establishing an HTT ...)
+CVE-2019-5737 (In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before ...)
 	- nodejs 10.15.2~dfsg-1 (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
 	NOTE: Nodejs not covered by security support
@@ -24814,6 +24823,7 @@ CVE-2019-5052 (An exploitable integer overflow vulnerability exists when loading
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0821
 	NOTE: https://hg.libsdl.org/SDL_image/rev/b920be2b3fc6
 CVE-2019-5051 (An exploitable heap-based buffer overflow vulnerability exists when lo ...)
+	{DLA-1861-1}
 	- libsdl2-image <unfixed> (bug #932754)
 	[buster] - libsdl2-image <no-dsa> (Minor issue)
 	[stretch] - libsdl2-image <no-dsa> (Minor issue)
@@ -33330,6 +33340,7 @@ CVE-2019-2103
 CVE-2019-2102 (In the Bluetooth Low Energy (BLE) specification, there is a provided e ...)
 	NOT-FOR-US: Android
 CVE-2019-2101 (In uvc_parse_standard_control of uvc_driver.c, there is a possible out ...)
+	{DLA-1862-1}
 	- linux 4.19.37-1
 	[stretch] - linux 4.9.168-1
 	NOTE: https://git.kernel.org/linus/47bb117911b051bbc90764a8bff96543cbd2005f



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c954af8125ceea297e30641fa05872c74c755975

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c954af8125ceea297e30641fa05872c74c755975
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190723/c56c853c/attachment.html>
