[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat Jul 27 09:10:31 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ab212eec by security tracker role at 2019-07-27T08:10:19Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,6 @@
+CVE-2019-1000033
+	REJECTED
+	TODO: check
 CVE-2019-14284 (In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a deni ...)
 	- linux <unfixed>
 	NOTE: Fixed by: https://git.kernel.org/linus/f3554aeb991214cbfafd17d55e2bfddb50282e32
@@ -2506,8 +2509,8 @@ CVE-2019-13590 (An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h
 	NOTE: https://sourceforge.net/p/sox/bugs/325/
 CVE-2019-13589 (The paranoid2 gem 1.1.6 for Ruby, as distributed on RubyGems.org, incl ...)
 	NOT-FOR-US: backdoor in paranoid_2 gem, different from src:ruby-paranoia
-CVE-2019-13588
-	RESERVED
+CVE-2019-13588 (A cross-site scripting (XSS) vulnerability in getPagingStart() in core ...)
+	TODO: check
 CVE-2019-13587
 	RESERVED
 CVE-2019-13586
@@ -10981,16 +10984,16 @@ CVE-2019-10269 (BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-b
 	NOTE: https://github.com/lh3/bwa/commit/20d0a13092aa4cb73230492b05f9697d5ef0b88e
 CVE-2019-10268
 	REJECTED
-CVE-2019-10267
-	RESERVED
-CVE-2019-10266
-	RESERVED
-CVE-2019-10265
-	RESERVED
-CVE-2019-10264
-	RESERVED
-CVE-2019-10263
-	RESERVED
+CVE-2019-10267 (An insecure file upload and code execution issue was discovered in Ahs ...)
+	TODO: check
+CVE-2019-10266 (An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. W ...)
+	TODO: check
+CVE-2019-10265 (An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. O ...)
+	TODO: check
+CVE-2019-10264 (An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. W ...)
+	TODO: check
+CVE-2019-10263 (An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. W ...)
+	TODO: check
 CVE-2019-10262 (A SQL Injection issue was discovered in BlueCMS 1.6. The variable $ad_ ...)
 	NOT-FOR-US: BlueCMS
 CVE-2019-1002162



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ab212eec34f2367d48feaab12fd682fb01cb80a8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ab212eec34f2367d48feaab12fd682fb01cb80a8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190727/58be3db9/attachment.html>

More information about the debian-security-tracker-commits mailing list