[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Tue Jun 11 09:10:20 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fecb5187 by security tracker role at 2019-06-11T08:10:11Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2019-12793
+	RESERVED
+CVE-2019-12792
+	RESERVED
+CVE-2019-12791
+	RESERVED
 CVE-2019-12790 (In radare2 through 3.5.1, there is a heap-based buffer over-read in th ...)
 	- radare2 <unfixed> (bug #930344)
 	NOTE: https://github.com/radare/radare2/issues/14211
@@ -2110,8 +2116,8 @@ CVE-2019-11883
 	RESERVED
 CVE-2019-11882
 	RESERVED
-CVE-2019-11881
-	RESERVED
+CVE-2019-11881 (A vulnerability exists in Rancher 2.1.4 in the login component, where  ...)
+	TODO: check
 CVE-2019-11880 (CommSy through 8.6.5 has SQL Injection via the cid parameter. This is  ...)
 	NOT-FOR-US: CommSy
 CVE-2019-11879 (** DISPUTED ** The WEBrick gem 1.4.2 for Ruby allows directory travers ...)
@@ -6260,8 +6266,8 @@ CVE-2019-10228
 	RESERVED
 CVE-2019-10227
 	RESERVED
-CVE-2019-10226
-	RESERVED
+CVE-2019-10226 (HTML Injection has been discovered in the v0.19.0 version of the Fat F ...)
+	TODO: check
 CVE-2019-10225
 	RESERVED
 CVE-2019-10224
@@ -98757,10 +98763,10 @@ CVE-2017-13720 (In the PatternMatch function in fontfile/fontdir.c in libXfont t
 	NOTE: libxfont1 is only used by xfonts-utils, no security impact
 CVE-2017-13719
 	RESERVED
-CVE-2017-13718
-	RESERVED
-CVE-2017-13717
-	RESERVED
+CVE-2017-13718 (The HTTP API supported by Starry Station (aka Starry Router) allows br ...)
+	TODO: check
+CVE-2017-13717 (Starry Station (aka Starry Router) sets the Access-Control-Allow-Origi ...)
+	TODO: check
 CVE-2017-13716 (The C++ symbol demangler routine in cplus-dem.c in libiberty, as distr ...)
 	- binutils <unfixed> (unimportant)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22009



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fecb51874c4650c1de989074d726fd3ede1a81d3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fecb51874c4650c1de989074d726fd3ede1a81d3
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190611/ddeb814c/attachment.html>

More information about the debian-security-tracker-commits mailing list