[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Sun Jun 16 21:10:34 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
de95d0cc by security tracker role at 2019-06-16T20:10:22Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2019-12864
+ RESERVED
+CVE-2019-12863
+ RESERVED
+CVE-2019-12862
+ RESERVED
+CVE-2019-12861
+ RESERVED
+CVE-2019-12860
+ RESERVED
+CVE-2019-12859
+ RESERVED
+CVE-2019-12858
+ RESERVED
+CVE-2019-12857
+ RESERVED
+CVE-2019-12856
+ RESERVED
+CVE-2019-12855 (In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP su ...)
+ TODO: check
+CVE-2019-12854
+ RESERVED
CVE-2019-12853
RESERVED
CVE-2019-12852
@@ -237,6 +259,7 @@ CVE-2019-12763 (The Security Camera CZ application through 1.6.8 for Android sto
CVE-2019-12762 (Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anoma ...)
NOT-FOR-US: Xiaomi Mi 5s Plus devices
CVE-2019-12761 (A code injection issue was discovered in PyXDG before 0.26 via crafted ...)
+ {DLA-1819-1}
- pyxdg <unfixed> (bug #930099)
[stretch] - pyxdg <no-dsa> (Minor issue)
NOTE: https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562
@@ -543,6 +566,7 @@ CVE-2019-12618
CVE-2019-12617
RESERVED
CVE-2019-12616 (An issue was discovered in phpMyAdmin before 4.9.0. A vulnerability wa ...)
+ {DLA-1821-1}
- phpmyadmin <unfixed> (bug #930017)
NOTE: https://www.phpmyadmin.net/security/PMASA-2019-4/
NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/015c404038c44279d95b6430ee5a0dddc97691ec
@@ -2705,28 +2729,28 @@ CVE-2019-11707
RESERVED
CVE-2019-11706 [X41-2019-004]
RESERVED
- {DSA-4464-1}
+ {DSA-4464-1 DLA-1820-1}
- thunderbird 1:60.7.1-1
NOTE: https://www.openwall.com/lists/oss-security/2019/06/13/4
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1555646
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-17/#CVE-2019-11706
CVE-2019-11705 [X41-2019-003]
RESERVED
- {DSA-4464-1}
+ {DSA-4464-1 DLA-1820-1}
- thunderbird 1:60.7.1-1
NOTE: https://www.openwall.com/lists/oss-security/2019/06/13/3
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1553808
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-17/#CVE-2019-11705
CVE-2019-11704 [X41-2019-001]
RESERVED
- {DSA-4464-1}
+ {DSA-4464-1 DLA-1820-1}
- thunderbird 1:60.7.1-1
NOTE: https://www.openwall.com/lists/oss-security/2019/06/13/1
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1553814
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-17/#CVE-2019-11704
CVE-2019-11703 [X41-2019-002]
RESERVED
- {DSA-4464-1}
+ {DSA-4464-1 DLA-1820-1}
- thunderbird 1:60.7.1-1
NOTE: https://www.openwall.com/lists/oss-security/2019/06/13/2
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1553820
@@ -139141,11 +139165,11 @@ CVE-2016-9848 (An issue was discovered in phpMyAdmin. phpinfo (phpinfo.php) show
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-59/
NOTE: disabled by default, debugging setting required
CVE-2016-9849 (An issue was discovered in phpMyAdmin. It is possible to bypass AllowR ...)
- {DLA-757-1}
+ {DLA-1821-1 DLA-757-1}
- phpmyadmin 4:4.6.5.1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-60/
CVE-2016-9850 (An issue was discovered in phpMyAdmin. Username matching for the allow ...)
- {DLA-757-1}
+ {DLA-1821-1 DLA-757-1}
- phpmyadmin 4:4.6.5.1-1 (low)
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-61/
CVE-2016-9851 (An issue was discovered in phpMyAdmin. With a crafted request paramete ...)
@@ -139185,7 +139209,7 @@ CVE-2016-9860 (An issue was discovered in phpMyAdmin. An unauthenticated user ca
- phpmyadmin 4:4.6.5.1-1 (unimportant)
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-65/
CVE-2016-9861 (An issue was discovered in phpMyAdmin. Due to the limitation in URL ma ...)
- {DLA-757-1}
+ {DLA-1821-1 DLA-757-1}
- phpmyadmin 4:4.6.5.1-1 (low)
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-66/
CVE-2016-9862 (An issue was discovered in phpMyAdmin. With a crafted login request it ...)
@@ -139199,7 +139223,7 @@ CVE-2016-9863 (An issue was discovered in phpMyAdmin. With a very large request
[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-68/
CVE-2016-9864 (An issue was discovered in phpMyAdmin. With a crafted username or a ta ...)
- {DLA-757-1}
+ {DLA-1821-1 DLA-757-1}
- phpmyadmin 4:4.6.5.1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-69/
CVE-2016-9865 (An issue was discovered in phpMyAdmin. Due to a bug in serialized stri ...)
@@ -148426,31 +148450,35 @@ CVE-2016-6633 (An issue was discovered in phpMyAdmin. phpMyAdmin can be used to
[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
NOTE: dbase extension not available in Debian
CVE-2016-6632 (An issue was discovered in phpMyAdmin where, under certain conditions, ...)
+ {DLA-1821-1}
- phpmyadmin 4:4.6.4+dfsg1-1
[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-55/
CVE-2016-6631 (An issue was discovered in phpMyAdmin. A user can execute a remote cod ...)
- {DLA-626-1}
+ {DLA-1821-1 DLA-626-1}
- phpmyadmin 4:4.6.4+dfsg1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-54/
CVE-2016-6630 (An issue was discovered in phpMyAdmin. An authenticated user can trigg ...)
- {DLA-626-1}
+ {DLA-1821-1 DLA-626-1}
- phpmyadmin 4:4.6.4+dfsg1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-53/
CVE-2016-6629 (An issue was discovered in phpMyAdmin involving the $cfg['ArbitrarySer ...)
+ {DLA-1821-1}
- phpmyadmin 4:4.6.4+dfsg1-1
[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-52/
CVE-2016-6628 (An issue was discovered in phpMyAdmin. An attacker may be able to trig ...)
+ {DLA-1821-1}
- phpmyadmin 4:4.6.4+dfsg1-1
[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-51/
CVE-2016-6627 (An issue was discovered in phpMyAdmin. An attacker can determine the p ...)
+ {DLA-1821-1}
- phpmyadmin 4:4.6.4+dfsg1-1
[wheezy] - phpmyadmin <no-dsa> (Not critical enough)
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-50/
CVE-2016-6626 (An issue was discovered in phpMyAdmin. An attacker could redirect a us ...)
- {DLA-757-1}
+ {DLA-1821-1 DLA-757-1}
- phpmyadmin 4:4.6.4+dfsg1-1
[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-49/
@@ -148464,7 +148492,7 @@ CVE-2016-6625 (An issue was discovered in phpMyAdmin. An attacker can determine
NOTE: a production environment. This is the motivation that it is not
NOTE: solved for wheezy.
CVE-2016-6624 (An issue was discovered in phpMyAdmin involving improper enforcement o ...)
- {DLA-626-1}
+ {DLA-1821-1 DLA-626-1}
- phpmyadmin 4:4.6.4+dfsg1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-47/
CVE-2016-6623 (An issue was discovered in phpMyAdmin. An authorized user can cause a ...)
@@ -148514,15 +148542,15 @@ CVE-2016-6614 (An issue was discovered in phpMyAdmin involving the %u username r
- phpmyadmin 4:4.6.4+dfsg1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-37/
CVE-2016-6613 (An issue was discovered in phpMyAdmin. A user can specially craft a sy ...)
- {DLA-626-1}
+ {DLA-1821-1 DLA-626-1}
- phpmyadmin 4:4.6.4+dfsg1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-36/
CVE-2016-6612 (An issue was discovered in phpMyAdmin. A user can exploit the LOAD LOC ...)
- {DLA-626-1}
+ {DLA-1821-1 DLA-626-1}
- phpmyadmin 4:4.6.4+dfsg1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-35/
CVE-2016-6611 (An issue was discovered in phpMyAdmin. A specially crafted database an ...)
- {DLA-626-1}
+ {DLA-1821-1 DLA-626-1}
- phpmyadmin 4:4.6.4+dfsg1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-34/
CVE-2016-6610 (A full path disclosure vulnerability was discovered in phpMyAdmin wher ...)
@@ -148539,11 +148567,11 @@ CVE-2016-6608 (XSS issues were discovered in phpMyAdmin. This affects the databa
[jessie] - phpmyadmin <not-affected> (Only affects 4.6.x)
[wheezy] - phpmyadmin <not-affected> (Only affects 4.6.x)
CVE-2016-6607 (XSS issues were discovered in phpMyAdmin. This affects Zoom search (sp ...)
- {DLA-626-1}
+ {DLA-1821-1 DLA-626-1}
- phpmyadmin 4:4.6.4+dfsg1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-30/
CVE-2016-6606 (An issue was discovered in cookie encryption in phpMyAdmin. The decryp ...)
- {DLA-626-1}
+ {DLA-1821-1 DLA-626-1}
- phpmyadmin 4:4.6.4+dfsg1-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-29/
CVE-2016-6605 (Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/de95d0cc6416c8e48283424980e790ca94a6d5e9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/de95d0cc6416c8e48283424980e790ca94a6d5e9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190616/e6b1cf7b/attachment.html>
More information about the debian-security-tracker-commits
mailing list