[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cbaf6ecd by security tracker role at 2019-03-07T20:10:24Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2019-9627
+	RESERVED
+CVE-2019-9626 (PHPSHE 1.7 allows module/index/cart.php pintuan_id SQL Injection to ...)
+	TODO: check
+CVE-2019-9625 (JBMC DirectAdmin 1.55 allows CSRF via the /CMD_ACCOUNT_ADMIN URI to ...)
+	TODO: check
 CVE-2019-XXXX [high memory usage with long running sessions]
 	- proftpd-dfsg 1.3.5d-1 (bug #923926)
 	NOTE: https://github.com/proftpd/proftpd/issues/330#issuecomment-276891713
@@ -13368,26 +13374,26 @@ CVE-2019-3786
 	RESERVED
 CVE-2019-3785
 	RESERVED
-CVE-2019-3784
-	RESERVED
-CVE-2019-3783
-	RESERVED
+CVE-2019-3784 (Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure ...)
+	TODO: check
+CVE-2019-3783 (Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public ...)
+	TODO: check
 CVE-2019-3782 (Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2019-3781
-	RESERVED
+CVE-2019-3781 (Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes ...)
+	TODO: check
 CVE-2019-3780
 	RESERVED
 CVE-2019-3779
 	RESERVED
-CVE-2019-3778
-	RESERVED
-CVE-2019-3777
-	RESERVED
-CVE-2019-3776
-	RESERVED
-CVE-2019-3775
-	RESERVED
+CVE-2019-3778 (Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to ...)
+	TODO: check
+CVE-2019-3777 (Pivotal Application Service (PAS), versions 2.2.x prior to 2.2.12, ...)
+	TODO: check
+CVE-2019-3776 (Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x ...)
+	TODO: check
+CVE-2019-3775 (Cloud Foundry UAA, versions prior to v70.0, allows a user to update ...)
+	TODO: check
 CVE-2019-3774 (Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported ...)
 	NOT-FOR-US: Spring Batch
 CVE-2019-3773 (Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported ...)
@@ -13512,8 +13518,8 @@ CVE-2019-3714
 	RESERVED
 CVE-2019-3713
 	RESERVED
-CVE-2019-3712
-	RESERVED
+CVE-2019-3712 (Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell Wyse ...)
+	TODO: check
 CVE-2019-3711
 	RESERVED
 CVE-2019-3710
@@ -20132,10 +20138,10 @@ CVE-2019-1599
 	RESERVED
 CVE-2019-1598
 	RESERVED
-CVE-2019-1597
-	RESERVED
-CVE-2019-1596
-	RESERVED
+CVE-2019-1597 (Multiple vulnerabilities in the implementation of the Lightweight ...)
+	TODO: check
+CVE-2019-1596 (A vulnerability in the Bash shell implementation for Cisco NX-OS ...)
+	TODO: check
 CVE-2019-1595 (A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol ...)
 	TODO: check
 CVE-2019-1594 (A vulnerability in the 802.1X implementation for Cisco NX-OS Software ...)
@@ -44485,8 +44491,7 @@ CVE-2018-11784 (When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9
 	NOTE: https://svn.apache.org/r1840055 (9.0.x)
 	NOTE: https://svn.apache.org/r1840056 (8.5.x)
 	NOTE: https://svn.apache.org/r1840057 (7.0.x)
-CVE-2018-11783 [Apache Traffic Server vulnerability with sslheader plugin]
-	RESERVED
+CVE-2018-11783 (sslheaders plugin extracts information from the client certificate and ...)
 	- trafficserver 8.0.2+ds-1
 	[stretch] - trafficserver <postponed> (Minor issue, experimental plugin, will be fixed along in next DSA)
 	NOTE: https://github.com/apache/trafficserver/pull/4701



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cbaf6ecd2b0810b986488da82327e129141e4bc3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cbaf6ecd2b0810b986488da82327e129141e4bc3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190307/3ed3e537/attachment.html>