[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b3df7e91 by security tracker role at 2019-03-12T20:10:24Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2019-9723
+	RESERVED
+CVE-2019-9722
+	RESERVED
 CVE-2019-9721 (A denial of service in the subtitle decoder in FFmpeg 4.1 allows ...)
 	TODO: check
 CVE-2019-9720
@@ -12,14 +16,14 @@ CVE-2019-9716
 	RESERVED
 CVE-2019-9715
 	RESERVED
-CVE-2019-9714
-	RESERVED
-CVE-2019-9713
-	RESERVED
-CVE-2019-9712
-	RESERVED
-CVE-2019-9711
-	RESERVED
+CVE-2019-9714 (An issue was discovered in Joomla! before 3.9.4. The media form field ...)
+	TODO: check
+CVE-2019-9713 (An issue was discovered in Joomla! before 3.9.4. The sample data ...)
+	TODO: check
+CVE-2019-9712 (An issue was discovered in Joomla! before 3.9.4. The JSON handler in ...)
+	TODO: check
+CVE-2019-9711 (An issue was discovered in Joomla! before 3.9.4. The item_title layout ...)
+	TODO: check
 CVE-2019-9710 (An issue was discovered in webargs before 5.1.3, as used with ...)
 	NOT-FOR-US: webargs
 CVE-2019-9709
@@ -32,11 +36,11 @@ CVE-2019-9705 (Vixie Cron before the 3.0pl1-133 Debian package allows local user
 	- cron 3.0pl1-133 (low)
 	[stretch] - cron <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: Fixed by: https://salsa.debian.org/debian/cron/commit/26814a26
-CVE-2019-9706 [Use-after-free]
+CVE-2019-9706 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to ...)
 	- cron 3.0pl1-133 (bug #809167)
 	[stretch] - cron <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: Fixed by: https://salsa.debian.org/debian/cron/commit/40791b93
-CVE-2019-9704 [DoS resulting from an unchecked return of calloc()]
+CVE-2019-9704 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to ...)
 	- cron 3.0pl1-133 (low)
 	[stretch] - cron <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: Fixed by: https://salsa.debian.org/debian/cron/commit/f2525567
@@ -437,8 +441,8 @@ CVE-2019-9559
 	RESERVED
 CVE-2019-9558
 	RESERVED
-CVE-2019-9557
-	RESERVED
+CVE-2019-9557 (Ability Mail Server 4.2.6 has Persistent Cross Site Scripting (XSS) ...)
+	TODO: check
 CVE-2019-9556
 	RESERVED
 CVE-2019-9555 (Sagemcom F at st 5260 routers using firmware version 0.4.39, in WPA mode, ...)
@@ -22945,6 +22949,7 @@ CVE-2019-0805
 	RESERVED
 CVE-2019-0804
 	RESERVED
+	{DLA-1709-1}
 	- waagent 2.2.34-3
 CVE-2019-0803
 	RESERVED
@@ -28891,8 +28896,8 @@ CVE-2018-17946 (The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPr
 	NOT-FOR-US: WordPress plugin slideshow-gallery
 CVE-2018-17945
 	RESERVED
-CVE-2018-17944
-	RESERVED
+CVE-2018-17944 (On certain Lexmark devices that communicate with an LDAP or SMTP ...)
+	TODO: check
 CVE-2018-17943
 	RESERVED
 CVE-2018-17942 (The convert_to_decimal function in vasnprintf.c in Gnulib before ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3df7e91333f24b43c0061c0ab5de941736ed576

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3df7e91333f24b43c0061c0ab5de941736ed576
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190312/99f8831c/attachment.html>