[Git][security-tracker-team/security-tracker][master] 2 commits: Cleanup trailing whitespaces
Salvatore Bonaccorso
carnil at debian.org
Fri Mar 15 08:32:04 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
45127fed by Salvatore Bonaccorso at 2019-03-15T08:28:11Z
Cleanup trailing whitespaces
- - - - -
e37f569d by Salvatore Bonaccorso at 2019-03-15T08:30:38Z
Add secondary bug for CVE-2018-19876/ciaro
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2243,7 +2243,7 @@ CVE-2019-8955 (In Tor before 0.3.3.12, 0.3.4.x before 0.3.4.11, 0.3.5.x before .
NOTE: https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312
NOTE: https://trac.torproject.org/projects/tor/ticket/29168
CVE-2019-8954 (In Indexhibit 2.1.5, remote attackers can execute arbitrary code via ...)
- NOT-FOR-US: Indexhibit
+ NOT-FOR-US: Indexhibit
CVE-2019-8953 (The HAProxy package before 0.59_16 for pfSense has XSS via the desc ...)
NOT-FOR-US: HAProxy package for pfSense
CVE-2019-8952
@@ -9375,7 +9375,7 @@ CVE-2019-5924 (Cross-site request forgery (CSRF) vulnerability in Smart Forms 2.
CVE-2019-5923 (Directory traversal vulnerability in iChain Insurance Wallet App for ...)
NOT-FOR-US: iChain Insurance Wallet App for iOS
CVE-2019-5922 (Untrusted search path vulnerability in The installer of Microsoft ...)
- NOT-FOR-US: Microsoft
+ NOT-FOR-US: Microsoft
CVE-2019-5921 (Untrusted search path vulnerability in Windows 7 allows an attacker to ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-5920 (Cross-site request forgery (CSRF) vulnerability in FormCraft 1.2.1 and ...)
@@ -16480,7 +16480,7 @@ CVE-2018-20164 (An issue was discovered in regex.yaml (aka regexes.yaml) in UA-P
- uap-core 20190213-1 (bug #922717)
NOTE: https://github.com/ua-parser/uap-core/commit/010ccdc7303546cd22b9da687c29f4a996990014
NOTE: https://github.com/ua-parser/uap-core/commit/156f7e12b215bddbaf3df4514c399d683e6cdadc
- NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-009-uaparser/
+ NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-009-uaparser/
CVE-2018-20163
RESERVED
CVE-2018-20162
@@ -21019,7 +21019,7 @@ CVE-2018-19878
CVE-2018-19877 (login.php in Adiscon LogAnalyzer before 4.1.7 has XSS via the Login ...)
NOT-FOR-US: Adiscon LogAnalyzer
CVE-2018-19876 (cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would ...)
- - cairo <unfixed> (bug #915801)
+ - cairo <unfixed> (bug #915801; bug #916389)
[stretch] - cairo <not-affected> (Vulnerable code introduced later)
[jessie] - cairo <not-affected> (Vulnerable code introduced later)
NOTE: https://bugs.webkit.org/show_bug.cgi?id=191595
@@ -21708,7 +21708,7 @@ CVE-2018-19647
CVE-2018-19646 (The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, ...)
NOT-FOR-US: Imperva SecureSphere
CVE-2018-19645 (An Authentication Bypass issue exists in Solutions Business Manager ...)
- NOT-FOR-US: Solutions Business Manager (SBM)
+ NOT-FOR-US: Solutions Business Manager (SBM)
CVE-2018-19644
RESERVED
CVE-2018-19643
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/ba8087e6e365121930031fcfb2e06b206dda4296...e37f569d406cd9496eedd50da3519af33a6b9ea0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/ba8087e6e365121930031fcfb2e06b206dda4296...e37f569d406cd9496eedd50da3519af33a6b9ea0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190315/69c37db9/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list