[Git][security-tracker-team/security-tracker][master] automatic update

Sun Mar 24 20:10:30 GMT 2019

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0d7c8b3f by security tracker role at 2019-03-24T20:10:21Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,85 @@
+CVE-2019-9999
+	RESERVED
+CVE-2019-9998
+	RESERVED
+CVE-2019-9997
+	RESERVED
+CVE-2019-9996
+	RESERVED
+CVE-2019-9995
+	RESERVED
+CVE-2019-9994
+	RESERVED
+CVE-2019-9993
+	RESERVED
+CVE-2019-9992
+	RESERVED
+CVE-2019-9991
+	RESERVED
+CVE-2019-9990
+	RESERVED
+CVE-2019-9989
+	RESERVED
+CVE-2019-9988
+	RESERVED
+CVE-2019-9987
+	RESERVED
+CVE-2019-9986
+	RESERVED
+CVE-2019-9985
+	RESERVED
+CVE-2019-9984
+	RESERVED
+CVE-2019-9983
+	RESERVED
+CVE-2019-9982
+	RESERVED
+CVE-2019-9981
+	RESERVED
+CVE-2019-9980
+	RESERVED
+CVE-2019-9979
+	RESERVED
+CVE-2019-9978 (The social-warfare plugin before 3.5.3 for WordPress has stored XSS vi ...)
+	TODO: check
+CVE-2019-9977 (The renderer process in the entertainment system on Tesla Model 3 vehi ...)
+	TODO: check
+CVE-2019-9976
+	RESERVED
+CVE-2019-9975
+	RESERVED
+CVE-2019-9974
+	RESERVED
+CVE-2019-9973
+	RESERVED
+CVE-2019-10013
+	RESERVED
+CVE-2019-10012
+	RESERVED
+CVE-2019-10011
+	RESERVED
+CVE-2019-10010 (Cross-site scripting (XSS) vulnerability in the PHP League CommonMark  ...)
+	TODO: check
+CVE-2019-10009
+	RESERVED
+CVE-2019-10008
+	RESERVED
+CVE-2019-10007
+	RESERVED
+CVE-2019-10006
+	RESERVED
+CVE-2019-10005
+	RESERVED
+CVE-2019-10004
+	RESERVED
+CVE-2019-10003
+	RESERVED
+CVE-2019-10002
+	RESERVED
+CVE-2019-10001
+	RESERVED
+CVE-2019-10000
+	RESERVED
 CVE-2019-9972
 	RESERVED
 CVE-2019-9971
@@ -1044,6 +1126,7 @@ CVE-2019-9814
 	RESERVED
 CVE-2019-9813
 	RESERVED
+	{DSA-4417-1}
 	- firefox 66.0.1-1
 	- firefox-esr 60.6.1esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-09/#CVE-2019-9813
@@ -1054,6 +1137,7 @@ CVE-2019-9811
 	RESERVED
 CVE-2019-9810
 	RESERVED
+	{DSA-4417-1}
 	- firefox 66.0.1-1
 	- firefox-esr 60.6.1esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-09/#CVE-2019-9810
@@ -2538,6 +2622,7 @@ CVE-2019-9215 (In Live555 before 2019.02.27, malformed headers lead to invalid m
 	- liblivemedia <unfixed> (bug #924655)
 	NOTE: Reporter advisory and analysis: https://tools.cisco.com/security/center/viewAlert.x?alertId=59708
 CVE-2019-9214 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector c ...)
+	{DSA-4416-1}
 	- wireshark 2.6.7-1 (bug #923611)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15536
@@ -2566,11 +2651,13 @@ CVE-2018-20797 (An issue was discovered in PoDoFo 0.9.6. There is an attempted e
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/podofo/tickets/34/
 CVE-2019-9209 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and rel ...)
+	{DSA-4416-1}
 	- wireshark 2.6.7-1 (bug #923611)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15447
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f8fbe9f934d65b2694fa74622e5eb2e1dc8cd20b
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-06.html
 CVE-2019-9208 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector co ...)
+	{DSA-4416-1}
 	- wireshark 2.6.7-1 (bug #923611)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15464
@@ -11142,12 +11229,13 @@ CVE-2016-10735 (In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2,
 CVE-2019-5720 (includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a  ...)
 	- frontaccounting <removed>
 CVE-2019-5719 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector  ...)
-	{DLA-1645-1}
+	{DSA-4416-1 DLA-1645-1}
 	- wireshark 2.6.6-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15374
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b5b02f2a9b8772d8814096f86c60a32889d61f2c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-04.html
 CVE-2019-5718 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector an ...)
+	{DSA-4416-1}
 	- wireshark 2.6.6-1 (low)
 	[jessie] - wireshark <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1746
@@ -11155,13 +11243,13 @@ CVE-2019-5718 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissect
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cd09cb5cfb673beca3cce20b1d6a9bc67a134ae1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-03.html
 CVE-2019-5717 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector c ...)
-	{DLA-1645-1}
+	{DSA-4416-1 DLA-1645-1}
 	- wireshark 2.6.6-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15337
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bf9272a92f3df1e4ccfaad434e123222ae5313f7
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-02.html
 CVE-2019-5716 (In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This w ...)
-	{DLA-1645-1}
+	{DSA-4416-1 DLA-1645-1}
 	- wireshark 2.6.6-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15217
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2b2eea1793dbff813896e1ae9dff1bedb39ee010
@@ -82786,6 +82874,7 @@ CVE-2017-16357 (In radare 2.0.1, a memory corruption vulnerability exists in sto
 CVE-2017-16356 (Reflected XSS in Kubik-Rubik SIGE (aka Simple Image Gallery Extended)  ...)
 	NOT-FOR-US: Kubik-Rubik SIGE
 CVE-2017-16355 (In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed ...)
+	{DSA-4415-1}
 	- passenger 5.0.30-1.1 (bug #884463)
 	- ruby-passenger <removed>
 	[jessie] - ruby-passenger <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0d7c8b3fb264d1d90083eff1a04b3d43563aa1a4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0d7c8b3fb264d1d90083eff1a04b3d43563aa1a4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190324/1c6b3517/attachment.html>
