[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat May 4 09:10:27 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
71a8133d by security tracker role at 2019-05-04T08:10:18Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -375,8 +375,8 @@ CVE-2018-20826
 	RESERVED
 CVE-2018-20825
 	RESERVED
-CVE-2018-20824
-	RESERVED
+CVE-2018-20824 (The WallboardServlet resource in Jira before version 7.13.1 allows rem ...)
+	TODO: check
 CVE-2015-9286 (Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 ha ...)
 	NOT-FOR-US: NodeBB
 CVE-2019-11627 (gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an un ...)
@@ -1715,10 +1715,10 @@ CVE-2019-11039
 	RESERVED
 CVE-2019-11038
 	RESERVED
-CVE-2019-11037
-	RESERVED
-CVE-2019-11036
-	RESERVED
+CVE-2019-11037 (In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing  ...)
+	TODO: check
+CVE-2019-11036 (When processing certain files, PHP EXIF extension in versions 7.1.x be ...)
+	TODO: check
 CVE-2019-11035 (When processing certain files, PHP EXIF extension in versions 7.1.x be ...)
 	- php7.3 7.3.4-1
 	- php7.0 <removed>
@@ -13239,18 +13239,18 @@ CVE-2019-6621
 	RESERVED
 CVE-2019-6620
 	RESERVED
-CVE-2019-6619
-	RESERVED
-CVE-2019-6618
-	RESERVED
-CVE-2019-6617
-	RESERVED
-CVE-2019-6616
-	RESERVED
+CVE-2019-6619 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, the Tra ...)
+	TODO: check
+CVE-2019-6618 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6 ...)
+	TODO: check
+CVE-2019-6617 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6 ...)
+	TODO: check
+CVE-2019-6616 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6 ...)
+	TODO: check
 CVE-2019-6615 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6614
-	RESERVED
+CVE-2019-6614 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, interna ...)
+	TODO: check
 CVE-2019-6613 (On BIG-IP 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2- ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6612 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6 ...)
@@ -14451,8 +14451,8 @@ CVE-2019-6160
 	RESERVED
 CVE-2019-6159
 	RESERVED
-CVE-2019-6158
-	RESERVED
+CVE-2019-6158 (An internal product security audit of Lenovo XClarity Administrator (L ...)
+	TODO: check
 CVE-2019-6157 (In various firmware versions of Lenovo System x, the integrated manage ...)
 	NOT-FOR-US: Lenovo
 CVE-2019-6156 (In Lenovo systems, SMM BIOS Write Protection is used to prevent writes ...)
@@ -19405,8 +19405,7 @@ CVE-2019-3896
 	RESERVED
 CVE-2019-3895
 	RESERVED
-CVE-2019-3894
-	RESERVED
+CVE-2019-3894 (It was discovered that the ElytronManagedThread in Wildfly's Elytron s ...)
 	- wildfly <itp> (bug #752018)
 CVE-2019-3893 (In Foreman it was discovered that the delete compute resource operatio ...)
 	- foreman <itp> (bug #663101)
@@ -19813,8 +19812,7 @@ CVE-2019-3806 (An issue has been found in PowerDNS Recursor versions after 4.1.3
 	[stretch] - pdns-recursor <not-affected> (Only affects 4.1.x)
 	[jessie] - pdns-recursor <not-affected> (Only affects 4.1.x)
 	NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-01.html
-CVE-2019-3805
-	RESERVED
+CVE-2019-3805 (A flaw was discovered in wildfly versions up to 16.0.0.Final that woul ...)
 	- wildfly <itp> (bug #752018)
 CVE-2019-3804 (It was found that cockpit before version 184 used glib's base64 decode ...)
 	- cockpit 184-1
@@ -20858,8 +20856,8 @@ CVE-2018-20582
 	RESERVED
 CVE-2018-20581
 	RESERVED
-CVE-2018-20580
-	RESERVED
+CVE-2018-20580 (The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 al ...)
+	TODO: check
 CVE-2018-20579 (Contiki-NG before 4.2 has a stack-based buffer overflow in the push fu ...)
 	NOT-FOR-US: Contiki-NG
 CVE-2018-20578 (An issue was discovered in NuttX before 7.27. The function netlib_pars ...)
@@ -21936,8 +21934,8 @@ CVE-2019-3402
 	RESERVED
 CVE-2019-3401
 	RESERVED
-CVE-2019-3400
-	RESERVED
+CVE-2019-3400 (The labels gadget in Jira before version 7.13.2, and from version 8.0. ...)
+	TODO: check
 CVE-2019-3399 (The BrowseProjects.jspa resource in Jira before version 7.13.2, and fr ...)
 	NOT-FOR-US: Atlassian
 CVE-2019-3398 (Confluence Server and Data Center had a path traversal vulnerability i ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/71a8133d1e7978839405baf649bd0d7829cfaf90

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/71a8133d1e7978839405baf649bd0d7829cfaf90
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190504/2e0dd1e5/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list