[Git][security-tracker-team/security-tracker][master] new kernel issue

Moritz Muehlenhoff jmm at debian.org
Thu May 16 14:57:16 BST 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f5e0565e by Moritz Muehlenhoff at 2019-05-16T13:56:39Z
new kernel issue
new libsass issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1520,9 +1520,11 @@ CVE-2019-11470 (The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1472
 	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/a0473b29add9521ffd4c74f6f623b418811762b0
 CVE-2018-20822 (LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrol ...)
-	TODO: check
+	- libsass <unfixed>
+	NOTE: https://github.com/sass/libsass/issues/2671
 CVE-2018-20821 (The parsing component in LibSass through 3.5.5 allows attackers to cau ...)
-	TODO: check
+	- libsass <unfixed>
+	NOTE: https://github.com/sass/libsass/issues/2658
 CVE-2018-20820 (read_ujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows attackers to c ...)
 	- lepton <unfixed> (bug #927925)
 	NOTE: https://github.com/dropbox/lepton/commit/6a5ceefac1162783fffd9506a3de39c85c725761
@@ -2407,8 +2409,11 @@ CVE-2019-11087
 	RESERVED
 CVE-2019-11086
 	RESERVED
-CVE-2019-11085
+CVE-2019-11085 [drm/i915/gvt: Fix mmap range check]
 	RESERVED
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=51b00d8509dc69c98740da2ad07308b630d3eb7d
+	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html
 CVE-2019-11084 (GAuth 0.9.9 beta has stored XSS that shows a popup repeatedly and disc ...)
 	NOT-FOR-US: GAuth
 CVE-2019-11083



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f5e0565e5261b852e594d8afa7df547ef0f0e70a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f5e0565e5261b852e594d8afa7df547ef0f0e70a
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190516/221297f2/attachment.html>

More information about the debian-security-tracker-commits mailing list