[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Mon May 20 09:10:23 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c15e48ea by security tracker role at 2019-05-20T08:10:14Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2019-12203
+	RESERVED
+CVE-2019-12202
+	RESERVED
+CVE-2019-12201
+	RESERVED
+CVE-2019-12200
+	RESERVED
+CVE-2019-12199
+	RESERVED
+CVE-2019-12198 (In GoHttp through 2017-07-25, there is a stack-based buffer over-read  ...)
+	TODO: check
+CVE-2019-12197
+	RESERVED
+CVE-2019-12196
+	RESERVED
+CVE-2019-12195
+	RESERVED
+CVE-2019-12194
+	RESERVED
+CVE-2019-12193
+	RESERVED
+CVE-2019-12192
+	RESERVED
+CVE-2019-12191
+	RESERVED
+CVE-2019-12190
+	RESERVED
+CVE-2019-12189
+	RESERVED
+CVE-2019-12188
+	RESERVED
+CVE-2019-12187
+	RESERVED
+CVE-2019-12186
+	RESERVED
+CVE-2019-12185 (eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/con ...)
+	TODO: check
 CVE-2019-12184 (There is XSS in browser/components/MarkdownPreview.js in BoostIO Boost ...)
 	NOT-FOR-US: Boostnote
 CVE-2019-12183
@@ -20887,6 +20925,7 @@ CVE-2019-3797 (This affects Spring Data JPA in versions up to and including 2.1.
 CVE-2019-3796
 	RESERVED
 CVE-2019-3795 (Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, ...)
+	{DLA-1794-1}
 	- libspring-security-2.0-java <removed>
 	NOTE: https://github.com/spring-projects/spring-security/commit/6f02f690ac65ccf99d8df47ac3d730a68f87c569
 CVE-2019-3794



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c15e48ea1212b386e9be9e13621913eeb53847c1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c15e48ea1212b386e9be9e13621913eeb53847c1
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190520/6fed525f/attachment.html>

More information about the debian-security-tracker-commits mailing list