[Git][security-tracker-team/security-tracker][master] automatic update

Sat Nov 2 08:10:29 GMT 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bd7b1855 by security tracker role at 2019-11-02T08:10:12Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2019-18661 (Fastweb FASTGate 1.0.1b devices allow partial authentication bypass by ...)
+	TODO: check
+CVE-2019-18660
+	RESERVED
+CVE-2019-18659 (The Wireless Emergency Alerts (WEA) protocol allows remote attackers t ...)
+	TODO: check
 CVE-2019-18658
 	RESERVED
 CVE-2019-18657 (ClickHouse before 19.13.5.44 allows HTTP header injection via the url  ...)
@@ -36225,8 +36231,7 @@ CVE-2019-6471 (A race condition which may occur when discarding malformed packet
 	NOTE: https://kb.isc.org/v1/docs/cve-2019-6471
 	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/60c42f849d520564ed42e5ed0ba46b4b69c07712 (master)
 	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/3a9c7bb80d4a609b86427406d9dd783199920b5b (v9_11)
-CVE-2019-6470 [DHCPv6 server crashes regularly]
-	RESERVED
+CVE-2019-6470 (There had existed in one of the ISC BIND libraries a bug in a function ...)
 	- isc-dhcp 4.4.1-2 (bug #896122)
 	[stretch] - isc-dhcp <ignored> (Issue triggerable only when build against bind >= 9.11.3)
 	[jessie] - isc-dhcp <ignored> (Issue triggerable only when build against bind >= 9.11.3)
@@ -102943,7 +102948,7 @@ CVE-2018-1734 (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6
 	NOT-FOR-US: IBM
 CVE-2018-1733 (IBM QRadar SIEM 7.2 and 7.3 fails to adequately filter user-controlled ...)
 	NOT-FOR-US: IBM
-CVE-2018-1732 (IBM QRadar SIEM 1.14.0 discloses sensitive information to unauthorized ...)
+CVE-2018-1732 (IBM QRadar Advisor with Watson 1.14.0 discloses sensitive information  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1731 (IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.3 and 6.0 through  ...)
 	NOT-FOR-US: IBM
@@ -249400,8 +249405,7 @@ CVE-2013-4169 (GNOME Display Manager (gdm) before 2.21.1 allows local users to c
 	- gdm <removed> (unimportant)
 	- gdm3 <not-affected> (Only affected older gdm < 2.21.1)
 	NOTE: In Debian /tmp/.X11-unix is created by  /etc/init.d/x11-common
-CVE-2013-4168 [start and end time fields not filtered]
-	RESERVED
+CVE-2013-4168 (Cross-site scripting (XSS) vulnerability in SmokePing 2.6.9 in the sta ...)
 	{DLA-348-1}
 	- smokeping 2.6.8-2 (low)
 	[squeeze] - smokeping <no-dsa> (Minor issue)
@@ -381098,8 +381102,7 @@ CVE-2005-XXXX [mailutils: sql injection vulnerability in sql authentication modu
 	- mailutils 1:0.6.1-2
 CVE-2005-XXXX [maradns: More frequent rekeying to mitigate possible AES attacks]
 	- maradns 1.0.27-1
-CVE-2005-2352 [Temp file races in gs-gpl addons scripts]
-	RESERVED
+CVE-2005-2352 (I race condition in Temp files was found in gs-gpl before 8.56 addons  ...)
 	- gs-gpl 8.56.dfsg.1-1 (bug #291373; unimportant)
 CVE-2005-XXXX [Possible SQL injection in freeradius]
 	- freeradius 1.0.2-4



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bd7b1855d0d0395aa6c84bb6a627e58cba0b4043

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bd7b1855d0d0395aa6c84bb6a627e58cba0b4043
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191102/08c20232/attachment.html>
