[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Mon Nov 11 08:11:15 GMT 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
105a0778 by security tracker role at 2019-11-11T08:11:00Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2019-18849 (In tnef before 1.4.18, an attacker may be able to write to the victim' ...)
+	TODO: check
+CVE-2019-18848
+	RESERVED
+CVE-2019-18847
+	RESERVED
+CVE-2019-18846
+	RESERVED
 CVE-2019-18845 (The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1  ...)
 	NOT-FOR-US: Patriot Viper RGB
 CVE-2019-18844
@@ -6,8 +14,8 @@ CVE-2019-18843
 	RESERVED
 CVE-2019-18842
 	RESERVED
-CVE-2019-18841
-	RESERVED
+CVE-2019-18841 (Chartkick.js 3.1.0 through 3.1.3, as used in the Chartkick gem before  ...)
+	TODO: check
 CVE-2019-18840 (In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of me ...)
 	- wolfssl 4.2.0+dfsg-3
 	NOTE: https://github.com/wolfSSL/wolfssl/issues/2555
@@ -18,8 +26,8 @@ CVE-2019-18838
 	RESERVED
 CVE-2019-18837
 	RESERVED
-CVE-2019-18836
-	RESERVED
+CVE-2019-18836 (Envoy before 1.12.1 allows a remote denial of service because of resou ...)
+	TODO: check
 CVE-2019-18835 (Matrix Synapse before 1.5.0 mishandles signature checking on some fede ...)
 	- matrix-synapse 1.5.0-1 (bug #944355)
 	NOTE: https://github.com/matrix-org/synapse/pull/6262



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/105a0778628df6f81ff9dbc487451d4036feb8f1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/105a0778628df6f81ff9dbc487451d4036feb8f1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191111/d851a3b4/attachment.html>

More information about the debian-security-tracker-commits mailing list