[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Mon Nov 11 20:10:45 GMT 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b9287cbd by security tracker role at 2019-11-11T20:10:32Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,49 @@
+CVE-2019-18872
+	RESERVED
+CVE-2019-18871
+	RESERVED
+CVE-2019-18870
+	RESERVED
+CVE-2019-18869
+	RESERVED
+CVE-2019-18868
+	RESERVED
+CVE-2019-18867
+	RESERVED
+CVE-2019-18866
+	RESERVED
+CVE-2019-18865
+	RESERVED
+CVE-2019-18864
+	RESERVED
+CVE-2019-18863
+	RESERVED
+CVE-2019-18862 (maidag in GNU Mailutils before 3.8 is installed setuid and allows loca ...)
+	TODO: check
+CVE-2019-18861
+	RESERVED
+CVE-2019-18860
+	RESERVED
+CVE-2019-18859
+	RESERVED
+CVE-2019-18858
+	RESERVED
+CVE-2019-18857 (darylldoyle svg-sanitizer before 0.12.0 mishandles script and data val ...)
+	TODO: check
+CVE-2019-18856 (A Denial Of Service vulnerability exists in the SVG Sanitizer module t ...)
+	TODO: check
+CVE-2019-18855 (A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG ...)
+	TODO: check
+CVE-2019-18854 (A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG ...)
+	TODO: check
+CVE-2019-18853 (ImageMagick before 7.0.9-0 allows remote attackers to cause a denial o ...)
+	TODO: check
+CVE-2019-18852 (Certain D-Link devices have a hardcoded Alphanetworks user account wit ...)
+	TODO: check
+CVE-2019-18851
+	RESERVED
+CVE-2019-18850
+	RESERVED
 CVE-2019-18849 (In tnef before 1.4.18, an attacker may be able to write to the victim' ...)
 	- tnef <unfixed>
 	NOTE: https://github.com/verdammelt/tnef/pull/40
@@ -22195,10 +22241,12 @@ CVE-2019-12387 (In Twisted before 19.2.1, twisted.web did not validate or saniti
 	[jessie] - twisted <no-dsa> (Minor issue)
 	NOTE: https://github.com/twisted/twisted/commit/6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2
 CVE-2019-12386 (An issue was discovered in Ampache through 3.9.1. A stored XSS exists  ...)
+	{DLA-1988-1}
 	- ampache <removed>
 	NOTE: https://github.com/ampache/ampache/issues/1872
 	NOTE: according to the github issue, it is not really fixed yet
 CVE-2019-12385 (An issue was discovered in Ampache through 3.9.1. The search engine is ...)
+	{DLA-1988-1}
 	- ampache <removed>
 	NOTE: https://github.com/ampache/ampache/issues/1872
 	NOTE: according to the github issue, it is not really fixed yet



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b9287cbd12828a8da08d6f810d35066598599886

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b9287cbd12828a8da08d6f810d35066598599886
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191111/d7424814/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list