[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Sat Nov 23 20:10:37 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
43ec3b2c by security tracker role at 2019-11-23T20:10:25Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9378,7 +9378,7 @@ CVE-2019-16706 (kkcms v1.3 has a CSRF vulnerablity that can add an user account
CVE-2018-21019 (Home Assistant before 0.67.0 was vulnerable to an information disclosu ...)
NOT-FOR-US: Home Assistant
CVE-2019-16729 (pam-python before 1.0.7-1 has an issue in regard to the default enviro ...)
- {DSA-4555-1}
+ {DSA-4555-1 DLA-2000-1}
- pam-python 1.0.7-1 (bug #942514)
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1150510#c1
NOTE: https://sourceforge.net/p/pam-python/code/ci/0247ab687b4347cc52859ca461fb0126dd7e2ebe/
@@ -31776,6 +31776,7 @@ CVE-2019-9658 (Checkstyle before 8.18 loads external DTDs by default. ...)
CVE-2019-9657 (Alarm.com ADC-V522IR 0100b9 devices have Incorrect Access Control, a d ...)
NOT-FOR-US: Alarm.com ADC-V522IR 0100b9 devices
CVE-2019-9656 (An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dere ...)
+ {DLA-2001-1}
- libofx 1:0.9.15-1 (unimportant; bug #924350)
[buster] - libofx 1:0.9.14-1+deb10u1
NOTE: https://github.com/libofx/libofx/issues/22
@@ -157349,6 +157350,7 @@ CVE-2017-2627 (A flaw was found in openstack-tripleo-common as shipped with Red
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1421917
NOT-FOR-US: RHEL packaging flaw for openstack
CVE-2017-2626 (It was discovered that libICE before 1.0.9-8 used a weak entropy to ge ...)
+ {DLA-2002-1}
- libice 2:1.0.9-2 (bug #856400)
[wheezy] - libice <no-dsa> (Minor issue, can be fixed in a point update or next DSA)
NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/43ec3b2cfcb97dbe8d4b2e4525d0f814d685af98
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/43ec3b2cfcb97dbe8d4b2e4525d0f814d685af98
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191123/01f1763d/attachment.html>
More information about the debian-security-tracker-commits
mailing list