[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Wed Oct 2 09:10:29 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e93be93f by security tracker role at 2019-10-02T08:10:16Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2019-17075 (An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cx ...)
+	TODO: check
 CVE-2019-17074 (An issue was discovered in XunRuiCMS 4.3.1. There is a stored XSS in t ...)
 	NOT-FOR-US: XunRuiCMS
 CVE-2019-17073 (emlog through 6.0.0beta allows remote authenticated users to delete ar ...)
@@ -5658,8 +5660,8 @@ CVE-2019-15043 (In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API a
 	- grafana <removed>
 CVE-2019-15042 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had no SSL  ...)
 	TODO: check
-CVE-2019-15041
-	RESERVED
+CVE-2019-15041 (JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL  ...)
+	TODO: check
 CVE-2019-15040
 	RESERVED
 CVE-2019-15039 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possi ...)
@@ -5670,8 +5672,8 @@ CVE-2019-15037
 	RESERVED
 CVE-2019-15036
 	RESERVED
-CVE-2019-15035
-	RESERVED
+CVE-2019-15035 (An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Pro ...)
+	TODO: check
 CVE-2019-15034
 	RESERVED
 CVE-2019-15033 (Pydio 6.0.8 allows Authenticated SSRF during a Remote Link Feature dow ...)
@@ -26491,16 +26493,16 @@ CVE-2019-8294
 	RESERVED
 CVE-2019-8293
 	RESERVED
-CVE-2019-8292
-	RESERVED
-CVE-2019-8291
-	RESERVED
-CVE-2019-8290
-	RESERVED
-CVE-2019-8289
-	RESERVED
-CVE-2019-8288
-	RESERVED
+CVE-2019-8292 (Online Store System v1.0 delete_product.php doesn't check to see if a  ...)
+	TODO: check
+CVE-2019-8291 (Online Store System v1.0 delete_file.php doesn't check to see if a use ...)
+	TODO: check
+CVE-2019-8290 (Vulnerability in Online Store v1.0, The registration form requirements ...)
+	TODO: check
+CVE-2019-8289 (Vulnerability in Online Store v1.0, stored XSS in admin/user_view.php  ...)
+	TODO: check
+CVE-2019-8288 (Vulnerability in Online Store v1.0, Stored XSS in user_view.php where  ...)
+	TODO: check
 CVE-2019-8287
 	RESERVED
 CVE-2019-8286 (Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Sec ...)
@@ -45264,7 +45266,7 @@ CVE-2018-19650 (Local attackers can trigger a stack-based buffer overflow on vul
 CVE-2019-1564
 	RESERVED
 CVE-2019-1563 (In situations where an attacker receives automated notification of the ...)
-	{DLA-1932-1}
+	{DSA-4540-1 DSA-4539-1 DLA-1932-1}
 	- openssl 1.1.1d-1
 	- openssl1.0 <removed>
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=08229ad838c50f644d7e928e2eef147b4308ad64 (OpenSSL_1_1_1d)
@@ -45319,7 +45321,7 @@ CVE-2019-1549 (OpenSSL 1.1.1 introduced a rewritten random number generator (RNG
 CVE-2019-1548
 	RESERVED
 CVE-2019-1547 (Normally in OpenSSL EC groups always have a co-factor present and this ...)
-	{DLA-1932-1}
+	{DSA-4540-1 DSA-4539-1 DLA-1932-1}
 	- openssl 1.1.1d-1
 	- openssl1.0 <removed>
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=21c856b75d81eff61aa63b4f036bb64a85bf6d46 (OpenSSL_1_0_2t)
@@ -49012,8 +49014,7 @@ CVE-2019-0232 (When running on Windows with enableCmdLineArguments enabled, the
 	- tomcat9 <not-affected> (Windows-specific)
 	- tomcat8 <not-affected> (Windows-specific)
 	NOTE: https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html
-CVE-2019-0231
-	RESERVED
+CVE-2019-0231 (Handling of the close_notify SSL/TLS message does not lead to a connec ...)
 	NOT-FOR-US: Apache MINA
 CVE-2019-0230
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e93be93fe696c4b662fc5543047ba6e9dca5ebfa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e93be93fe696c4b662fc5543047ba6e9dca5ebfa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191002/367cab06/attachment.html>


More information about the debian-security-tracker-commits mailing list