[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Oct 4 09:10:27 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
77ad0b39 by security tracker role at 2019-10-04T08:10:14Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,43 @@
+CVE-2019-17129
+ RESERVED
+CVE-2019-17128
+ RESERVED
+CVE-2019-17127
+ RESERVED
+CVE-2019-17126
+ RESERVED
+CVE-2019-17125
+ RESERVED
+CVE-2019-17124
+ RESERVED
+CVE-2019-17123
+ RESERVED
+CVE-2019-17122
+ RESERVED
+CVE-2019-17121 (REDCap before 9.3.4 has XSS on the Customize & Manage Locking/E-si ...)
+ TODO: check
+CVE-2019-17120
+ RESERVED
+CVE-2019-17119
+ RESERVED
+CVE-2019-17118
+ RESERVED
+CVE-2019-17117
+ RESERVED
+CVE-2019-17116
+ RESERVED
+CVE-2019-17115
+ RESERVED
+CVE-2019-17114
+ RESERVED
+CVE-2019-17113 (In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_Instrument ...)
+ TODO: check
+CVE-2019-17112
+ RESERVED
+CVE-2019-17111
+ RESERVED
+CVE-2019-17110 (A security issue was discovered in kube-state-metrics 1.7.x before 1.7 ...)
+ TODO: check
CVE-2019-17109
RESERVED
CVE-2019-17108
@@ -1970,8 +2010,8 @@ CVE-2019-16330
RESERVED
CVE-2019-16329
RESERVED
-CVE-2019-16328
- RESERVED
+CVE-2019-16328 (In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify ...)
+ TODO: check
CVE-2019-16327
RESERVED
CVE-2019-16326
@@ -2285,6 +2325,7 @@ CVE-2019-16241
CVE-2019-16240
RESERVED
CVE-2019-16239 (process_http_response in OpenConnect before 8.05 has a Buffer Overflow ...)
+ {DLA-1945-1}
- openconnect <unfixed> (bug #940871)
NOTE: http://lists.infradead.org/pipermail/openconnect-devel/2019-September/005412.html
NOTE: https://github.com/openconnect/openconnect/commit/875f0a65ab73f4fb581ca870fd3a901bd278f8e8
@@ -2424,8 +2465,8 @@ CVE-2019-16200
RESERVED
CVE-2019-16199 (eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remot ...)
NOT-FOR-US: eQ-3 Homematic CCU2
-CVE-2019-16198
- RESERVED
+CVE-2019-16198 (KSLabs KSWEB 3.93 allows ../ directory traversal, as demonstrated by t ...)
+ TODO: check
CVE-2019-16197 (In htdocs/societe/card.php in Dolibarr 10.0.1, the value of the User-A ...)
- dolibarr <removed>
CVE-2019-16196
@@ -3524,8 +3565,8 @@ CVE-2019-15767 (In GNU Chess 6.2.5, there is a stack-based buffer overflow in th
- gnuchess <unfixed> (unimportant; bug #936023)
NOTE: https://lists.gnu.org/archive/html/bug-gnu-chess/2019-08/msg00004.html
NOTE: Neutralised by toolchain hardening, no security impact
-CVE-2019-15766
- RESERVED
+CVE-2019-15766 (The KSLABS KSWEB (aka ru.kslabs.ksweb) application 3.93 for Android al ...)
+ TODO: check
CVE-2019-15765
RESERVED
CVE-2019-15764
@@ -11871,26 +11912,26 @@ CVE-2019-13334
RESERVED
CVE-2019-13333
RESERVED
-CVE-2019-13332
- RESERVED
-CVE-2019-13331
- RESERVED
-CVE-2019-13330
- RESERVED
-CVE-2019-13329
- RESERVED
-CVE-2019-13328
- RESERVED
-CVE-2019-13327
- RESERVED
-CVE-2019-13326
- RESERVED
-CVE-2019-13325
- RESERVED
-CVE-2019-13324
- RESERVED
-CVE-2019-13323
- RESERVED
+CVE-2019-13332 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2019-13331 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2019-13330 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2019-13329 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2019-13328 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2019-13327 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2019-13326 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2019-13325 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2019-13324 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2019-13323 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
CVE-2019-13322
RESERVED
CVE-2019-13321
@@ -15614,8 +15655,8 @@ CVE-2019-11934
RESERVED
CVE-2019-11933
RESERVED
-CVE-2019-11932
- RESERVED
+CVE-2019-11932 (A double free vulnerability in the DDGifSlurp function in decoding.c i ...)
+ TODO: check
CVE-2019-11931
RESERVED
CVE-2019-11930
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/77ad0b398f5e62c2e57462d7acd3de6ea4ec7f5f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/77ad0b398f5e62c2e57462d7acd3de6ea4ec7f5f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191004/6d185265/attachment.html>
More information about the debian-security-tracker-commits
mailing list