[Git][security-tracker-team/security-tracker][master] automatic update

Sat Oct 5 09:10:32 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e29b930e by security tracker role at 2019-10-05T08:10:20Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2019-17192 (** DISPUTED ** The WebRTC component in the Signal Private Messenger ap ...)
+	TODO: check
+CVE-2019-17191 (The Signal Private Messenger application before 4.47.7 for Android all ...)
+	TODO: check
+CVE-2019-17190
+	RESERVED
+CVE-2019-17189
+	RESERVED
+CVE-2019-17188 (An unrestricted file upload vulnerability was discovered in catalog/pr ...)
+	TODO: check
+CVE-2019-17187
+	RESERVED
+CVE-2019-17186
+	RESERVED
+CVE-2019-17185
+	RESERVED
+CVE-2019-17184 (Xerox AtlaLink B8045/B8055/B8065/B8075/B8090 C8030/C8035/C8045/C8055/C ...)
+	TODO: check
+CVE-2019-17183 (Foxit Reader before 9.7 allows an Access Violation and crash if insuff ...)
+	TODO: check
+CVE-2019-17182
+	RESERVED
+CVE-2019-17181
+	RESERVED
+CVE-2019-17180 (Valve Steam Client before 2019-09-12 allows placing or appending parti ...)
+	TODO: check
 CVE-2019-17179 (XSS in library/custom_template/add_template.php in OpenEMR through 5.0 ...)
 	NOT-FOR-US: OpenEMR
 CVE-2019-17178 (HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-0 ...)
@@ -813,8 +839,8 @@ CVE-2015-9410 (The Blubrry PowerPress Podcasting plugin 6.0.4 for WordPress has
 	NOT-FOR-US: Blubrry PowerPress Podcasting plugin for WordPress
 CVE-2015-9409 (The alo-easymail plugin before 2.6.01 for WordPress has CSRF with resu ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2019-16865
-	RESERVED
+CVE-2019-16865 (An issue was discovered in Pillow before 6.2.0. When reading specially ...)
+	TODO: check
 CVE-2019-16864
 	RESERVED
 CVE-2019-16863
@@ -2106,7 +2132,7 @@ CVE-2019-16332 (In the api-bearer-auth plugin before 20190907 for WordPress, the
 	NOT-FOR-US: Wordpress plugin
 CVE-2019-12412 [Remotely exploitable null pointer dereference bug]
 	RESERVED
-	{DLA-1944-1}
+	{DSA-4541-1 DLA-1944-1}
 	- libapreq2 2.13-6 (bug #939937)
 	NOTE: http://svn.apache.org/r1866760
 CVE-2019-16331
@@ -16651,10 +16677,10 @@ CVE-2019-11658 (Information exposure in Micro Focus Content Manager, versions 9.
 	NOT-FOR-US: Micro Focus
 CVE-2019-11657
 	RESERVED
-CVE-2019-11656
-	RESERVED
-CVE-2019-11655
-	RESERVED
+CVE-2019-11656 (Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versi ...)
+	TODO: check
+CVE-2019-11655 (Unrestricted file upload vulnerability in Micro Focus ArcSight Logger, ...)
+	TODO: check
 CVE-2019-11654 (Path traversal vulnerability in Micro Focus Verastream Host Integrator ...)
 	NOT-FOR-US: Micro Focus
 CVE-2019-11653 (Remote Access Control Bypass in Micro Focus Content Manager. versions  ...)
@@ -58640,7 +58666,7 @@ CVE-2018-16509 (An issue was discovered in Artifex Ghostscript before 9.24. Inco
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=520bb0ea7519aa3e79db78aaf0589dae02103764
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699654
 	NOTE: Partially fixed in 9.22~dfsg-3, see #907703
-CVE-2018-16585 (An issue was discovered in Artifex Ghostscript before 9.24. The .setdi ...)
+CVE-2018-16585 (** DISPUTED ** ...)
 	{DSA-4288-1 DLA-1504-1}
 	[experimental] - ghostscript 9.25~dfsg-1~exp1
 	- ghostscript 9.25~dfsg-1 (bug #908305)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e29b930e8d2bcbb5bf81fd9956d47eb81de34bae

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e29b930e8d2bcbb5bf81fd9956d47eb81de34bae
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191005/1afbf891/attachment-0001.html>
