[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sun Sep 1 09:10:31 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bdf885be by security tracker role at 2019-09-01T08:10:15Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4463,6 +4463,7 @@ CVE-2019-14443 (An issue was discovered in Libav 12.3. Division by zero in range
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1161#c1
 CVE-2019-14442 (In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file ...)
+	{DLA-1907-1}
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1159
 CVE-2019-14441 (An issue was discovered in Libav 12.3. An access violation allows remo ...)
@@ -4681,6 +4682,7 @@ CVE-2019-14373 (An issue was discovered in image_save_png in image/image-png.cpp
 	- flif <removed>
 	NOTE: https://github.com/FLIF-hub/FLIF/issues/541
 CVE-2019-14372 (In Libav 12.3, there is an infinite loop in the function wv_read_block ...)
+	{DLA-1907-1}
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1165
 CVE-2019-14371 (An issue was discovered in Libav 12.3. There is an infinite loop in th ...)
@@ -7565,7 +7567,7 @@ CVE-2019-13578 (A SQL injection vulnerability exists in the Impress GiveWP Give
 CVE-2019-13577 (SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthe ...)
 	NOT-FOR-US: SnmpAdm.exe in MAPLE WBT SNMP Administrator
 CVE-2018-20852 (http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py ...)
-	{DLA-1889-1}
+	{DLA-1906-1 DLA-1889-1}
 	- python3.7 3.7.3~rc1-1
 	- python3.5 <removed>
 	- python3.4 <removed>
@@ -67037,6 +67039,7 @@ CVE-2018-11104
 CVE-2018-11103
 	RESERVED
 CVE-2018-11102 (An issue was discovered in Libav 12.3. A read access violation in the  ...)
+	{DLA-1907-1}
 	- libav <removed> (low)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1128
 CVE-2018-11101 (Open Whisper Signal (aka Signal-Desktop) through 1.10.1 allows XSS via ...)
@@ -82400,6 +82403,7 @@ CVE-2018-5768 (A remote, unauthenticated attacker can gain remote code execution
 CVE-2018-5767 (An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A rem ...)
 	NOT-FOR-US: Tenda AC15 V15.03.1.16_multi devices
 CVE-2018-5766 (In Libav through 12.2, there is an invalid memcpy in the av_packet_ref ...)
+	{DLA-1907-1}
 	- libav <removed>
 	[wheezy] - libav <ignored> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1112
@@ -118968,6 +118972,7 @@ CVE-2017-9988 (The readEncUInt30 function in util/read.c in libming 0.4.8 mishan
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/85
 CVE-2017-9987 (There is a heap-based buffer overflow in the function hpel_motion in m ...)
+	{DLA-1907-1}
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1067
 	NOTE: Five different issues but only one POC instead of five attached.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bdf885be103479d2d968a8e284d271ebff2b4835

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bdf885be103479d2d968a8e284d271ebff2b4835
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190901/a0ea2853/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list