[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Sep 6 09:10:33 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a49def56 by security tracker role at 2019-09-06T08:10:22Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25,8 +25,8 @@ CVE-2019-15946 (OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1
CVE-2019-15945 (OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitst ...)
- opensc <unfixed>
NOTE: https://github.com/OpenSC/OpenSC/commit/412a6142c27a5973c61ba540e33cdc22d5608e68
-CVE-2019-15944
- RESERVED
+CVE-2019-15944 (In Counter-Strike: Global Offensive before 8/29/2019, community game s ...)
+ TODO: check
CVE-2019-15943
RESERVED
CVE-2019-15942 (FFmpeg through 4.2 has a "Conditional jump or move depends on uninitia ...)
@@ -265,8 +265,8 @@ CVE-2019-15850
RESERVED
CVE-2019-15849
RESERVED
-CVE-2019-15848
- RESERVED
+CVE-2019-15848 (JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XS ...)
+ TODO: check
CVE-2019-15847 (The POWER9 backend in GNU Compiler Collection (GCC) before version 10 ...)
TODO: check
CVE-2015-9383 (FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_v ...)
@@ -2608,8 +2608,8 @@ CVE-2019-15031
RESERVED
CVE-2019-15030
RESERVED
-CVE-2019-15029
- RESERVED
+CVE-2019-15029 (FusionPBX 4.4.8 allows an attacker to execute arbitrary system command ...)
+ TODO: check
CVE-2019-15028 (In Joomla! before 3.9.11, inadequate checks in com_contact could allow ...)
NOT-FOR-US: Joomla!
CVE-2019-15027 (The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on ...)
@@ -5101,8 +5101,8 @@ CVE-2019-14341
RESERVED
CVE-2019-14340
RESERVED
-CVE-2019-14339
- RESERVED
+CVE-2019-14339 (The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2 ...)
+ TODO: check
CVE-2019-14338 (An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 2 ...)
NOT-FOR-US: D-Link
CVE-2019-14337 (An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 2 ...)
@@ -5467,12 +5467,12 @@ CVE-2019-14226
RESERVED
CVE-2019-14225
RESERVED
-CVE-2019-14224
- RESERVED
+CVE-2019-14224 (An issue was discovered in Alfresco Community Edition 5.2 201707. By l ...)
+ TODO: check
CVE-2019-14223
RESERVED
-CVE-2019-14222
- RESERVED
+CVE-2019-14222 (An issue was discovered in Alfresco Community Edition versions 6.0 and ...)
+ TODO: check
CVE-2019-14221 (1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishan ...)
NOT-FOR-US: 1CRM On-Premise Software
CVE-2019-14220
@@ -13873,8 +13873,8 @@ CVE-2019-11382
RESERVED
CVE-2019-11381
RESERVED
-CVE-2019-11380
- RESERVED
+CVE-2019-11380 (The master-password feature in the ES File Explorer File Manager appli ...)
+ TODO: check
CVE-2019-11379
RESERVED
CVE-2019-11378 (An issue was discovered in ProjectSend r1053. upload-process-form.php ...)
@@ -15480,8 +15480,8 @@ CVE-2019-10755
RESERVED
CVE-2019-10754
RESERVED
-CVE-2019-10753
- RESERVED
+CVE-2019-10753 (In all versions prior to version 3.9.6 for eclipse-wtp, all versions p ...)
+ TODO: check
CVE-2019-10752
RESERVED
CVE-2019-10751 (All versions of the HTTPie package prior to version 1.0.3 are vulnerab ...)
@@ -20460,8 +20460,8 @@ CVE-2019-9256
RESERVED
CVE-2019-9255
RESERVED
-CVE-2019-9254
- RESERVED
+CVE-2019-9254 (In readArgumentList of zygote.java in Android 10, there is a possible ...)
+ TODO: check
CVE-2019-9253
RESERVED
CVE-2019-9252
@@ -39423,22 +39423,22 @@ CVE-2019-2183
RESERVED
CVE-2019-2182
RESERVED
-CVE-2019-2181
- RESERVED
-CVE-2019-2180
- RESERVED
-CVE-2019-2179
- RESERVED
-CVE-2019-2178
- RESERVED
-CVE-2019-2177
- RESERVED
-CVE-2019-2176
- RESERVED
-CVE-2019-2175
- RESERVED
-CVE-2019-2174
- RESERVED
+CVE-2019-2181 (In binder_transaction of binder.c in the Android kernel, there is a po ...)
+ TODO: check
+CVE-2019-2180 (In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possi ...)
+ TODO: check
+CVE-2019-2179 (In NDEF_MsgValidate of ndef_utils in Android 7.1.1, 7.1.2, 8.0, 8.1 an ...)
+ TODO: check
+CVE-2019-2178 (In rw_t4t_sm_read_ndef of rw_t4t in Android 7.1.1, 7.1.2, 8.0, 8.1 and ...)
+ TODO: check
+CVE-2019-2177 (In isPreferred of HidProfile.java in Android 7.1.1, 7.1.2, 8.0, 8.1 an ...)
+ TODO: check
+CVE-2019-2176 (In ihevcd_parse_buffering_period_sei of ihevcd_parse_headers.c in Andr ...)
+ TODO: check
+CVE-2019-2175 (In checkAccess of SliceManagerService.java in Android 9, there is a po ...)
+ TODO: check
+CVE-2019-2174 (In SensorManager::assertStateLocked of SensorManager.cpp in Android 7. ...)
+ TODO: check
CVE-2019-2173
RESERVED
CVE-2019-2172
@@ -39537,10 +39537,10 @@ CVE-2019-2126 (In ParseContentEncodingEntry of mkvparser.cc, there is a possible
NOT-FOR-US: Android media framework
CVE-2019-2125 (In ChangeDefaultDialerDialog.java, there is a possible escalation of p ...)
NOT-FOR-US: Android
-CVE-2019-2124
- RESERVED
-CVE-2019-2123
- RESERVED
+CVE-2019-2124 (In ComposeActivityEmailExternal of ComposeActivityEmailExternal.java i ...)
+ TODO: check
+CVE-2019-2123 (In execTransact of Binder.java in Android 7.1.1, 7.1.2, 8.0, 8.1, and ...)
+ TODO: check
CVE-2019-2122 (In LockTaskController.lockKeyguardIfNeeded of the LockTaskController.j ...)
NOT-FOR-US: Android
CVE-2019-2121 (In ActivityManagerService.attachApplication of ActivityManagerService, ...)
@@ -39555,8 +39555,8 @@ CVE-2019-2117 (In checkQueryPermission of TelephonyProvider.java, there is a pos
NOT-FOR-US: Android
CVE-2019-2116 (In save_attr_seq of sdp_discovery.cc, there is a possible out-of-bound ...)
NOT-FOR-US: Android
-CVE-2019-2115
- RESERVED
+CVE-2019-2115 (In GateKeeper::MintAuthToken of gatekeeper.cpp in Android 7.1.1, 7.1.2 ...)
+ TODO: check
CVE-2019-2114
RESERVED
CVE-2019-2113 (In setup wizard there is a bypass of some checks when wifi connection ...)
@@ -39569,8 +39569,7 @@ CVE-2019-2110
RESERVED
CVE-2019-2109 (In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a pos ...)
NOT-FOR-US: Android media framework
-CVE-2019-2108
- RESERVED
+CVE-2019-2108 (In ihevcd_ref_list of ihevcd_ref_list.c in Android 10, there is a poss ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-2107 (In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out ...)
NOT-FOR-US: Android media framework
@@ -39580,8 +39579,8 @@ CVE-2019-2105 (In FileInputStream::Read of file_input_stream.cc, there is a poss
NOT-FOR-US: Android
CVE-2019-2104 (In HIDL, safe_union, and other C++ structs/unions being sent to applic ...)
NOT-FOR-US: Android
-CVE-2019-2103
- RESERVED
+CVE-2019-2103 (In Google Assistant in Android 9, there is a possible permissions bypa ...)
+ TODO: check
CVE-2019-2102 (In the Bluetooth Low Energy (BLE) specification, there is a provided e ...)
NOT-FOR-US: Android
CVE-2019-2101 (In uvc_parse_standard_control of uvc_driver.c, there is a possible out ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a49def563f88d4bb997044a369a9b1381423137a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a49def563f88d4bb997044a369a9b1381423137a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190906/8161efe9/attachment.html>
More information about the debian-security-tracker-commits
mailing list