[Git][security-tracker-team/security-tracker][master] new bitcoin issue
Moritz Muehlenhoff
jmm at debian.org
Fri Sep 6 16:39:32 BST 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
46e03a01 by Moritz Muehlenhoff at 2019-09-06T15:38:56Z
new bitcoin issue
two older poppler issues
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -18,7 +18,7 @@ CVE-2019-15949 (Nagios XI before 5.6.6 allows remote command execution as root.
CVE-2019-15948
RESERVED
CVE-2019-15947 (In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted ...)
- TODO: check
+ - bitcoin <unfixed>
CVE-2019-15946 (OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet ...)
- opensc <unfixed>
NOTE: https://github.com/OpenSC/OpenSC/commit/a3fc7693f3a035a8a7921cffb98432944bb42740
@@ -26,7 +26,7 @@ CVE-2019-15945 (OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1
- opensc <unfixed>
NOTE: https://github.com/OpenSC/OpenSC/commit/412a6142c27a5973c61ba540e33cdc22d5608e68
CVE-2019-15944 (In Counter-Strike: Global Offensive before 8/29/2019, community game s ...)
- TODO: check
+ NOT-FOR-US: Counter-Strike: Global Offensive
CVE-2019-15943
RESERVED
CVE-2019-15942 (FFmpeg through 4.2 has a "Conditional jump or move depends on uninitia ...)
@@ -39,9 +39,9 @@ CVE-2019-15940
CVE-2019-15939 (An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero err ...)
TODO: check
CVE-2019-15938 (Pengutronix barebox through 2019.08.1 has a remote buffer overflow in ...)
- TODO: check
+ NOT-FOR-US: Pengutronix barebox
CVE-2019-15937 (Pengutronix barebox through 2019.08.1 has a remote buffer overflow in ...)
- TODO: check
+ NOT-FOR-US: Pengutronix barebox
CVE-2019-15936
RESERVED
CVE-2019-15935
@@ -5178,7 +5178,7 @@ CVE-2019-14307 (Several Ricoh printers have multiple buffer overflows parsing HT
CVE-2019-14306
RESERVED
CVE-2019-14305 (Several Ricoh printers have multiple buffer overflows parsing HTTP par ...)
- TODO: check
+ NOT-FOR-US: Ricoh
CVE-2019-14304
RESERVED
CVE-2019-14303
@@ -5188,7 +5188,7 @@ CVE-2019-14302
CVE-2019-14301
RESERVED
CVE-2019-14300 (Several Ricoh printers have multiple buffer overflows parsing HTTP coo ...)
- TODO: check
+ NOT-FOR-US: Ricoh
CVE-2019-14299
RESERVED
CVE-2019-14298 (Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(con ...)
@@ -5247,9 +5247,13 @@ CVE-2019-14290 (An issue was discovered in Xpdf 4.01.01. There is an out of boun
- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/44cd46a6e04a87bd702dab4a662042f69f16c4ad
CVE-2019-14289 (An issue was discovered in Xpdf 4.01.01. There is an integer overflow ...)
- TODO: check
+ - poppler 0.57.0-2
+ NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/55db66c69fd56826b8523710046deab1a8d14ba2
+ NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/22c4701d5f7be0010ee4519daa546fba5ab7ac13
CVE-2019-14288 (An issue was discovered in Xpdf 4.01.01. There is an Integer overflow ...)
- TODO: check
+ - poppler 0.57.0-2
+ NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/55db66c69fd56826b8523710046deab1a8d14ba2
+ NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/22c4701d5f7be0010ee4519daa546fba5ab7ac13
CVE-2019-14287
RESERVED
CVE-2019-14286 (In app/webroot/js/event-graph.js in MISP 2.4.111, a stored XSS vulnera ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/46e03a01c90183c3c424a7812b5b5934dca70e4f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/46e03a01c90183c3c424a7812b5b5934dca70e4f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190906/0b52b94b/attachment.html>
More information about the debian-security-tracker-commits
mailing list