Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cb3fe41b by Salvatore Bonaccorso at 2018-04-21T19:02:39+02:00
Sort entries
- - - - -
979bc665 by Salvatore Bonaccorso at 2018-04-21T19:10:21+02:00
Add bug reference for CVE-2018-10188
- - - - -
6cc5a333 by Salvatore Bonaccorso at 2018-04-21T19:21:38+02:00
Add CVE-2018-9275/yubico-pam bug reference: #896491
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -158,7 +158,7 @@ CVE-2018-10190 (A vulnerability in London Trust Media
Private Internet Access (P
CVE-2018-10189 (An issue was discovered in Mautic 1.x and 2.x before 2.13.0.
It is ...)
NOT-FOR-US: Mautic
CVE-2018-10188 (phpMyAdmin 4.8.0 before 4.8.0-1 has CSRF, allowing an attacker
to ...)
- - phpmyadmin <unfixed>
+ - phpmyadmin <unfixed> (bug #896490)
[wheezy] - phpmyadmin <not-affected> (vulnerable code not present)
NOTE: https://www.phpmyadmin.net/security/PMASA-2018-2/
NOTE:
https://github.com/phpmyadmin/phpmyadmin/commit/c6dd6b56e236a3aff953cee4135ecaa67130e641
@@ -340,10 +340,10 @@ CVE-2018-10115
RESERVED
CVE-2018-10114 (An issue was discovered in GEGL through 0.3.32. The ...)
- gegl 0.3.34-1
+ [wheezy] - gegl <no-dsa> (Minor issue)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=795248
NOTE:
https://git.gnome.org/browse/gegl/commit/?id=c83b05d565a1e3392c9606a4ecaa560eb9a4ee29
NOTE: POC
https://github.com/xiaoqx/pocs/tree/master/gegl#1-gegl-outbound-write-1
- [wheezy] - gegl <no-dsa> (Minor issue)
CVE-2018-10113 (An issue was discovered in GEGL through 0.3.32. The process
function in ...)
- gegl <unfixed> (low)
[stretch] - gegl <no-dsa> (Minor issue)
@@ -352,9 +352,9 @@ CVE-2018-10113 (An issue was discovered in GEGL through
0.3.32. The process func
NOTE: POC https://github.com/xiaoqx/pocs/tree/master/gegl#3-gegl-dos-2
CVE-2018-10112 (An issue was discovered in GEGL through 0.3.32. The ...)
- gegl <unfixed>
+ [wheezy] - gegl <no-dsa> (Minor issue)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=795249
NOTE:
https://github.com/xiaoqx/pocs/tree/master/gegl#4-gegl-outbound-write-2
- [wheezy] - gegl <no-dsa> (Minor issue)
CVE-2018-10111 (An issue was discovered in GEGL through 0.3.32. The
render_rectangle ...)
- gegl <unfixed> (low)
[stretch] - gegl <no-dsa> (Minor issue)
@@ -2204,7 +2204,7 @@ CVE-2018-9277
CVE-2018-9276
RESERVED
CVE-2018-9275 (In check_user_token in util.c in the Yubico PAM module (aka
pam_yubico) ...)
- - yubico-pam <unfixed>
+ - yubico-pam <unfixed> (bug #896491)
[jessie] - yubico-pam <not-affected> (Vulnerable code introduced later)
[wheezy] - yubico-pam <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.opensuse.org/show_bug.cgi?id=1088027
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/88a79ad6de9752d6b183e89d863a97372a6a45d5...6cc5a333ab2e51dadf77282d2068203245aee706
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/88a79ad6de9752d6b183e89d863a97372a6a45d5...6cc5a333ab2e51dadf77282d2068203245aee706
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
