Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
628fa1bd by security tracker role at 2018-04-28T20:10:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,7 @@
+CVE-2018-10527 (EasyCMS 1.3 is prone to Stored XSS when posting an article;
four fields ...)
+ TODO: check
+CVE-2018-10526
+ RESERVED
CVE-2018-10525
RESERVED
CVE-2017-18263 (Seagate Media Server in Seagate Personal Cloud before 4.3.18.4
has ...)
@@ -110,8 +114,8 @@ CVE-2018-10470
RESERVED
CVE-2018-10469 (b3log Symphony (aka Sym) 2.6.0 allows remote attackers to
upload and ...)
NOT-FOR-US: b3log Symphony (aka Sym)
-CVE-2018-10468
- RESERVED
+CVE-2018-10468 (The transferFrom function of a smart contract implementation
for ...)
+ TODO: check
CVE-2018-10467
RESERVED
CVE-2018-10466
@@ -8949,6 +8953,7 @@ CVE-2018-7035 (Cross-site scripting (XSS) vulnerability
in Gleez CMS 1.2.0 and 2
CVE-2018-7034 (TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR
v1.03B01 ...)
NOT-FOR-US: TRENDnet devices
CVE-2018-7033 (SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows
SQL ...)
+ {DLA-1367-1}
- slurm-llnl 17.11.5-1 (bug #893044)
NOTE: https://bugs.schedmd.com/show_bug.cgi?id=4792 (not yet public)
NOTE:
https://github.com/SchedMD/slurm/commit/db468895240ad6817628d07054fe54e71273b2fe
@@ -17477,19 +17482,19 @@ CVE-2018-3841
CVE-2018-3840
RESERVED
CVE-2018-3839 (An exploitable code execution vulnerability exists in the XCF
image ...)
- {DSA-4177-1 DLA-1341-1}
+ {DSA-4184-1 DSA-4177-1 DLA-1341-1}
- libsdl2-image 2.0.3+dfsg1-1
- sdl-image1.2 1.2.12-8
NOTE:
https://hg.libsdl.org/SDL_image/rev/fb643e371806910f1973abfdfe7f981e8dba60f5
NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0521
CVE-2018-3838 (An exploitable information vulnerability exists in the XCF
image ...)
- {DSA-4177-1 DLA-1341-1}
+ {DSA-4184-1 DSA-4177-1 DLA-1341-1}
- libsdl2-image 2.0.3+dfsg1-1
- sdl-image1.2 1.2.12-8
NOTE:
https://hg.libsdl.org/SDL_image/rev/c5f9cbb5d2bbcb2150ba0596ea56b49efeed660d
NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0520
CVE-2018-3837 (An exploitable information disclosure vulnerability exists in
the PCX ...)
- {DSA-4177-1 DLA-1341-1}
+ {DSA-4184-1 DSA-4177-1 DLA-1341-1}
- libsdl2-image 2.0.3+dfsg1-1
- sdl-image1.2 1.2.12-8
NOTE:
https://hg.libsdl.org/SDL_image/rev/2938fc80591abeae74b971cbdf966eff3213297e
@@ -36792,7 +36797,7 @@ CVE-2017-14452
CVE-2017-14451
RESERVED
CVE-2017-14450 (A buffer overflow vulnerability exists in the GIF image
parsing ...)
- {DSA-4177-1 DLA-1341-1}
+ {DSA-4184-1 DSA-4177-1 DLA-1341-1}
- libsdl2-image 2.0.3+dfsg1-1
- sdl-image1.2 1.2.12-8
NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0499
@@ -36804,7 +36809,7 @@ CVE-2017-14449 (A double-Free vulnerability exists in
the XCF image rendering ..
NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0498
NOTE: https://hg.libsdl.org/SDL_image/rev/d0142861559c
CVE-2017-14448 (An exploitable code execution vulnerability exists in the XCF
image ...)
- {DSA-4177-1 DLA-1341-1}
+ {DSA-4184-1 DSA-4177-1 DLA-1341-1}
- libsdl2-image 2.0.3+dfsg1-1
- sdl-image1.2 1.2.12-8
NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0497
@@ -36820,19 +36825,19 @@ CVE-2017-14444
CVE-2017-14443
RESERVED
CVE-2017-14442 (An exploitable code execution vulnerability exists in the BMP
image ...)
- {DSA-4177-1 DLA-1341-1}
+ {DSA-4184-1 DSA-4177-1 DLA-1341-1}
- libsdl2-image 2.0.3+dfsg1-1
- sdl-image1.2 1.2.12-8
NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0491
NOTE: https://hg.libsdl.org/SDL_image/rev/37445f6180a8
CVE-2017-14441 (An exploitable code execution vulnerability exists in the ICO
image ...)
- {DSA-4177-1 DLA-1341-1}
+ {DSA-4184-1 DSA-4177-1 DLA-1341-1}
- libsdl2-image 2.0.3+dfsg1-1
- sdl-image1.2 1.2.12-8
NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0490
NOTE: https://hg.libsdl.org/SDL_image/rev/a1e9b624ca10
CVE-2017-14440 (An exploitable code execution vulnerability exists in the ILBM
image ...)
- {DSA-4177-1 DLA-1341-1}
+ {DSA-4184-1 DSA-4177-1 DLA-1341-1}
- libsdl2-image 2.0.3+dfsg1-1
- sdl-image1.2 1.2.12-8
NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0489
@@ -43788,7 +43793,7 @@ CVE-2017-12124
CVE-2017-12123
RESERVED
CVE-2017-12122 (An exploitable code execution vulnerability exists in the ILBM
image ...)
- {DSA-4177-1 DLA-1341-1}
+ {DSA-4184-1 DSA-4177-1 DLA-1341-1}
- libsdl2-image 2.0.3+dfsg1-1
- sdl-image1.2 1.2.12-8
NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0488
@@ -72531,7 +72536,7 @@ CVE-2017-2888 (An exploitable integer overflow
vulnerability exists when creatin
NOTE: https://hg.libsdl.org/SDL/rev/7e0f1498ddb5
NOTE: https://hg.libsdl.org/SDL/rev/81a4950907a0
CVE-2017-2887 (An exploitable buffer overflow vulnerability exists in the XCF
...)
- {DSA-4177-1 DLA-1134-1}
+ {DSA-4184-1 DSA-4177-1 DLA-1134-1}
- libsdl2-image 2.0.1+dfsg-4 (bug #878266)
- sdl-image1.2 1.2.12-7 (bug #878267)
NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0394
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/628fa1bd7a040a4e4d5c4d72cd28f5ac0bc2eaee
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/628fa1bd7a040a4e4d5c4d72cd28f5ac0bc2eaee
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
