Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: df34f4fa by security tracker role at 2018-04-29T08:10:17+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,9 @@ +CVE-2018-10530 + RESERVED +CVE-2018-10529 (An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds ...) + TODO: check +CVE-2018-10528 (An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer ...) + TODO: check CVE-2018-10527 (EasyCMS 1.3 is prone to Stored XSS when posting an article; four fields ...) NOT-FOR-US: EasyCMS CVE-2018-10526 @@ -1601,7 +1607,7 @@ CVE-2018-9840 (The Open Whisper Signal app before 2.23.2 for iOS allows physical CVE-2018-9839 RESERVED CVE-2018-1000164 (gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of ...) - {DLA-1357-1} + {DSA-4186-1 DLA-1357-1} - gunicorn 19.5.0-1 (bug #896548) NOTE: https://epadillas.github.io/2018/04/02/http-header-splitting-in-gunicorn-19.4.5 NOTE: https://github.com/benoitc/gunicorn/issues/1227 @@ -20763,12 +20769,14 @@ CVE-2018-2816 (Vulnerability in the MySQL Server component of Oracle MySQL ...) - mysql-5.5 <not-affected> (Only affects MySQL 5.7) NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL CVE-2018-2815 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-4185-1} - openjdk-10 <unfixed> - openjdk-8 8u171-b11-1 - openjdk-7 <removed> - openjdk-6 <removed> [wheezy] - openjdk-6 <end-of-life> CVE-2018-2814 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...) + {DSA-4185-1} - openjdk-10 <unfixed> - openjdk-8 8u171-b11-1 - openjdk-7 <removed> @@ -20810,37 +20818,44 @@ CVE-2018-2802 (Vulnerability in the Oracle Hospitality Simphony component of Ora CVE-2018-2801 (Vulnerability in the Oracle Outside In Technology component of Oracle ...) NOT-FOR-US: Oracle CVE-2018-2800 (Vulnerability in the Java SE, JRockit component of Oracle Java SE ...) + {DSA-4185-1} - openjdk-8 8u171-b11-1 - openjdk-7 <removed> - openjdk-6 <removed> [wheezy] - openjdk-6 <end-of-life> CVE-2018-2799 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-4185-1} - openjdk-10 <unfixed> - openjdk-8 8u171-b11-1 - openjdk-7 <removed> CVE-2018-2798 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-4185-1} - openjdk-10 <unfixed> - openjdk-8 8u171-b11-1 - openjdk-7 <removed> - openjdk-6 <removed> [wheezy] - openjdk-6 <end-of-life> CVE-2018-2797 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-4185-1} - openjdk-10 <unfixed> - openjdk-8 8u171-b11-1 - openjdk-7 <removed> - openjdk-6 <removed> [wheezy] - openjdk-6 <end-of-life> CVE-2018-2796 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-4185-1} - openjdk-10 <unfixed> - openjdk-8 8u171-b11-1 - openjdk-7 <removed> CVE-2018-2795 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-4185-1} - openjdk-10 <unfixed> - openjdk-8 8u171-b11-1 - openjdk-7 <removed> - openjdk-6 <removed> [wheezy] - openjdk-6 <end-of-life> CVE-2018-2794 (Vulnerability in the Java SE, JRockit component of Oracle Java SE ...) + {DSA-4185-1} - openjdk-10 <unfixed> - openjdk-8 8u171-b11-1 - openjdk-7 <removed> @@ -20853,6 +20868,7 @@ CVE-2018-2792 (Vulnerability in the Hardware Management Pack component of Oracle CVE-2018-2791 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...) NOT-FOR-US: Oracle CVE-2018-2790 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...) + {DSA-4185-1} - openjdk-10 <unfixed> - openjdk-8 8u171-b11-1 - openjdk-7 <removed> View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/df34f4fa80c24b57e666cdd37d5ca7e0db6c4f07 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/df34f4fa80c24b57e666cdd37d5ca7e0db6c4f07 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits