Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
969bbeb6 by security tracker role at 2018-04-30T08:10:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,35 @@
+CVE-2018-10560
+ RESERVED
+CVE-2018-10559
+ RESERVED
+CVE-2018-10558
+ RESERVED
+CVE-2018-10557
+ RESERVED
+CVE-2018-10556
+ RESERVED
+CVE-2018-10555
+ RESERVED
+CVE-2018-10554 (An issue was discovered in Nagios XI 5.4.13. There is XSS
exploitable ...)
+ TODO: check
+CVE-2018-10553 (An issue was discovered in Nagios XI 5.4.13. A registered user
is able ...)
+ TODO: check
+CVE-2018-10552
+ RESERVED
+CVE-2018-10551
+ RESERVED
+CVE-2018-10550 (In Octopus Deploy before 2018.4.7, target and tenant tag
variable ...)
+ TODO: check
+CVE-2018-10549 (An issue was discovered in PHP before 5.6.36, 7.0.x before
7.0.30, ...)
+ TODO: check
+CVE-2018-10548 (An issue was discovered in PHP before 5.6.36, 7.0.x before
7.0.30, ...)
+ TODO: check
+CVE-2018-10547 (An issue was discovered in ext/phar/phar_object.c in PHP
before 5.6.36, ...)
+ TODO: check
+CVE-2018-10546 (An issue was discovered in PHP before 5.6.36, 7.0.x before
7.0.30, ...)
+ TODO: check
+CVE-2018-10545 (An issue was discovered in PHP before 5.6.35, 7.0.x before
7.0.29, ...)
+ TODO: check
CVE-2018-10544
RESERVED
CVE-2018-10543
@@ -14578,7 +14610,7 @@ CVE-2018-5147 [out-of-bound write]
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
CVE-2018-5146 [out-of-bound write]
RESERVED
- {DSA-4155-1 DSA-4143-1 DSA-4140-1 DLA-1327-1 DLA-1319-1}
+ {DSA-4155-1 DSA-4143-1 DSA-4140-1 DLA-1368-1 DLA-1327-1 DLA-1319-1}
- firefox 59.0.1-1
- firefox-esr 52.7.2esr-1
- thunderbird 1:52.7.0-1
@@ -36276,13 +36308,13 @@ CVE-2017-14634 (In libsndfile 1.0.28, a
divide-by-zero error exists in the funct
NOTE: https://github.com/erikd/libsndfile/issues/318
NOTE: Fixed by:
https://github.com/erikd/libsndfile/commit/85c877d5072866aadbe8ed0c3e0590fbb5e16788
CVE-2017-14633 (In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read
vulnerability ...)
- {DSA-4113-1}
+ {DSA-4113-1 DLA-1368-1}
- libvorbis 1.3.5-4.1 (bug #876778)
[jessie] - libvorbis <postponed> (Minor issue, can be fixed along later)
NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2329
NOTE: https://github.com/xiph/vorbis/pull/34
CVE-2017-14632 (Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon
freeing ...)
- {DSA-4113-1}
+ {DSA-4113-1 DLA-1368-1}
- libvorbis 1.3.5-4.1 (bug #876779)
[jessie] - libvorbis <not-affected> (Vulnerable code not present)
[wheezy] - libvorbis <not-affected> (Vulnerable code not present)
@@ -46218,7 +46250,7 @@ CVE-2017-11334 (The address_space_write_continue
function in exec.c in QEMU (aka
NOTE:
https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=f5aa69bdc3418773f26747ca282c291519626ece
NOTE:
https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=04bf2526ce87f21b32c9acba1c5518708c243ad0
CVE-2017-11333 (The vorbis_analysis_wrote function in lib/block.c in Xiph.Org
libvorbis ...)
- {DSA-4113-1}
+ {DSA-4113-1 DLA-1368-1}
- libvorbis 1.3.5-4.1 (low; bug #870341)
[jessie] - libvorbis <postponed> (Minor issue, can be revisited once
fixed upstream)
NOTE: http://seclists.org/fulldisclosure/2017/Jul/82
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/969bbeb6c245ff26978a4578db48208dc271d97f
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/969bbeb6c245ff26978a4578db48208dc271d97f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
