[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Sun, 06 May 2018 01:10:54 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e2245677 by security tracker role at 2018-05-06T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -76,8 +76,8 @@ CVE-2018-10725
        RESERVED
 CVE-2018-10724
        RESERVED
-CVE-2018-10723
-       RESERVED
+CVE-2018-10723 (Directus 6.4.9 has a hardcoded admin password for the Admin 
account ...)
+       TODO: check
 CVE-2018-10722 (In Cylance CylancePROTECT before 1470, an unprivileged local 
user can ...)
        NOT-FOR-US: Cylance CylancePROTECT
 CVE-2018-10721
@@ -155,8 +155,8 @@ CVE-2018-10688
        RESERVED
 CVE-2018-10687
        RESERVED
-CVE-2018-10686
-       RESERVED
+CVE-2018-10686 (An issue was discovered in Vesta Control Panel 0.9.8-20. There 
is ...)
+       TODO: check
 CVE-2018-10685 (In Long Range Zip (aka lrzip) 0.631, there is a use-after-free 
in the ...)
        - lrzip <unfixed> (bug #897645)
        NOTE: https://github.com/ckolivas/lrzip/issues/95
@@ -2260,12 +2260,12 @@ CVE-2018-10101 (Before WordPress 4.9.5, the URL 
validator assumed URLs with the 
        NOTE: 
https://github.com/WordPress/WordPress/commit/804363859602d4050d9a38a21f5a65d9aec18216
        NOTE: Introduced via 
https://github.com/WordPress/WordPress/commit/c73a812109e1a64ecf21b6a198f949c58d1f2674
 (4.5)
 CVE-2018-10100 (Before WordPress 4.9.5, the redirection URL for the login page 
was not ...)
-       {DLA-1366-1}
+       {DSA-4193-1 DLA-1366-1}
        - wordpress 4.9.5+dfsg1-1 (bug #895034)
        NOTE: https://core.trac.wordpress.org/changeset/42892
        NOTE: 
https://github.com/WordPress/WordPress/commit/14bc2c0a6fde0da04b47130707e01df850eedc7e
 CVE-2018-10102 (Before WordPress 4.9.5, the version string was not escaped in 
the ...)
-       {DLA-1366-1}
+       {DSA-4193-1 DLA-1366-1}
        - wordpress 4.9.5+dfsg1-1 (bug #895034)
        NOTE: https://core.trac.wordpress.org/changeset/42893
        NOTE: 
https://github.com/WordPress/WordPress/commit/31a4369366d6b8ce30045d4c838de2412c77850d



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e22456774788ddd9fe964746e3a0da0a62b93125

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e22456774788ddd9fe964746e3a0da0a62b93125
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to