Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7678ddc6 by security tracker role at 2018-05-11T08:10:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2,10 +2,10 @@ CVE-2018-XXXX [Incomplete fix for CVE-2017-17523]
- lilypond <unfixed> (bug #898373)
[jessie] - lilypond <not-affected> (Incomplete fix not applied)
[wheezy] - lilypond <not-affected> (Incomplete fix not applied)
-CVE-2018-10982 [x86 vHPET interrupt injection errors]
+CVE-2018-10982 (An issue was discovered in Xen through 4.10.x allowing x86 HVM
guest OS ...)
- xen <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-261.html
-CVE-2018-10981 [qemu may drive Xen into unbounded loop]
+CVE-2018-10981 (An issue was discovered in Xen through 4.10.x allowing x86 HVM
guest OS ...)
- xen <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-262.html
CVE-2018-10980
@@ -15634,7 +15634,7 @@ CVE-2018-5184
RESERVED
CVE-2018-5183
RESERVED
- {DSA-4199-1}
+ {DSA-4199-1 DLA-1376-1}
- firefox-esr 52.8.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183
CVE-2018-5182
@@ -15656,7 +15656,7 @@ CVE-2018-5179
RESERVED
CVE-2018-5178
RESERVED
- {DSA-4199-1}
+ {DSA-4199-1 DLA-1376-1}
- firefox-esr 52.8.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178
CVE-2018-5177
@@ -15701,7 +15701,7 @@ CVE-2018-5169
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5169
CVE-2018-5168
RESERVED
- {DSA-4199-1}
+ {DSA-4199-1 DLA-1376-1}
[experimental] - firefox 60.0-1
- firefox <unfixed>
- firefox-esr 52.8.0esr-1
@@ -15743,7 +15743,7 @@ CVE-2018-5160
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5160
CVE-2018-5159
RESERVED
- {DSA-4199-1}
+ {DSA-4199-1 DLA-1376-1}
[experimental] - firefox 60.0-1
- firefox <unfixed>
- firefox-esr 52.8.0esr-1
@@ -15751,7 +15751,7 @@ CVE-2018-5159
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159
CVE-2018-5158
RESERVED
- {DSA-4199-1}
+ {DSA-4199-1 DLA-1376-1}
[experimental] - firefox 60.0-1
- firefox <unfixed>
- firefox-esr 52.8.0esr-1
@@ -15759,7 +15759,7 @@ CVE-2018-5158
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158
CVE-2018-5157
RESERVED
- {DSA-4199-1}
+ {DSA-4199-1 DLA-1376-1}
[experimental] - firefox 60.0-1
- firefox <unfixed>
- firefox-esr 52.8.0esr-1
@@ -15769,7 +15769,7 @@ CVE-2018-5156
RESERVED
CVE-2018-5155
RESERVED
- {DSA-4199-1}
+ {DSA-4199-1 DLA-1376-1}
[experimental] - firefox 60.0-1
- firefox <unfixed>
- firefox-esr 52.8.0esr-1
@@ -15777,7 +15777,7 @@ CVE-2018-5155
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155
CVE-2018-5154
RESERVED
- {DSA-4199-1}
+ {DSA-4199-1 DLA-1376-1}
[experimental] - firefox 60.0-1
- firefox <unfixed>
- firefox-esr 52.8.0esr-1
@@ -15800,7 +15800,7 @@ CVE-2018-5151
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5151
CVE-2018-5150
RESERVED
- {DSA-4199-1}
+ {DSA-4199-1 DLA-1376-1}
[experimental] - firefox 60.0-1
- firefox <unfixed>
- firefox-esr 52.8.0esr-1
@@ -19550,8 +19550,8 @@ CVE-2018-3651
RESERVED
CVE-2018-3650
RESERVED
-CVE-2018-3649
- RESERVED
+CVE-2018-3649 (DLL injection vulnerability in the installation executables ...)
+ TODO: check
CVE-2018-3648
RESERVED
CVE-2018-3647
@@ -19614,8 +19614,8 @@ CVE-2018-3619
RESERVED
CVE-2018-3618
RESERVED
-CVE-2018-3617
- RESERVED
+CVE-2018-3617 (Some implementations in Intel Integrated Performance Primitives
...)
+ TODO: check
CVE-2018-3616
RESERVED
CVE-2018-3615
@@ -19624,8 +19624,8 @@ CVE-2018-3614
RESERVED
CVE-2018-3613
RESERVED
-CVE-2018-3612
- RESERVED
+CVE-2018-3612 (Intel NUC kits with insufficient input validation in system
firmware, ...)
+ TODO: check
CVE-2018-3611
RESERVED
CVE-2018-3610 (SEMA driver in Intel Driver and Support Assistant before
version 3.1.1 ...)
@@ -26809,8 +26809,7 @@ CVE-2018-1120
RESERVED
CVE-2018-1119
REJECTED
-CVE-2018-1118 [vhost: Information disclosure in vhost/vhost.c:vhost_new_msg()]
- RESERVED
+CVE-2018-1118 (Linux kernel vhost since version 4.8 does not properly
initialize ...)
- linux <unfixed>
NOTE: https://lkml.org/lkml/2018/4/27/833
CVE-2018-1117
@@ -29128,7 +29127,7 @@ CVE-2018-0496
CVE-2018-0495
RESERVED
CVE-2018-0494 (GNU Wget before 1.19.5 is prone to a cookie injection
vulnerability in ...)
- {DSA-4195-1}
+ {DSA-4195-1 DLA-1375-1}
- wget 1.19.5-1 (bug #898076)
NOTE: https://lists.gnu.org/archive/html/bug-wget/2018-05/msg00020.html
NOTE: https://savannah.gnu.org/bugs/?53763
@@ -46955,6 +46954,7 @@ CVE-2017-11511 (The ManageEngine ServiceDesk 9.3.9328
is vulnerable to arbitrary
CVE-2017-11510 (An information leak exists in Wanscam's HW0021 network camera
that ...)
NOT-FOR-US: Wanscam's HW0021 network camera
CVE-2017-11509 (An authenticated remote attacker can execute arbitrary code in
...)
+ {DLA-1374-1}
- firebird3.0 3.0.3.32900.ds4-3
[stretch] - firebird3.0 <postponed> (Minor issue, can be fixed along in
a future update)
- firebird2.5 <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7678ddc6044f7bcca78d08849392ab5bc590e4aa
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7678ddc6044f7bcca78d08849392ab5bc590e4aa
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
