[Git][security-tracker-team/security-tracker][master] automatic update

Mon, 21 May 2018 13:11:27 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
07ed291a by security tracker role at 2018-05-21T20:10:18+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,27 @@
+CVE-2018-11329
+       RESERVED
+CVE-2018-11328
+       RESERVED
+CVE-2018-11327
+       RESERVED
+CVE-2018-11326
+       RESERVED
+CVE-2018-11325
+       RESERVED
+CVE-2018-11324
+       RESERVED
+CVE-2018-11323
+       RESERVED
+CVE-2018-11322
+       RESERVED
+CVE-2018-11321
+       RESERVED
+CVE-2018-11320 (In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables 
that are ...)
+       TODO: check
+CVE-2018-1000181
+       RESERVED
+CVE-2018-1000180
+       RESERVED
 CVE-2018-11318
        RESERVED
 CVE-2018-11317
@@ -539,8 +563,8 @@ CVE-2018-11098 (An issue was discovered in Frog CMS 0.9.5. 
There is a file uploa
        NOT-FOR-US: Frog CMS
 CVE-2018-11097 (An issue was discovered in cloudwu/cstring through 2016-11-09. 
There is ...)
        NOT-FOR-US: cloudwu
-CVE-2018-11096
-       RESERVED
+CVE-2018-11096 (Horse Market Sell & Rent Portal Script 1.5.7 has a CSRF 
vulnerability ...)
+       TODO: check
 CVE-2018-11095 (The decompileJUMP function in decompile.c in libming through 
0.4.8 ...)
        - ming <removed>
        NOTE: https://github.com/libming/libming/issues/141
@@ -548,8 +572,8 @@ CVE-2018-11094 (An issue was discovered on Intelbras NCLOUD 
300 1.0 devices. ...
        NOT-FOR-US: Intelbras NCLOUD
 CVE-2018-11093
        RESERVED
-CVE-2018-11092
-       RESERVED
+CVE-2018-11092 (An issue was discovered in the Admin Notes plugin 1.1 for 
MyBB. CSRF ...)
+       TODO: check
 CVE-2018-11091 (An issue was discovered in MyBiz MyProcureNet 5.0.0. A 
malicious file ...)
        NOT-FOR-US: MyBiz MyProcureNet
 CVE-2018-11090 (An XSS issue was discovered in MyBiz MyProcureNet 5.0.0. This 
...)
@@ -5713,6 +5737,7 @@ CVE-2017-18245 (The mpc8_probe function in 
libavformat/mpc8.c in Libav 12.2 allo
        [jessie] - libav <no-dsa> (Minor issue)
        NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1094
 CVE-2018-8971 (The Auth0 integration in GitLab before 10.3.9, 10.4.x before 
10.4.6, ...)
+       {DSA-4206-1}
        - gitlab 10.5.6+dfsg-1 (bug #893905)
        NOTE: 
https://about.gitlab.com/2018/03/20/critical-security-release-gitlab-10-dot-5-dot-6-released/
 CVE-2018-8946
@@ -7560,8 +7585,8 @@ CVE-2018-8144
        RESERVED
 CVE-2018-8143
        RESERVED
-CVE-2018-8142
-       RESERVED
+CVE-2018-8142 (A security feature bypass exists when Windows incorrectly 
validates ...)
+       TODO: check
 CVE-2018-8141 (An information disclosure vulnerability exists when the Windows 
kernel ...)
        NOT-FOR-US: Microsoft
 CVE-2018-8140
@@ -10375,8 +10400,8 @@ CVE-2018-7270
        RESERVED
 CVE-2018-7269 (The findByCondition function in framework/db/ActiveRecord.php 
in Yii ...)
        - yii <itp> (bug #597899)
-CVE-2018-7268
-       RESERVED
+CVE-2018-7268 (MagniComp SysInfo before 10-H81, as shipped with BMC BladeLogic 
...)
+       TODO: check
 CVE-2018-7267
        RESERVED
 CVE-2018-7266
@@ -28027,8 +28052,7 @@ CVE-2018-1068 (A flaw was found in the Linux 4.x 
kernel's implementation of 32-b
        NOTE: 
https://git.kernel.org/linus/b71812168571fa55e44cdd0254471331b9c4c4c6
        NOTE: Unprivileged user namespaces are disabled in Debian, this only 
affects
        NOTE: non-standard setups
-CVE-2018-1067
-       RESERVED
+CVE-2018-1067 (In Undertow before versions 7.1.2.CR1, 7.1.2.GA it was found 
that the ...)
        TODO: check, unclear if issue is in src:untertow or in its use in 
WildFly (issue is incomplete fix for CVE-2016-4993, which might need an update 
depending on the result)
 CVE-2018-1066 (The Linux kernel before version 4.11 is vulnerable to a NULL 
pointer ...)
        {DSA-4188-1 DSA-4187-1}
@@ -79356,6 +79380,7 @@ CVE-2017-0922 (Gitlab Enterprise Edition version 10.3 
is vulnerable to an ...)
 CVE-2017-0921
        RESERVED
 CVE-2017-0920 (GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, 
and ...)
+       {DSA-4206-1}
        - gitlab 10.5.5+dfsg-1
        NOTE: 
https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
 CVE-2017-0919



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/07ed291acd4bd27abf5960b6dfa0fd316ced672e

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/07ed291acd4bd27abf5960b6dfa0fd316ced672e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to