Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
894e2a7b by Salvatore Bonaccorso at 2018-05-31T10:58:25+02:00
Add CVE-2018-11577/liblouis
- - - - -
60be1199 by Salvatore Bonaccorso at 2018-05-31T10:59:16+02:00
Process NFUs
- - - - -
270b9a3b by Salvatore Bonaccorso at 2018-05-31T10:59:28+02:00
Add two mahrara issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -15,7 +15,8 @@ CVE-2018-11579 (class-woo-banner-management.php in the
MULTIDOTS WooCommerce Cat
CVE-2018-11578 (GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a
...)
TODO: check
CVE-2018-11577 (Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in
logging.c. ...)
- TODO: check
+ - liblouis <unfixed>
+ NOTE: https://github.com/liblouis/liblouis/issues/582
CVE-2018-11576 (ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer
over-read in ...)
TODO: check
CVE-2018-11575 (ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer
overflow in ...)
@@ -25,21 +26,22 @@ CVE-2018-11574
CVE-2018-11573
RESERVED
CVE-2018-11572 (ClipperCMS 1.3.3 has XSS in the "Module name" field
in a "Modules -> ...)
- TODO: check
+ NOT-FOR-US: ClipperCMS
CVE-2018-11571 (ClipperCMS 1.3.3 allows Session Fixation. ...)
- TODO: check
+ NOT-FOR-US: ClipperCMS
CVE-2018-11570
RESERVED
CVE-2018-11569
RESERVED
CVE-2018-11568 (Reflected XSS is possible in the GamePlan theme through
1.5.13.2 for ...)
- TODO: check
+ NOT-FOR-US: GamePlan theme for WordPress
CVE-2018-11567 (Prior to 2018-04-27, the reprompt feature in Amazon Echo
devices could ...)
TODO: check
CVE-2018-11566
RESERVED
CVE-2018-11565 (Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04
before ...)
- TODO: check
+ - mahara <removed>
+ NOTE: https://bugs.launchpad.net/mahara/+bug/1772774
CVE-2018-11564
RESERVED
CVE-2018-11563
@@ -33945,7 +33947,8 @@ CVE-2017-1000143 (Mahara 1.8 before 1.8.7 and 1.9
before 1.9.5 and 1.10 before 1
CVE-2017-1000142 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before
1.10.3 ...)
- mahara <removed>
CVE-2017-1000141 (An issue was discovered in Mahara before 18.10.0. It
mishandled user ...)
- TODO: check
+ - mahara <removed>
+ NOTE: https://bugs.launchpad.net/mahara/+bug/1422492
CVE-2017-1000140 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before
1.10.3 ...)
- mahara <removed>
CVE-2017-1000139 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before
1.10.3 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/77d53de26f3ecfb71f3cb69d2d2ef8d0e30cdb8d...270b9a3b20fc7fab09bccaddf2dea697ac1ae1da
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/77d53de26f3ecfb71f3cb69d2d2ef8d0e30cdb8d...270b9a3b20fc7fab09bccaddf2dea697ac1ae1da
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
