Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6388f97a by security tracker role at 2018-06-06T20:10:23+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,5 @@
+CVE-2018-1000203 (Soar Labs Soar Coin version up to and including git commit
...)
+ TODO: check
CVE-2018-11814
RESERVED
CVE-2018-11813 (libjpeg 9c has a large loop because read_pixel in rdtarga.c
mishandles ...)
@@ -9151,7 +9153,7 @@ CVE-2018-8095
CVE-2018-1000128
REJECTED
CVE-2018-1000127 (memcached version prior to 1.4.37 contains an Integer
Overflow ...)
- {DLA-1329-1}
+ {DSA-4218-1 DLA-1329-1}
- memcached 1.5.0-1 (bug #894404)
NOTE:
https://github.com/memcached/memcached/commit/a8c4a82787b8b6c256d61bd5c42fb7f92d1bae00
NOTE: https://github.com/memcached/memcached/issues/271
@@ -10395,6 +10397,7 @@ CVE-2018-1000119 (Sinatra rack-protection versions
1.5.4 and 2.0.0.rc3 and earli
NOTE: https://snyk.io/vuln/SNYK-RUBY-RACKPROTECTION-20395
NOTE:
https://github.com/sinatra/sinatra/commit/8aa6c42ef724f93ae309fb7c5668e19ad547eceb
CVE-2018-1000115 (Memcached version 1.5.5 contains an Insufficient Control of
Network ...)
+ {DSA-4218-1}
- memcached 1.5.6-1
[wheezy] - memcached <no-dsa> (Minor issue; Debian defaults to listen
only on localhost)
NOTE: Upstream 1.5.6 disables by default the UDP protocol
@@ -27707,8 +27710,8 @@ CVE-2018-1458
RESERVED
CVE-2018-1457
RESERVED
-CVE-2018-1456
- RESERVED
+CVE-2018-1456 (IBM Rhapsody DM 5.0 through 5.0.2 and 6.0 through 6.0.5 is
vulnerable ...)
+ TODO: check
CVE-2018-1455
RESERVED
CVE-2018-1454 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could
allow a ...)
@@ -52500,7 +52503,7 @@ CVE-2017-9953 (There is an invalid free in
Image::printIFDStructure that leads t
CVE-2017-9952
RESERVED
CVE-2017-9951 (The try_read_command function in memcached.c in memcached
before 1.4.39 ...)
- {DLA-1033-1}
+ {DSA-4218-1 DLA-1033-1}
- memcached 1.5.0-1 (bug #868701)
NOTE:
https://www.twistlock.com/2017/07/13/cve-2017-9951-heap-overflow-memcached-server-1-4-38-twistlock-vulnerability-report/
NOTE:
https://github.com/memcached/memcached/commit/328629445c71e6c17074f6e9e0e3ef585b58f167
@@ -79869,20 +79872,20 @@ CVE-2017-1482 (IBM Sterling B2B Integrator Standard
Edition 5.2 is vulnerable to
NOT-FOR-US: IBM
CVE-2017-1481 (IBM Sterling B2B Integrator Standard Edition 5.2 allows a user
to view ...)
NOT-FOR-US: IBM
-CVE-2017-1480
- RESERVED
+CVE-2017-1480 (IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6,
and 9.0.0 ...)
+ TODO: check
CVE-2017-1479
RESERVED
CVE-2017-1478 (IBM Security Access Manager Appliance 9.0.0 allows web pages to
be ...)
NOT-FOR-US: IBM Security Access Manager Appliance
CVE-2017-1477 (IBM Security Access Manager Appliance 9.0.3 is vulnerable to a
XML ...)
NOT-FOR-US: IBM
-CVE-2017-1476
- RESERVED
+CVE-2017-1476 (IBM Security Access Manager Appliance 7.0.0, 8.0.0 through
8.0.1.6, ...)
+ TODO: check
CVE-2017-1475
RESERVED
-CVE-2017-1474
- RESERVED
+CVE-2017-1474 (IBM Security Access Manager Appliance 7.0.0, 8.0.0 through
8.0.1.6, ...)
+ TODO: check
CVE-2017-1473 (IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6 and
9.0.0 ...)
NOT-FOR-US: IBM
CVE-2017-1472
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6388f97a3d17c5eded4dd942d57d91f0f4951180
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6388f97a3d17c5eded4dd942d57d91f0f4951180
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
