Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bf49465c by security tracker role at 2018-06-22T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,21 @@
+CVE-2018-12637
+ RESERVED
+CVE-2018-12636
+ RESERVED
+CVE-2018-12635 (CirCarLife Scada v4.2.4 allows unauthorized upgrades via
requests to ...)
+ TODO: check
+CVE-2018-12634 (CirCarLife Scada v4.2.4 allows remote attackers to obtain
sensitive ...)
+ TODO: check
+CVE-2018-12633 (An issue was discovered in the Linux kernel through 4.17.2.
...)
+ TODO: check
+CVE-2018-12632 (Redatam7 (formerly Redatam WebServer) allows remote attackers
to ...)
+ TODO: check
+CVE-2018-12631 (Redatam7 (formerly Redatam WebServer) allows remote attackers
to read ...)
+ TODO: check
+CVE-2018-12630 (NEWMARK (aka New Mark) NMCMS 2.1 allows SQL Injection via the
sect_id ...)
+ TODO: check
+CVE-2018-12629
+ RESERVED
CVE-2018-12628
RESERVED
CVE-2018-12627
@@ -33,8 +51,8 @@ CVE-2018-12615 (An issue was discovered in switchGroup() in
...)
NOTE:
https://github.com/phusion/passenger/commit/4e97fdb86d0a0141ec9a052c6e691fcd07bb45c8
CVE-2018-12614
RESERVED
-CVE-2018-12613
- RESERVED
+CVE-2018-12613 (An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in
which an ...)
+ TODO: check
CVE-2018-12612
RESERVED
CVE-2018-12611
@@ -67,11 +85,13 @@ CVE-2018-12601 (There is a heap-based buffer overflow in
ReadImage in input-tga.
- sam2p <removed>
NOTE: https://github.com/pts/sam2p/issues/41
CVE-2018-12600 (In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in
...)
+ {DLA-1394-1}
- imagemagick <unfixed>
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1178
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/921f208c2ea3cc45847f380257f270ff424adfff
NOTE: ImageMagick6:
https://github.com/ImageMagick/ImageMagick6/commit/ae71c12bbaa34d942e036824ff389c22b7dacade
CVE-2018-12599 (In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in
...)
+ {DLA-1394-1}
- imagemagick <unfixed>
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1177
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/ae04fa4be910255e5d363edebd77adeee99a525d
@@ -110,8 +130,8 @@ CVE-2018-12583 (An issue was discovered in AKCMS 6.1. CSRF
can delete an article
NOT-FOR-US: AKCMS
CVE-2018-12582 (An issue was discovered in AKCMS 6.1. CSRF can add an admin
account via ...)
NOT-FOR-US: AKCMS
-CVE-2018-12581
- RESERVED
+CVE-2018-12581 (An issue was discovered in js/designer/move.js in phpMyAdmin
before ...)
+ TODO: check
CVE-2018-12580 (library/DBTech/Security/Action/Sessions.php in DragonByte
vBSecurity ...)
NOT-FOR-US: DragonByte vBSecurity for vBulletin
CVE-2018-12579
@@ -3465,7 +3485,7 @@ CVE-2018-11253
CVE-2018-11252
RESERVED
CVE-2018-11251 (In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a
heap-based ...)
- {DLA-1381-1}
+ {DLA-1394-1 DLA-1381-1}
- imagemagick 8:6.9.9.39+dfsg-1
NOTE: https://github.com/ImageMagick/ImageMagick/issues/956
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/73fbc6a557b4f63af18b2debe83f817859ef7481
@@ -24031,8 +24051,7 @@ CVE-2018-3667
RESERVED
CVE-2018-3666
RESERVED
-CVE-2018-3665 [speculative register leakage from lazy FPU context switching]
- RESERVED
+CVE-2018-3665 (System software utilizing Lazy FP state restore technique on
systems ...)
{DSA-4232-1}
- linux 4.6.1-1
- xen <unfixed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bf49465c10298637f01e58b6d5406bd12651d6bd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bf49465c10298637f01e58b6d5406bd12651d6bd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
