Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
db8c028a by security tracker role at 2018-06-28T08:10:33+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,9 +1,55 @@
-CVE-2017-18342 [pyyaml load_yaml]
+CVE-2018-12927
+ RESERVED
+CVE-2018-12926
+ RESERVED
+CVE-2018-12925
+ RESERVED
+CVE-2018-12924
+ RESERVED
+CVE-2018-12923
+ RESERVED
+CVE-2018-12922
+ RESERVED
+CVE-2018-12921
+ RESERVED
+CVE-2018-12920
+ RESERVED
+CVE-2018-12919 (In CraftedWeb through 2013-09-24,
aasp_includes/pages/notice.php allows ...)
+ TODO: check
+CVE-2018-12918 (In libpbc.a in PBC through 2017-03-02, there is a Segmentation
fault in ...)
+ TODO: check
+CVE-2018-12917 (In libpbc.a in PBC through 2017-03-02, there is a heap-based
buffer ...)
+ TODO: check
+CVE-2018-12916 (In libpbc.a in PBC through 2017-03-02, there is a Segmentation
fault in ...)
+ TODO: check
+CVE-2018-12915 (In libpbc.a in PBC through 2017-03-02, there is a buffer
over-read in ...)
+ TODO: check
+CVE-2018-12914 (A remote code execution issue was discovered in PublicCMS ...)
+ TODO: check
+CVE-2018-12913 (In Miniz 2.0.7, tinfl_decompress in miniz_tinfl.c has an
infinite loop ...)
+ TODO: check
+CVE-2018-12912 (An issue wan discovered in admin\controllers\database.php in
HongCMS ...)
+ TODO: check
+CVE-2018-12911
+ RESERVED
+CVE-2018-12910
+ RESERVED
+CVE-2018-12909 (** DISPUTED ** Webgrind 1.5 relies on user input to display a
file, ...)
+ TODO: check
+CVE-2018-12908 (Brynamics "Online Trade - Online trading and
cryptocurrency investment ...)
+ TODO: check
+CVE-2018-12907 (In Rclone 1.42, use of "rclone sync" to migrate data
between two ...)
+ TODO: check
+CVE-2018-12906
+ RESERVED
+CVE-2018-12905 (joyplus-cms 1.6.0 has XSS in admin_player.php, related to ...)
+ TODO: check
+CVE-2017-18342 (In PyYAML before 4.1, the yaml.load() API could execute
arbitrary code. ...)
- pyyaml <unfixed> (unimportant)
NOTE: This is a well-known design deficiency in pyyaml, various CVE IDs
have been assigned
NOTE: to applications misusing the API over the years. The CVE ID was
assigned to raise
NOTE: awareness (and 4.1 now fixes the default behaviour as well)
-CVE-2018-12904 [KVM L1 guest escape]
+CVE-2018-12904 (In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when
nested ...)
- linux <unfixed>
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1589
NOTE:
https://github.com/torvalds/linux/commit/727ba748e110b4de50d142edca9d6a9b7e6111d8
@@ -32,14 +78,17 @@ CVE-2018-12894
RESERVED
CVE-2018-12893
RESERVED
+ {DSA-4236-1}
- xen <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-265.html
CVE-2018-12892
RESERVED
+ {DSA-4236-1}
- xen <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-266.html
CVE-2018-12891
RESERVED
+ {DSA-4236-1}
- xen <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-264.html
CVE-2018-12890
@@ -1004,8 +1053,8 @@ CVE-2018-12538 (In Eclipse Jetty versions 9.4.0 through
9.4.8, when using the op
CVE-2018-12537
RESERVED
NOT-FOR-US: Eclipse Vertx
-CVE-2018-12536
- RESERVED
+CVE-2018-12536 (In Eclipse Jetty Server, all 9.x versions, on webapps deployed
using ...)
+ TODO: check
CVE-2018-12535
RESERVED
CVE-2018-12534 (A SQL injection issue was discovered in the Quick Chat plugin
before ...)
@@ -1480,30 +1529,35 @@ CVE-2018-12367
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12367
CVE-2018-12366
RESERVED
+ {DSA-4235-1}
- firefox-esr 52.9.0esr-1
- firefox 61.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12366
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12366
CVE-2018-12365
RESERVED
+ {DSA-4235-1}
- firefox-esr 52.9.0esr-1
- firefox 61.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12365
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12365
CVE-2018-12364
RESERVED
+ {DSA-4235-1}
- firefox-esr 52.9.0esr-1
- firefox 61.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12364
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12364
CVE-2018-12363
RESERVED
+ {DSA-4235-1}
- firefox-esr 52.9.0esr-1
- firefox 61.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12363
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12363
CVE-2018-12362
RESERVED
+ {DSA-4235-1}
- firefox-esr 52.9.0esr-1
- firefox 61.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12362
@@ -1514,12 +1568,14 @@ CVE-2018-12361
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12361
CVE-2018-12360
RESERVED
+ {DSA-4235-1}
- firefox-esr 52.9.0esr-1
- firefox 61.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12360
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12360
CVE-2018-12359
RESERVED
+ {DSA-4235-1}
- firefox-esr 52.9.0esr-1
- firefox 61.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12359
@@ -1743,10 +1799,12 @@ CVE-2018-12267
CVE-2018-12266 (system\errors\404.php in HongCMS 3.0.0 has XSS via crafted
input that ...)
NOT-FOR-US: HongCMS
CVE-2018-12265 (Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class
in ...)
+ {DLA-1402-1}
- exiv2 <unfixed> (bug #901706)
NOTE: https://github.com/Exiv2/exiv2/issues/365
NOTE:
https://github.com/Exiv2/exiv2/commit/937a1a2bd067b8b3b787f3757089d972f3a39853
CVE-2018-12264 (Exiv2 0.26 has integer overflows in LoaderTiff::getData() in
...)
+ {DLA-1402-1}
- exiv2 <unfixed> (bug #901707)
NOTE: https://github.com/Exiv2/exiv2/issues/366
NOTE:
https://github.com/Exiv2/exiv2/commit/fe70939f54476e99046245ca69ff27012401f759
@@ -2284,6 +2342,7 @@ CVE-2018-12031 (Local file inclusion in Eaton Intelligent
Power Manager v1.6 all
CVE-2018-12030 (Chevereto Free before 1.0.13 has XSS. ...)
NOT-FOR-US: Chevereto Free
CVE-2018-12029 (A race condition in the nginx module in Phusion Passenger 3.x
through ...)
+ {DLA-1399-1}
- passenger <unfixed>
- ruby-passenger <removed>
NOTE:
https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes/
@@ -3548,6 +3607,7 @@ CVE-2018-11533
CVE-2018-11532 (An issue was discovered in the ChangUonDyU Advanced Statistics
plugin ...)
NOT-FOR-US: MyBB plugin
CVE-2018-11531 (Exiv2 0.26 has a heap-based buffer overflow in getData in
preview.cpp. ...)
+ {DLA-1402-1}
- exiv2 <unfixed>
NOTE: https://github.com/Exiv2/exiv2/issues/283
NOTE:
https://github.com/Exiv2/exiv2/commit/ed874703ad553338f973d537b8159d0eb4375cc4
@@ -4915,11 +4975,13 @@ CVE-2018-11001
CVE-2018-11000
RESERVED
CVE-2018-10999 (An issue was discovered in Exiv2 0.26. The ...)
+ {DLA-1402-1}
- exiv2 <unfixed>
NOTE: https://github.com/Exiv2/exiv2/issues/306
NOTE:
https://github.com/Exiv2/exiv2/commit/2fb00c8a16ce93756cddd70536e361a49369ba88
NOTE:
https://github.com/Exiv2/exiv2/commit/3ad0050469e6ea63b4081f2a88c264ce8ab55c51
CVE-2018-10998 (An issue was discovered in Exiv2 0.26. readMetadata in
jp2image.cpp ...)
+ {DLA-1402-1}
- exiv2 <unfixed>
NOTE: https://github.com/Exiv2/exiv2/issues/303
NOTE:
https://github.com/Exiv2/exiv2/commit/f4e8ed2fd48d012467b99552f0d6378302a23c75
@@ -5025,6 +5087,7 @@ CVE-2018-10960
CVE-2018-10959
RESERVED
CVE-2018-10958 (In types.cpp in Exiv2 0.26, a large size value may lead to a
SIGABRT ...)
+ {DLA-1402-1}
- exiv2 <unfixed>
NOTE: https://github.com/Exiv2/exiv2/issues/302
NOTE:
https://github.com/Exiv2/exiv2/commit/2fb00c8a16ce93756cddd70536e361a49369ba88
@@ -12232,8 +12295,7 @@ CVE-2018-8027
RESERVED
CVE-2018-8026
RESERVED
-CVE-2018-8025
- RESERVED
+CVE-2018-8025 (CVE-2018-8025 describes an issue in Apache HBase that affects
the ...)
NOT-FOR-US: Apache HBase
CVE-2018-8024
RESERVED
@@ -12256,6 +12318,7 @@ CVE-2018-8016
CVE-2018-8015 (In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger
an ...)
NOT-FOR-US: Apache ORC
CVE-2018-8014 (The defaults settings for the CORS filter provided in Apache
Tomcat ...)
+ {DLA-1400-1}
- tomcat9 <itp> (bug #802312)
- tomcat8 <unfixed> (bug #898935)
[stretch] - tomcat8 <no-dsa> (Minor issue; user expected to configure
filters appropriately)
@@ -20116,10 +20179,10 @@ CVE-2018-5530
RESERVED
CVE-2018-5529
RESERVED
-CVE-2018-5528
- RESERVED
-CVE-2018-5527
- RESERVED
+CVE-2018-5528 (Under certain conditions, TMM may restart and produce a core
file ...)
+ TODO: check
+CVE-2018-5527 (On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed
methods ...)
+ TODO: check
CVE-2018-5526 (Under certain conditions, on F5 BIG-IP ASM 13.1.0-13.1.0.5,
Behavioral ...)
NOT-FOR-US: F5 BIG-IP
CVE-2018-5525 (A local file vulnerability exists in the F5 BIG-IP
Configuration ...)
@@ -20298,12 +20361,12 @@ CVE-2018-5439 (A Command Injection issue was
discovered in Nortek Linear eMerge
NOT-FOR-US: Nortek Linear eMerge E3 series
CVE-2018-5438 (Philips ISCV application prior to version 2.3.0 has an
insufficient ...)
NOT-FOR-US: Philips ISCV application
-CVE-2018-5437
- RESERVED
-CVE-2018-5436
- RESERVED
-CVE-2018-5435
- RESERVED
+CVE-2018-5437 (The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client
...)
+ TODO: check
+CVE-2018-5436 (The Spotfire server component of TIBCO Software Inc.'s TIBCO
Spotfire ...)
+ TODO: check
+CVE-2018-5435 (The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client
...)
+ TODO: check
CVE-2018-5434 (The TIBCO Designer component of TIBCO Software Inc.'s TIBCO
Runtime ...)
NOT-FOR-US: TIBCO Runtime Agent
CVE-2018-5433 (The TIBCO Administrator server component of TIBCO Software
Inc.'s ...)
@@ -21178,6 +21241,7 @@ CVE-2018-5157 (Same-origin protections for the PDF
viewer can be bypassed, allow
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157
CVE-2018-5156
RESERVED
+ {DSA-4235-1}
- firefox-esr 52.9.0esr-1
- firefox 61.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12359
@@ -25169,7 +25233,7 @@ CVE-2017-17916 (** DISPUTED ** SQL injection
vulnerability in the 'find_by' meth
NOTE:
https://kay-malwarebenchmark.github.io/blog/ruby-on-rails-arbitrary-sql-injection/
NOTE: All of those methods accept arbitrary SQL by design.
CVE-2017-17915 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a
heap-based ...)
- {DLA-1231-1}
+ {DLA-1401-1 DLA-1231-1}
- graphicsmagick 1.3.27-3
NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/1721f1b7e67a
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/535/
@@ -25189,7 +25253,7 @@ CVE-2017-17913 (In GraphicsMagick 1.4 snapshot-20171217
Q8, there is a stack-bas
NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/6dda3c33f35f
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/536/
CVE-2017-17912 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a
heap-based ...)
- {DLA-1231-1}
+ {DLA-1401-1 DLA-1231-1}
- graphicsmagick 1.3.27-3
NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/0d871e813a4f
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/533/
@@ -25702,7 +25766,7 @@ CVE-2017-17783 (In GraphicsMagick 1.3.27a, there is a
buffer over-read in ReadPA
NOTE:
http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=60932931559a
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/529/
CVE-2017-17782 (In GraphicsMagick 1.3.27a, there is a heap-based buffer
over-read in ...)
- {DLA-1231-1}
+ {DLA-1401-1 DLA-1231-1}
- graphicsmagick 1.3.27-2 (bug #884905)
NOTE:
http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=8e3d2264109c
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/530/
@@ -30396,8 +30460,8 @@ CVE-2018-1555
RESERVED
CVE-2018-1554
RESERVED
-CVE-2018-1553
- RESERVED
+CVE-2018-1553 (IBM WebSphere Application Server Liberty prior to 18.0.0.2
could allow ...)
+ TODO: check
CVE-2018-1552
RESERVED
CVE-2018-1551
@@ -30416,8 +30480,8 @@ CVE-2018-1545
RESERVED
CVE-2018-1544 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect
Server) 9.7, ...)
NOT-FOR-US: IBM
-CVE-2018-1543
- RESERVED
+CVE-2018-1543 (IBM WebSphere MQ 8.0 and 9.0 could allow a remote attacker to
obtain ...)
+ TODO: check
CVE-2018-1542
RESERVED
CVE-2018-1541
@@ -30488,8 +30552,8 @@ CVE-2018-1509
RESERVED
CVE-2018-1508
RESERVED
-CVE-2018-1507
- RESERVED
+CVE-2018-1507 (IBM DOORS Next Generation (DNG/RRC) 6.0.5 is vulnerable to
cross-site ...)
+ TODO: check
CVE-2018-1506
RESERVED
CVE-2018-1505
@@ -30588,8 +30652,8 @@ CVE-2018-1459 (IBM DB2 for Linux, UNIX and Windows
(includes DB2 Connect Server)
NOT-FOR-US: IBM
CVE-2018-1458
RESERVED
-CVE-2018-1457
- RESERVED
+CVE-2018-1457 (An undisclosed vulnerability in IBM Rational DOORS 9.5.1
through ...)
+ TODO: check
CVE-2018-1456 (IBM Rhapsody DM 5.0 through 5.0.2 and 6.0 through 6.0.5 is
vulnerable ...)
NOT-FOR-US: IBM
CVE-2018-1455
@@ -31117,10 +31181,10 @@ CVE-2018-1357
RESERVED
CVE-2018-1356
RESERVED
-CVE-2018-1355
- RESERVED
-CVE-2018-1354
- RESERVED
+CVE-2018-1355 (An open redirect vulnerability in Fortinet FortiManager 6.0.0
and ...)
+ TODO: check
+CVE-2018-1354 (An improper access control vulnerability in Fortinet
FortiManager ...)
+ TODO: check
CVE-2018-1353
RESERVED
CVE-2018-1352
@@ -31352,22 +31416,22 @@ CVE-2017-17504 (ImageMagick before 7.0.7-12 has a
coders/png.c ...)
NOTE: ImageMagick-7:
https://github.com/ImageMagick/ImageMagick/commit/59c49559e302e06bfba46cb6feb4e39adbe675b6
NOTE: ImageMagick-7:
https://github.com/ImageMagick/ImageMagick/commit/fb89192c4ca1600741af79dd22166a7d91e76924
CVE-2017-17503 (ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a
...)
- {DLA-1231-1}
+ {DLA-1401-1 DLA-1231-1}
- graphicsmagick 1.3.27-1
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/460ef5e858ad
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/522/
CVE-2017-17502 (ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a
...)
- {DLA-1231-1}
+ {DLA-1401-1 DLA-1231-1}
- graphicsmagick 1.3.27-1
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/a9c425688397
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/521/
CVE-2017-17501 (WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has
a ...)
- {DLA-1231-1}
+ {DLA-1401-1 DLA-1231-1}
- graphicsmagick 1.3.27-1
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/5b8414c0d0c4
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/526/
CVE-2017-17500 (ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a
...)
- {DLA-1231-1}
+ {DLA-1401-1 DLA-1231-1}
- graphicsmagick 1.3.27-1
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/1366f2dd9931
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/523/
@@ -31380,7 +31444,7 @@ CVE-2017-17499 (ImageMagick before 6.9.9-24 and 7.x
before 7.0.7-12 has a ...)
NOTE: ImageMagick-6:
https://github.com/ImageMagick/ImageMagick/commit/dd96d671e4d5ae22c6894c302e8996c13f24c45a
NOTE:
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=33078&sid=5fbb164c3830293138917f9b14264ed1
CVE-2017-17498 (WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows
remote ...)
- {DLA-1231-1}
+ {DLA-1401-1 DLA-1231-1}
- graphicsmagick 1.3.27-1
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/f1c418ef0260
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/525/
@@ -31564,11 +31628,10 @@ CVE-2018-1308 (This vulnerability in Apache Solr 1.2
to 6.6.2 and 7.0.0 to 7.2.1
NOTE: branch_6_6:
http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/dd3be31f
CVE-2018-1307 (In Apache jUDDI 3.2 through 3.3.4, if using the WADL2Java or
WSDL2Java ...)
NOT-FOR-US: Apache juddi-client
-CVE-2018-1306
- RESERVED
+CVE-2018-1306 (The PortletV3AnnotatedDemo Multipart Portlet war file code
provided in ...)
NOT-FOR-US: Apache Portals Pluto
CVE-2018-1305 (Security constraints defined by annotations of Servlets in
Apache ...)
- {DLA-1301-1}
+ {DLA-1400-1 DLA-1301-1}
- tomcat9 <itp> (bug #802312)
- tomcat8 8.5.28-1
- tomcat8.0 <unfixed> (unimportant)
@@ -31582,7 +31645,7 @@ CVE-2018-1305 (Security constraints defined by
annotations of Servlets in Apache
NOTE: https://svn.apache.org/r1823322 (7.0.x)
NOTE: https://svn.apache.org/r1824360 (7.0.x)
CVE-2018-1304 (The URL pattern of "" (the empty string) which
exactly maps to the ...)
- {DLA-1301-1}
+ {DLA-1400-1 DLA-1301-1}
- tomcat9 <itp> (bug #802312)
- tomcat8 8.5.28-1
- tomcat8.0 <unfixed> (unimportant)
@@ -36832,8 +36895,8 @@ CVE-2017-16728 (An Untrusted Pointer Dereference issue
was discovered in Advante
NOT-FOR-US: Advantech WebAccess
CVE-2017-16727 (A Credentials Management issue was discovered in Moxa NPort
W2150A ...)
NOT-FOR-US: Moxa
-CVE-2017-16726
- RESERVED
+CVE-2017-16726 (Beckhoff TwinCAT supports communication over ADS. ADS is a
protocol ...)
+ TODO: check
CVE-2017-16725 (A Stack-based Buffer Overflow issue was discovered in Xiongmai
...)
NOT-FOR-US: Xiongmai Technology IP Cameras and DVRs
CVE-2017-16724 (A Stack-based Buffer Overflow issue was discovered in
Advantech ...)
@@ -36848,8 +36911,8 @@ CVE-2017-16720 (A Path Traversal issue was discovered
in WebAccess versions prio
NOT-FOR-US: Advantech WebAccess
CVE-2017-16719 (An Injection issue was discovered in Moxa NPort 5110 Version
2.2, NPort ...)
NOT-FOR-US: Moxa
-CVE-2017-16718
- RESERVED
+CVE-2017-16718 (Beckhoff TwinCAT 3 supports communication over ADS. ADS is a
protocol ...)
+ TODO: check
CVE-2017-16717 (A Heap-based Buffer Overflow issue was discovered in WECON
LeviStudio ...)
NOT-FOR-US: WECON LeviStudio HMI
CVE-2017-16716 (A SQL Injection issue was discovered in WebAccess versions
prior to ...)
@@ -36961,7 +37024,7 @@ CVE-2017-16671 (A Buffer Overflow issue was discovered
in Asterisk Open Source 1
CVE-2017-16670 (The project import functionality in SoapUI 5.3.0 allows remote
...)
NOT-FOR-US: SoapUI
CVE-2017-16669 (coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers
to cause ...)
- {DLA-1168-1}
+ {DLA-1401-1 DLA-1168-1}
- graphicsmagick 1.3.26-19 (bug #881391)
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/450/
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/135bdcb88b8d
@@ -37862,7 +37925,7 @@ CVE-2017-16355 (In agent/Core/SpawningKit/Spawner.h in
Phusion Passenger 5.1.10
CVE-2017-16354
RESERVED
CVE-2017-16353 (GraphicsMagick 1.3.26 is vulnerable to a memory information
disclosure ...)
- {DLA-1159-1}
+ {DLA-1401-1 DLA-1159-1}
- graphicsmagick 1.3.26-17
NOTE:
http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=e4e1c2a581d8
NOTE: https://blogs.securiteam.com/index.php/archives/3494
@@ -42895,7 +42958,7 @@ CVE-2017-14735 (OWASP AntiSamy before 1.5.7 allows XSS
via HTML5 entities, as ..
CVE-2017-14734 (The build_msps function in libbpg.c in libbpg 0.9.7 allows
remote ...)
NOT-FOR-US: libbpg
CVE-2017-14733 (ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26
mishandles RLE ...)
- {DLA-1130-1}
+ {DLA-1401-1 DLA-1130-1}
- graphicsmagick 1.3.26-13
NOTE:
http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=5381c71724e3
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/458/
@@ -44176,7 +44239,7 @@ CVE-2017-14316 (A parameter verification issue was
discovered in Xen through 4.9
CVE-2017-14315 (In Apple iOS 7 through 9, due to a BlueBorne flaw in the
implementation ...)
NOT-FOR-US: Apple
CVE-2017-14314 (Off-by-one error in the DrawImage function in magick/render.c
in ...)
- {DLA-1130-1}
+ {DLA-1401-1 DLA-1130-1}
- graphicsmagick 1.3.26-10
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/2835184bfb78
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/448/
@@ -47265,7 +47328,7 @@ CVE-2017-13135 (A NULL Pointer Dereference exists in
VideoLAN x265, as used in l
NOTE: https://bitbucket.org/multicoreware/x265/issues/385/cve-2017-13135
NOTE:
https://bitbucket.org/multicoreware/x265/commits/78c0f2c8ba087b38e291226a9555b4b4dab323a5/raw
CVE-2017-13134 (In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based
buffer ...)
- {DSA-4040-1 DSA-4032-1 DLA-1170-1 DLA-1081-1}
+ {DSA-4040-1 DSA-4032-1 DLA-1401-1 DLA-1170-1 DLA-1081-1}
- imagemagick 8:6.9.9.34+dfsg-3 (bug #873099)
- graphicsmagick 1.3.26-19 (bug #881524)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/670
@@ -47460,17 +47523,17 @@ CVE-2017-13066 (GraphicsMagick 1.3.26 has a memory
leak vulnerability in the fun
- graphicsmagick <unfixed> (unimportant)
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/430/
CVE-2017-13065 (GraphicsMagick 1.3.26 has a NULL pointer dereference
vulnerability in ...)
- {DLA-1082-1}
+ {DLA-1401-1 DLA-1082-1}
- graphicsmagick 1.3.26-7 (bug #873119)
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/435/
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a
CVE-2017-13064 (GraphicsMagick 1.3.26 has a heap-based buffer overflow
vulnerability in ...)
- {DLA-1082-1}
+ {DLA-1401-1 DLA-1082-1}
- graphicsmagick 1.3.26-7 (bug #873129)
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/436/
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a
CVE-2017-13063 (GraphicsMagick 1.3.26 has a heap-based buffer overflow
vulnerability in ...)
- {DLA-1082-1}
+ {DLA-1401-1 DLA-1082-1}
- graphicsmagick 1.3.26-7 (bug #873130)
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/434/
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a
@@ -47945,7 +48008,7 @@ CVE-2017-12938 (UnRAR before 5.5.7 allows remote
attackers to bypass a ...)
[wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/2
CVE-2017-12937 (The ReadSUNImage function in coders/sun.c in GraphicsMagick
1.3.26 has ...)
- {DLA-1082-1}
+ {DLA-1401-1 DLA-1082-1}
- graphicsmagick 1.3.26-6 (bug #872574)
NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/5
NOTE: Fixed by:
http://hg.code.sf.net/p/graphicsmagick/code/rev/95d00d55e978
@@ -49424,7 +49487,7 @@ CVE-2017-12617 (When running Apache Tomcat versions
9.0.0.M1 to 9.0.0, 8.5.0 to
NOTE: https://svn.apache.org/r1810026 (7.0.x)
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61542
CVE-2017-12616 (When using a VirtualDirContext with Apache Tomcat 7.0.0 to
7.0.80 it ...)
- {DLA-1108-1}
+ {DLA-1400-1 DLA-1108-1}
- tomcat7 7.0.72-3
NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
NOTE:
https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81
@@ -52095,7 +52158,7 @@ CVE-2017-11644 (When ImageMagick 7.0.6-1 processes a
crafted file in convert, it
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/a6802e21d824e786d1e2a8440cf749a6e1a8d95f
NOTE: ImageMagick-6:
https://github.com/ImageMagick/ImageMagick/commit/418f88dd18af34b6cb64f709567c81b89865d7bc
CVE-2017-11643 (GraphicsMagick 1.3.26 has a heap overflow in the
WriteCMYKImage() ...)
- {DLA-1045-1}
+ {DLA-1401-1 DLA-1045-1}
- graphicsmagick 1.3.26-4 (bug #870157)
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/d00b74315a71
CVE-2017-11642 (GraphicsMagick 1.3.26 has a NULL pointer dereference in the
...)
@@ -52127,7 +52190,7 @@ CVE-2017-11637 (GraphicsMagick 1.3.26 has a NULL
pointer dereference in the ...)
- graphicsmagick 1.3.26-4 (bug #870153)
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/f3ffc5541257
CVE-2017-11636 (GraphicsMagick 1.3.26 has a heap overflow in the
WriteRGBImage() ...)
- {DLA-1045-1}
+ {DLA-1401-1 DLA-1045-1}
- graphicsmagick 1.3.26-4 (bug #870149)
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/39961adf974c
CVE-2017-11635 (An issue was discovered on Wireless IP Camera 360 devices.
Attackers ...)
@@ -64277,7 +64340,7 @@ CVE-2017-7675 (The HTTP/2 implementation in Apache
Tomcat 9.0.0.M1 to 9.0.0.M21
NOTE: Fixed by: http://svn.apache.org/r1796091 (8.5.x)
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61120
CVE-2017-7674 (The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0
to ...)
- {DSA-3974-1}
+ {DSA-3974-1 DLA-1400-1}
- tomcat9 <itp> (bug #802312)
- tomcat8 8.5.16-1
- tomcat7 7.0.72-3
@@ -65161,8 +65224,7 @@ CVE-2017-7466 (Ansible before version 2.3 has an input
validation vulnerability
- ansible 2.2.1.0-2
[jessie] - ansible <not-affected> (Vulnerable code not present)
NOTE:
https://github.com/ansible/ansible/commit/0d418789a298561fded9bce977d34babc9097079
(v2.3.0.0-0.1.rc1)
-CVE-2017-7465
- RESERVED
+CVE-2017-7465 (It was found that the JAXP implementation used in JBoss EAP 7.0
for ...)
NOT-FOR-US: JBoss JAXP
CVE-2017-7464
RESERVED
@@ -65297,8 +65359,10 @@ CVE-2016-10318 (A missing authorization check in the
fscrypt_process_policy func
[jessie] - linux <not-affected> (Vulnerable code not present)
[wheezy] - linux <not-affected> (Vulnerable code not present)
CVE-2017-7414 (In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail
Edition ...)
+ {DLA-1398-1}
- php-horde-crypt 2.7.5-2 (bug #859635)
CVE-2017-7413 (In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail
Edition ...)
+ {DLA-1398-1}
- php-horde-crypt 2.7.5-2 (bug #859635)
CVE-2017-7412 (NixOS 17.03 before 17.03.887 has a world-writable Docker
socket, which ...)
NOT-FOR-US: NixOS specific Docker issue
@@ -92805,7 +92869,7 @@ CVE-2016-7450 (The ff_log2_16bit_c function in
libavutil/intmath.h in FFmpeg bef
- ffmpeg 7:3.1.4-1 (bug #840434)
NOTE:
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/ac8ac46641adef208485baebc3734463bf0bd266
(n3.1.4)
CVE-2016-7449 (The TIFFGetField function in coders/tiff.c in GraphicsMagick
1.3.24 ...)
- {DLA-651-1}
+ {DLA-1401-1 DLA-651-1}
- graphicsmagick 1.3.25-1
NOTE: The scope of the CVE is for all of these reported TIFF problems.
NOTE: The ultimate vulnerability was use of:
@@ -92817,16 +92881,16 @@ CVE-2016-7449 (The TIFFGetField function in
coders/tiff.c in GraphicsMagick 1.3.
NOTE:
https://blogs.gentoo.org/ago/2016/09/07/graphicsmagick-null-pointer-dereference-in-magickstrlcpy-utility-c/
NOTE: Fixed by
http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/eb58028dacf5
CVE-2016-7448 (The Utah RLE reader in GraphicsMagick before 1.3.25 allows
remote ...)
- {DLA-683-1}
+ {DLA-1401-1 DLA-683-1}
- graphicsmagick 1.3.25-1
NOTE: Fixed by
http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/30043afadb10
NOTE: Fixed by
http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d972c761b55d
CVE-2016-7447 (Heap-based buffer overflow in the EscapeParenthesis function in
...)
- {DLA-651-1}
+ {DLA-1401-1 DLA-651-1}
- graphicsmagick 1.3.25-1
NOTE: Fixed by
http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d580e3c3c034
CVE-2016-7446 (Buffer overflow in the MVG and SVG rendering code in
GraphicsMagick ...)
- {DLA-651-1}
+ {DLA-1401-1 DLA-651-1}
- graphicsmagick 1.3.25-1
NOTE: For the http://www.graphicsmagick.org/NEWS.html#september-5-2016
case
NOTE: which remained present in the 1.3.24 release (and was not fixed
until 1.3.25)
@@ -100472,7 +100536,7 @@ CVE-2016-5242 (The p2m_teardown function in
arch/arm/p2m.c in Xen 4.4.x through
[wheezy] - xen <not-affected> (arm not supported)
NOTE: http://xenbits.xen.org/xsa/advisory-181.html
CVE-2016-5241 (magick/render.c in GraphicsMagick before 1.3.24 allows remote
...)
- {DLA-547-1}
+ {DLA-1401-1 DLA-547-1}
- graphicsmagick 1.3.24-1
NOTE: Fixed by:
http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/8d175c4edfe7
CVE-2016-5240 (The DrawDashPolygon function in magick/render.c in
GraphicsMagick ...)
@@ -105338,17 +105402,17 @@ CVE-2016-3720 (XML external entity (XXE)
vulnerability in XmlMapper in the Data
CVE-2016-3719
REJECTED
CVE-2016-3718 (The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10
and 7.x ...)
- {DSA-3580-1 DLA-486-1 DLA-484-1}
+ {DSA-3580-1 DLA-1401-1 DLA-486-1 DLA-484-1}
- imagemagick 8:6.9.6.2+dfsg-2
- graphicsmagick 1.3.24-1
NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
CVE-2016-3717 (The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before
7.0.1-1 ...)
- {DSA-3580-1 DLA-486-1 DLA-484-1}
+ {DSA-3580-1 DLA-1401-1 DLA-486-1 DLA-484-1}
- imagemagick 8:6.9.6.2+dfsg-2
- graphicsmagick 1.3.24-1
NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
CVE-2016-3716 (The MSL coder in ImageMagick before 6.9.3-10 and 7.x before
7.0.1-1 ...)
- {DSA-3580-1 DLA-486-1 DLA-484-1}
+ {DSA-3580-1 DLA-1401-1 DLA-486-1 DLA-484-1}
- imagemagick 8:6.9.6.2+dfsg-2
- graphicsmagick 1.3.24-1
NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
@@ -120656,7 +120720,7 @@ CVE-2015-7521 (The authorization framework in Apache
Hive 1.0.0, 1.0.1, 1.1.0, 1
CVE-2015-7520 (Multiple cross-site scripting (XSS) vulnerabilities in the (1)
...)
NOT-FOR-US: Apache Wicket
CVE-2015-7519 (agent/Core/Controller/SendRequest.cpp in Phusion Passenger
before ...)
- {DLA-394-1}
+ {DLA-1399-1 DLA-394-1}
- passenger 5.0.22-1 (bug #807354)
- ruby-passenger <removed> (bug #864651)
[wheezy] - ruby-passenger <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/db8c028abdb247925239b0ac4523b491d6b43591
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/db8c028abdb247925239b0ac4523b491d6b43591
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
