Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e6763b74 by Moritz Muehlenhoff at 2018-06-29T12:36:20+02:00
add additional CVE ID fixed in firefox ESR, thanks pochu
- - - - -
7047d171 by Moritz Muehlenhoff at 2018-06-29T12:39:09+02:00
new libsoup issue
- - - - -
280ceef5 by Moritz Muehlenhoff at 2018-06-29T12:39:27+02:00
new binutils issue
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -108,7 +108,11 @@ CVE-2018-12936
CVE-2018-12935
RESERVED
CVE-2018-12934 (remember_Ktype in cplus-dem.c in GNU libiberty, as distributed
in GNU ...)
- TODO: check
+ - binutils <unfixed> (low)
+ [stretch] - binutils <ignored> (Minor issue)
+ [jessie] - binutils <ignored> (Minor issue)
+ NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453
+ NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23059
CVE-2018-12933 (PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows
attackers to ...)
TODO: check
CVE-2018-12932 (PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows
attackers to ...)
@@ -157,6 +161,8 @@ CVE-2018-12911
RESERVED
CVE-2018-12910
RESERVED
+ - libsoup2.4 2.62.2-2
+ NOTE:
https://gitlab.gnome.org/GNOME/libsoup/commit/db2b0d5809d5f8226d47312b40992cadbcde439f
CVE-2018-12909 (** DISPUTED ** Webgrind 1.5 relies on user input to display a
file, ...)
NOT-FOR-US: Webgrind
CVE-2018-12908 (Brynamics "Online Trade - Online trading and
cryptocurrency investment ...)
=====================================
data/DSA/list
=====================================
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -2,7 +2,7 @@
{CVE-2018-12891 CVE-2018-12892 CVE-2018-12893}
[stretch] - xen 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9
[27 Jun 2018] DSA-4235-1 firefox-esr - security update
- {CVE-2018-5156 CVE-2018-12359 CVE-2018-12360 CVE-2018-12362
CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366}
+ {CVE-2018-5156 CVE-2018-5188 CVE-2018-12359 CVE-2018-12360
CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366}
[stretch] - firefox-esr 52.9.0esr-1~deb9u1
[22 Jun 2018] DSA-4234-1 lava-server - security update
{CVE-2018-12564 CVE-2018-12565}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/7fcc4cc0e7b3a3b6f9b3ea9eff0871c32cf637c3...280ceef5b34041801b7db212996126507ea05ced
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/7fcc4cc0e7b3a3b6f9b3ea9eff0871c32cf637c3...280ceef5b34041801b7db212996126507ea05ced
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
