Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9fd08300 by security tracker role at 2018-07-25T08:10:16+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,9 @@
+CVE-2018-14596 (wancms 1.0 through 5.0 allows remote attackers to cause a
denial of ...)
+ TODO: check
+CVE-2018-14595
+ RESERVED
+CVE-2018-14594
+ RESERVED
CVE-2018-14593
RESERVED
CVE-2018-14592
@@ -440,6 +446,7 @@ CVE-2017-18343 (** DISPUTED ** The debug handler in Symfony
before v2.7.33, 2.8.
NOTE: https://github.com/symfony/symfony/issues/27987
NOTE: https://github.com/symfony/symfony/pull/23684
CVE-2016-10727 (camel/providers/imapx/camel-imapx-server.c in the IMAPx
component in ...)
+ {DLA-1443-1}
- evolution-data-server 3.22.0-2
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1334842
NOTE:
https://gitlab.gnome.org/GNOME/evolution-data-server/commit/f26a6f67
@@ -1954,6 +1961,7 @@ CVE-2018-13799
CVE-2018-13798
RESERVED
CVE-2018-13796 (Unspecified vulnerability in Mailman before 2.1.28 has unknown
impact ...)
+ {DLA-1442-1}
- mailman <unfixed> (bug #903674)
[stretch] - mailman <no-dsa> (Minor issue)
NOTE: Fixed in 2.1.28
@@ -4554,6 +4562,7 @@ CVE-2018-1000552 (Trovebox version <= 4.0.0-rc6
contains a SQL Injection vuln
CVE-2018-1000551 (Trovebox version <= 4.0.0-rc6 contains a PHP Type
juggling ...)
NOT-FOR-US: Trovebox
CVE-2018-1000550 (The Sympa Community Sympa version prior to version 6.2.32
contains a ...)
+ {DLA-1441-1}
- sympa 6.2.32~dfsg-1
NOTE: https://sympa-community.github.io/security/2018-001.html
CVE-2018-1000549 (Wekan version 1.04.0 contains a Email / Username Enumeration
...)
@@ -9236,8 +9245,7 @@ CVE-2018-10908
RESERVED
CVE-2018-10907
RESERVED
-CVE-2018-10906 [Restriction bypass of the "allow_other" option when SELinux is
active]
- RESERVED
+CVE-2018-10906 (In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount
is ...)
- fuse3 <itp> (bug #904216)
- fuse 2.9.8-1 (bug #904439)
NOTE: https://github.com/libfuse/libfuse/pull/268
@@ -9425,6 +9433,7 @@ CVE-2018-10861 (A flaw was found in the way ceph mon
handles user requests. Any
NOTE: http://tracker.ceph.com/issues/24838
NOTE:
https://github.com/ceph/ceph/commit/975528f632f73fbffa3f1fee304e3bbe3296cffc
CVE-2018-10860 (perl-archive-zip is vulnerable to a directory traversal in ...)
+ {DLA-1440-1}
- libarchive-zip-perl <unfixed> (bug #902882)
NOTE: https://github.com/redhotpenguin/perl-Archive-Zip/pull/33
NOTE:
https://github.com/redhotpenguin/perl-Archive-Zip/commit/95e1df86327
@@ -38796,7 +38805,7 @@ CVE-2018-0619
RESERVED
CVE-2018-0618
RESERVED
- {DSA-4246-1}
+ {DSA-4246-1 DLA-1442-1}
- mailman 1:2.1.27-1
NOTE:
https://mail.python.org/pipermail/mailman-announce/2018-June/000236.html
NOTE: https://launchpad.net/mailman/+milestone/2.1.27
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9fd083005f1e3b62da0d93934df76ba753cd02b9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9fd083005f1e3b62da0d93934df76ba753cd02b9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
