Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d2f92f8e by security tracker role at 2018-07-30T08:10:16Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -433,10 +433,12 @@ CVE-2018-1999014 (FFmpeg before commit
bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75
- libav <undetermined>
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/bab0716c7f4793ec42e05a5aa7e80d82a0dd4e7
CVE-2018-1999013 (FFmpeg before commit
a7e032a277452366771951e29fd0bf2bd5c029f0 contains ...)
+ {DSA-4249-1}
- ffmpeg 7:4.0.2-1
- libav <undetermined>
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/a7e032a277452366771951e29fd0bf2bd5c029f
CVE-2018-1999012 (FFmpeg before commit
9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains ...)
+ {DSA-4249-1}
- ffmpeg 7:4.0.2-1
- libav <undetermined>
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/9807d3976be0e92e4ece3b4b1701be894cd7c2e
@@ -446,6 +448,7 @@ CVE-2018-1999011 (FFmpeg before commit
2b46ebdbff1d8dec7a3d8ea280a612b91a582869
- libav <undetermined>
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/2b46ebdbff1d8dec7a3d8ea280a612b91a58286
CVE-2018-1999010 (FFmpeg before commit
cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains ...)
+ {DSA-4249-1}
- ffmpeg 7:4.0.2-1
- libav <undetermined>
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/cced03dd667a5df6df8fd40d8de0bff477ee02e
@@ -878,10 +881,12 @@ CVE-2018-14397
CVE-2018-14396
RESERVED
CVE-2018-14395 (libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers
to cause a ...)
+ {DSA-4258-1}
- ffmpeg 7:4.0.2-1
- libav <undetermined>
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/fa19fbcf712a6a6cc5a5cfdc3254a97b9bce6582
CVE-2018-14394 (libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers
to cause a ...)
+ {DSA-4249-1}
- ffmpeg 7:4.0.2-1
- libav <undetermined>
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/3a2d21bc5f97aa0161db3ae731fc2732be6108b8
@@ -4333,7 +4338,7 @@ CVE-2018-12896 (An issue was discovered in the Linux
kernel through 4.17.3. An I
NOTE: https://github.com/lcytxw/bug_repro/tree/master/bug_200189
NOTE:
https://github.com/torvalds/linux/commit/78c9c4dfbf8c04883941445a195276bb4bb92c76
CVE-2018-12895 (WordPress through 4.9.6 allows Author users to execute
arbitrary code ...)
- {DSA-4250-1}
+ {DSA-4250-1 DLA-1452-1}
- wordpress 4.9.7+dfsg1-1 (bug #902876)
NOTE:
https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/
NOTE:
https://github.com/WordPress/WordPress/commit/c9dce0606b0d7e6f494d4abe7b193ac046a322cd
@@ -16849,6 +16854,7 @@ CVE-2018-8035
RESERVED
CVE-2018-8034 [host name verification missing in WebSocket client]
RESERVED
+ {DLA-1453-1}
- tomcat9 <itp> (bug #802312)
- tomcat8 8.5.32-1
- tomcat8.0 <unfixed> (unimportant)
@@ -103398,7 +103404,7 @@ CVE-2016-5837 (WordPress before 4.5.3 allows remote
attackers to bypass intended
NOTE: Upstream bug: https://core.trac.wordpress.org/ticket/36379
NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37781
CVE-2016-5836 (The oEmbed protocol implementation in WordPress before 4.5.3
allows ...)
- {DLA-633-1}
+ {DLA-1452-1 DLA-633-1}
- wordpress 4.5.3+dfsg-1
NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
NOTE: Upstream ticket: https://core.trac.wordpress.org/ticket/36767
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d2f92f8e75ea9d51b217a83ca06d404d84931192
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d2f92f8e75ea9d51b217a83ca06d404d84931192
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
