[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Fri, 10 Aug 2018 01:10:45 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2e892bcf by security tracker role at 2018-08-10T08:10:19Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1067,8 +1067,8 @@ CVE-2018-14737 (An issue was discovered in libpbc.a in 
cloudwu PBC through 2017-
        NOT-FOR-US: cloudwu PBC
 CVE-2018-14736 (An issue was discovered in libpbc.a in cloudwu PBC through 
2017-03-02. ...)
        NOT-FOR-US: cloudwu PBC
-CVE-2018-14735
-       RESERVED
+CVE-2018-14735 (An Information Exposure issue was discovered in Hitachi 
Command Suite ...)
+       TODO: check
 CVE-2018-14733
        RESERVED
 CVE-2018-14734 (drivers/infiniband/core/ucma.c in the Linux kernel through 
4.17.11 ...)
@@ -10732,8 +10732,7 @@ CVE-2018-10933
        RESERVED
 CVE-2018-10932
        RESERVED
-CVE-2018-10931 [CobblerXMLRPCInterface exports internal only functions over 
XMLRPC]
-       RESERVED
+CVE-2018-10931 (It was found that cobbler 2.6.x exposed all functions from its 
...)
        - cobbler <removed>
        NOTE: http://www.openwall.com/lists/oss-security/2018/08/09/9
 CVE-2018-10930
@@ -10746,8 +10745,7 @@ CVE-2018-10927
        RESERVED
 CVE-2018-10926
        RESERVED
-CVE-2018-10925 [Memory disclosure and missing authorization in INSERT ... ON 
CONFLICT DO UPDATE]
-       RESERVED
+CVE-2018-10925 (It was discovered that PostgreSQL versions before 10.5, 
9.6.10, ...)
        - postgresql-10 10.5-1
        - postgresql-9.6 <removed>
        - postgresql-9.5 <removed>
@@ -10780,8 +10778,7 @@ CVE-2018-10916 (It has been discovered that lftp up to 
and including version 4.8
        [jessie] - lftp <no-dsa> (Minor issue)
        NOTE: https://github.com/lavv17/lftp/issues/452
        NOTE: 
https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992
-CVE-2018-10915 [Certain host connection parameters defeat client-side security 
defenses]
-       RESERVED
+CVE-2018-10915 (A vulnerability was found in libpq, the default PostgreSQL 
client ...)
        - postgresql-10 10.5-1
        - postgresql-9.6 <removed>
        - postgresql-9.5 <removed>
@@ -18986,8 +18983,8 @@ CVE-2018-7694
        RESERVED
 CVE-2018-7693
        RESERVED
-CVE-2018-7692
-       RESERVED
+CVE-2018-7692 (Unvalidated redirect vulnerability in in NetIQ eDirectory 
before 9.1.1 ...)
+       TODO: check
 CVE-2018-7691
        RESERVED
 CVE-2018-7690
@@ -19004,8 +19001,8 @@ CVE-2018-7688 (A missing permission check in the review 
handling of openSUSE Ope
        NOTE: 
https://github.com/openSUSE/open-build-service/commit/b15cf19e9e01115f653c76ffdc8f54cd97566553
 CVE-2018-7687 (The Micro Focus Client for OES before version 2 SP4 IR8a has a 
...)
        NOT-FOR-US: Micro Focus Client for OES
-CVE-2018-7686
-       RESERVED
+CVE-2018-7686 (Information leakage vulnerability in NetIQ eDirectory before 
9.1.1 HF1 ...)
+       TODO: check
 CVE-2018-7685
        RESERVED
 CVE-2018-7684
@@ -41152,8 +41149,8 @@ CVE-2018-0431
        RESERVED
 CVE-2018-0430
        RESERVED
-CVE-2018-0429
-       RESERVED
+CVE-2018-0429 (Stack-based buffer overflow in the Cisco Thor decoder before 
commit ...)
+       TODO: check
 CVE-2018-0428
        RESERVED
 CVE-2018-0427
@@ -69131,7 +69128,7 @@ CVE-2017-8048 (In Cloud Foundry capi-release versions 
1.33.0 and later, prior to
        NOT-FOR-US: Cloud Foundry
 CVE-2017-8047 (In Cloud Foundry router routing-release all versions prior to 
v0.163.0 ...)
        NOT-FOR-US: Cloud Foundry
-CVE-2017-8046 (Malicious PATCH requests submitted to spring-data-rest servers 
in ...)
+CVE-2017-8046 (Malicious PATCH requests submitted to servers using Spring Data 
REST ...)
        NOT-FOR-US: Spring Data REST
 CVE-2017-8045 (In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 
1.5.7, an ...)
        NOT-FOR-US: Spring AMQP



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2e892bcf9063245964022f40c0472f2d05209bf6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2e892bcf9063245964022f40c0472f2d05209bf6
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to