Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 2e892bcf by security tracker role at 2018-08-10T08:10:19Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1067,8 +1067,8 @@ CVE-2018-14737 (An issue was discovered in libpbc.a in cloudwu PBC through 2017- NOT-FOR-US: cloudwu PBC CVE-2018-14736 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...) NOT-FOR-US: cloudwu PBC -CVE-2018-14735 - RESERVED +CVE-2018-14735 (An Information Exposure issue was discovered in Hitachi Command Suite ...) + TODO: check CVE-2018-14733 RESERVED CVE-2018-14734 (drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 ...) @@ -10732,8 +10732,7 @@ CVE-2018-10933 RESERVED CVE-2018-10932 RESERVED -CVE-2018-10931 [CobblerXMLRPCInterface exports internal only functions over XMLRPC] - RESERVED +CVE-2018-10931 (It was found that cobbler 2.6.x exposed all functions from its ...) - cobbler <removed> NOTE: http://www.openwall.com/lists/oss-security/2018/08/09/9 CVE-2018-10930 @@ -10746,8 +10745,7 @@ CVE-2018-10927 RESERVED CVE-2018-10926 RESERVED -CVE-2018-10925 [Memory disclosure and missing authorization in INSERT ... ON CONFLICT DO UPDATE] - RESERVED +CVE-2018-10925 (It was discovered that PostgreSQL versions before 10.5, 9.6.10, ...) - postgresql-10 10.5-1 - postgresql-9.6 <removed> - postgresql-9.5 <removed> @@ -10780,8 +10778,7 @@ CVE-2018-10916 (It has been discovered that lftp up to and including version 4.8 [jessie] - lftp <no-dsa> (Minor issue) NOTE: https://github.com/lavv17/lftp/issues/452 NOTE: https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992 -CVE-2018-10915 [Certain host connection parameters defeat client-side security defenses] - RESERVED +CVE-2018-10915 (A vulnerability was found in libpq, the default PostgreSQL client ...) - postgresql-10 10.5-1 - postgresql-9.6 <removed> - postgresql-9.5 <removed> @@ -18986,8 +18983,8 @@ CVE-2018-7694 RESERVED CVE-2018-7693 RESERVED -CVE-2018-7692 - RESERVED +CVE-2018-7692 (Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 ...) + TODO: check CVE-2018-7691 RESERVED CVE-2018-7690 @@ -19004,8 +19001,8 @@ CVE-2018-7688 (A missing permission check in the review handling of openSUSE Ope NOTE: https://github.com/openSUSE/open-build-service/commit/b15cf19e9e01115f653c76ffdc8f54cd97566553 CVE-2018-7687 (The Micro Focus Client for OES before version 2 SP4 IR8a has a ...) NOT-FOR-US: Micro Focus Client for OES -CVE-2018-7686 - RESERVED +CVE-2018-7686 (Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 ...) + TODO: check CVE-2018-7685 RESERVED CVE-2018-7684 @@ -41152,8 +41149,8 @@ CVE-2018-0431 RESERVED CVE-2018-0430 RESERVED -CVE-2018-0429 - RESERVED +CVE-2018-0429 (Stack-based buffer overflow in the Cisco Thor decoder before commit ...) + TODO: check CVE-2018-0428 RESERVED CVE-2018-0427 @@ -69131,7 +69128,7 @@ CVE-2017-8048 (In Cloud Foundry capi-release versions 1.33.0 and later, prior to NOT-FOR-US: Cloud Foundry CVE-2017-8047 (In Cloud Foundry router routing-release all versions prior to v0.163.0 ...) NOT-FOR-US: Cloud Foundry -CVE-2017-8046 (Malicious PATCH requests submitted to spring-data-rest servers in ...) +CVE-2017-8046 (Malicious PATCH requests submitted to servers using Spring Data REST ...) NOT-FOR-US: Spring Data REST CVE-2017-8045 (In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an ...) NOT-FOR-US: Spring AMQP View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2e892bcf9063245964022f40c0472f2d05209bf6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2e892bcf9063245964022f40c0472f2d05209bf6 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits