[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Sun, 26 Aug 2018 13:11:04 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6c397dce by security tracker role at 2018-08-26T20:10:25Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2018-15887
+       RESERVED
+CVE-2018-15886
+       RESERVED
+CVE-2018-15885
+       RESERVED
+CVE-2018-15884
+       RESERVED
+CVE-2018-15883
+       RESERVED
+CVE-2018-15882
+       RESERVED
+CVE-2018-15881
+       RESERVED
+CVE-2018-15880
+       RESERVED
+CVE-2018-15879
+       RESERVED
+CVE-2018-15878
+       RESERVED
+CVE-2017-18345
+       RESERVED
 CVE-2018-XXXX [Multiple -dSAFER sandbox bypass vulnerabilities]
        - ghostscript <unfixed> (bug #907332)
        NOTE: https://www.kb.cert.org/vuls/id/332928
@@ -139,8 +161,8 @@ CVE-2018-15835
        RESERVED
 CVE-2018-15834
        RESERVED
-CVE-2018-15833
-       RESERVED
+CVE-2018-15833 (In Vanilla before 2.6.1, the polling functionality allows 
Insecure ...)
+       TODO: check
 CVE-2018-15832
        RESERVED
 CVE-2018-15831
@@ -3771,11 +3793,13 @@ CVE-2018-14348 (libcgroup up to and including 0.41 
creates /var/log/cgred with m
        NOTE: 
https://sourceforge.net/p/libcg/libcg/ci/0d88b73d189ea3440ccaab00418d6469f76fa590/
        NOTE: cgred not enabled by default, shipped example config logs to 
syslog by default
 CVE-2018-14347 (GNU Libextractor before 1.7 contains an infinite loop 
vulnerability in ...)
+       {DLA-1478-1}
        - libextractor <unfixed> (bug #904905)
        NOTE: 
http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00000.html
        NOTE: https://gnunet.org/bugs/view.php?id=5399
        NOTE: 
https://gnunet.org/git/libextractor.git/commit/?id=f033468cd36e2b8bf92d747fbd683b2ace8da394
 CVE-2018-14346 (GNU Libextractor before 1.7 has a stack-based buffer overflow 
in ...)
+       {DLA-1478-1}
        - libextractor <unfixed> (bug #904903)
        NOTE: 
http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html
        NOTE: 
https://gnunet.org/git/libextractor.git/commit/?id=ad19e7fe0adc99d5710eff1ed48d91a7b75a950e
@@ -219700,8 +219724,7 @@ CVE-2011-2769 (Tor before 0.2.2.34, when configured 
as a bridge, accepts the CRE
 CVE-2011-2768 (Tor before 0.2.2.34, when configured as a client or bridge, 
sends a ...)
        {DSA-2331-1}
        - tor 0.2.2.34-1
-CVE-2011-2767 [PerlOptions -Sections not permitted in server config; executes 
perl code in .htaccess files]
-       RESERVED
+CVE-2011-2767 (mod_perl 2.0 through 2.0.10 allows attackers to execute 
arbitrary Perl ...)
        - libapache2-mod-perl2 <unfixed> (bug #644169)
        NOTE: 
https://mail-archives.apache.org/mod_mbox/perl-modperl/201110.mbox/raw/%3C20111004084343.GA21290%40ktnx.net%3E
 CVE-2011-2766 (The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as 
used by ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6c397dcead5d81aff3cf2fd29c74544a79f73907

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6c397dcead5d81aff3cf2fd29c74544a79f73907
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to