[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Fri, 31 Aug 2018 13:10:42 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
497d988e by security tracker role at 2018-08-31T20:10:23Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,16 @@
-CVE-2018-16276 [USB: yurex: fix out-of-bounds uaccess in read handler]
+CVE-2018-16281
+       RESERVED
+CVE-2018-16280
+       RESERVED
+CVE-2018-16279
+       RESERVED
+CVE-2018-16278 (phpkaiyuancms PhpOpenSourceCMS (POSCMS) V3.2.0 allows an ...)
+       TODO: check
+CVE-2018-16277
+       RESERVED
+CVE-2018-16275 (OPSWAT MetaDefender before v4.11.2 allows CSV injection. ...)
+       TODO: check
+CVE-2018-16276 (An issue was discovered in yurex_read in 
drivers/usb/misc/yurex.c in ...)
        - linux 4.17.8-1
        NOTE: Fixed by: 
https://git.kernel.org/linus/f1e255d60ae66a9f672ff9a207ee6cd8e33d2679 (4.18-rc5)
 CVE-2018-16274
@@ -12947,14 +12959,14 @@ CVE-2018-11059 (RSA Archer, versions prior to 
6.4.0.1, contain a stored cross-si
        NOT-FOR-US: RSA Archer
 CVE-2018-11058
        RESERVED
-CVE-2018-11057
-       RESERVED
-CVE-2018-11056
-       RESERVED
-CVE-2018-11055
-       RESERVED
-CVE-2018-11054
-       RESERVED
+CVE-2018-11057 (RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 
4.0.x) and ...)
+       TODO: check
+CVE-2018-11056 (RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), 
and RSA ...)
+       TODO: check
+CVE-2018-11055 (RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 
4.0.x) and ...)
+       TODO: check
+CVE-2018-11054 (RSA BSAFE Micro Edition Suite, version 4.1.6, contains an 
integer ...)
+       TODO: check
 CVE-2018-11053 (Dell EMC iDRAC Service Module for all supported Linux and 
XenServer ...)
        NOT-FOR-US: Dell
 CVE-2018-11052 (Dell EMC ECS versions 3.2.0.0 and 3.2.0.1 contain an 
authentication ...)
@@ -21617,8 +21629,8 @@ CVE-2018-7687 (The Micro Focus Client for OES before 
version 2 SP4 IR8a has a ..
        NOT-FOR-US: Micro Focus Client for OES
 CVE-2018-7686 (Information leakage vulnerability in NetIQ eDirectory before 
9.1.1 HF1 ...)
        NOT-FOR-US: NetIQ eDirectory
-CVE-2018-7685
-       RESERVED
+CVE-2018-7685 (The decoupled download and installation steps in libzypp before 
17.5.0 ...)
+       TODO: check
 CVE-2018-7684
        RESERVED
 CVE-2018-7683 (Micro Focus Solutions Business Manager versions prior to 11.4 
might ...)
@@ -33354,8 +33366,8 @@ CVE-2018-3789
        RESERVED
 CVE-2018-3788
        RESERVED
-CVE-2018-3787
-       RESERVED
+CVE-2018-3787 (Path traversal in simplehttpserver &lt;v0.2.1 allows listing 
any file on ...)
+       TODO: check
 CVE-2018-3786 (A command injection vulnerability in egg-scripts &lt;v2.8.1 
allows ...)
        NOT-FOR-US: egg-scripts
 CVE-2018-3785 (A command injection in git-dummy-commit v1.3.0 allows os level 
...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/497d988e16bb44820a525cdcef3b119680031fb5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/497d988e16bb44820a525cdcef3b119680031fb5
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to