[Git][security-tracker-team/security-tracker][master] new opensc issues

Tue, 04 Sep 2018 11:41:55 -0700 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4d4cbcca by Moritz Muehlenhoff at 2018-09-04T18:41:01Z
new opensc issues
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -114,7 +114,7 @@ CVE-2018-16412 (ImageMagick 7.0.8-11 Q16 has a heap-based 
buffer over-read in th
 CVE-2018-16411
        RESERVED
 CVE-2018-16410 (Vanilla before 2.6.1 allows SQL injection via an invitationID 
array to ...)
-       TODO: check
+       NOT-FOR-US: Vanilla
 CVE-2018-16409 (In Gogs 0.11.53, an attacker can use migrate to send arbitrary 
HTTP GET ...)
        NOT-FOR-US: Go Git Service
 CVE-2018-16408 (D-Link DIR-846 devices with firmware 100.26 allow remote 
attackers to ...)
@@ -144,7 +144,7 @@ CVE-2018-16400
 CVE-2018-16399
        RESERVED
 CVE-2018-16398 (In Twistlock AuthZ Broker 0.1, regular expressions are 
mishandled, as ...)
-       TODO: check
+       NOT-FOR-US: Twistlock AuthZ Broker
 CVE-2018-16397 (In LimeSurvey before 3.14.7, an admin user can leverage a 
"file upload" ...)
        - limesurvey <itp> (bug #472802)
 CVE-2018-16396
@@ -154,11 +154,17 @@ CVE-2018-16395
 CVE-2018-16394
        RESERVED
 CVE-2018-16393 (Several buffer overflows when handling responses from a 
Gemsafe V1 ...)
-       TODO: check
+       - opensc <unfixed> (low)
+       NOTE: 
https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad
+       NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
 CVE-2018-16392 (Several buffer overflows when handling responses from a TCOS 
Card in ...)
-       TODO: check
+       - opensc <unfixed> (low)
+       NOTE: 
https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-b2a356323a9ff2024d041cf2d7e89dd3
+       NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
 CVE-2018-16391 (Several buffer overflows when handling responses from a Muscle 
Card in ...)
-       TODO: check
+       - opensc <unfixed> (low)
+       NOTE: 
https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-477b7a40136bb418b10ce271c8664536
+       NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
 CVE-2018-16390
        RESERVED
 CVE-2018-16389



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4d4cbcca8fd8ab8afba9880b7bfbc094bdcfb9d2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4d4cbcca8fd8ab8afba9880b7bfbc094bdcfb9d2
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to