[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Wed, 26 Sep 2018 01:11:28 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4cc67c17 by security tracker role at 2018-09-26T08:10:14Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2018-17537
+       RESERVED
+CVE-2018-17536
+       RESERVED
+CVE-2018-17535
+       RESERVED
+CVE-2018-17534
+       RESERVED
+CVE-2018-17533
+       RESERVED
+CVE-2018-17532
+       RESERVED
 CVE-2018-17531
        RESERVED
 CVE-2018-17530
@@ -254,15 +266,15 @@ CVE-2018-17406
        RESERVED
 CVE-2018-17405
        RESERVED
-CVE-2018-17404 (The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 
for Android ...)
+CVE-2018-17404 (** DISPUTED ** The SBIbuddy (aka com.sbi.erupee) application 
1.41 and ...)
        NOT-FOR-US: SBIbuddy application
 CVE-2018-17403 (The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 
through ...)
        NOT-FOR-US: PhonePe wallet application
-CVE-2018-17402 (The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 
through ...)
+CVE-2018-17402 (** DISPUTED ** The PhonePe wallet (aka com.PhonePe.app) 
application ...)
        NOT-FOR-US: PhonePe wallet application
-CVE-2018-17401 (The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 
through ...)
+CVE-2018-17401 (** DISPUTED ** The PhonePe wallet (aka com.PhonePe.app) 
application ...)
        NOT-FOR-US: PhonePe wallet application
-CVE-2018-17400 (The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 
through ...)
+CVE-2018-17400 (** DISPUTED ** The PhonePe wallet (aka com.PhonePe.app) 
application ...)
        NOT-FOR-US: PhonePe wallet application
 CVE-2018-17399
        RESERVED
@@ -807,7 +819,7 @@ CVE-2018-17155
 CVE-2018-17154
        RESERVED
 CVE-2018-1000802 (Python Software Foundation Python (CPython) version 2.7 
contains a ...)
-       {DLA-1519-1}
+       {DLA-1520-1 DLA-1519-1}
        - python3.7 <not-affected> (Fixed before initial upload)
        - python3.6 <not-affected> (Fixed before initial upload)
        - python3.5 <not-affected> (Fixed before initial upload)
@@ -6848,8 +6860,7 @@ CVE-2018-14635 (When using the Linux bridge ml2 driver, 
non-privileged tenants a
        [jessie] - neutron <ignored> (Minor issue)
        NOTE: https://bugs.launchpad.net/neutron/+bug/1757482
        NOTE: 
https://git.openstack.org/cgit/openstack/neutron/commit/?id=54aa6e81cb17b33ce4d5d469cc11dec2869c762d
-CVE-2018-14634 [Integer overflow in Linux's create_elf_tables()]
-       RESERVED
+CVE-2018-14634 (An integer overflow flaw was found in the Linux kernel's ...)
        - linux 4.12.6-1
        [stretch] - linux 4.9.47-1
        NOTE: https://www.openwall.com/lists/oss-security/2018/09/25/4
@@ -14225,8 +14236,7 @@ CVE-2018-11765
        RESERVED
 CVE-2018-11764
        RESERVED
-CVE-2018-11763 [mod_http2, DoS via continuous SETTINGS frames]
-       RESERVED
+CVE-2018-11763 (In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, 
large ...)
        - apache2 <unfixed> (bug #909591)
        [jessie] - apache2 <not-affected> (Vulnerable code not present)
        NOTE: HTTP/2 support introduced in 2.4.17
@@ -44768,7 +44778,7 @@ CVE-2018-1063 (Context relabeling of filesystems is 
vulnerable to symbolic link
 CVE-2018-1062 (A vulnerability was discovered in oVirt 4.1.x before 4.1.9, 
where the ...)
        NOT-FOR-US: ovirt-engine
 CVE-2018-1061 (python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 
3.7.0 is ...)
-       {DLA-1519-1}
+       {DLA-1520-1 DLA-1519-1}
        - python3.7 3.7.0~b3-1 (low)
        - python3.6 3.6.5~rc1-1 (low)
        - python3.5 3.5.6-1 (low)
@@ -44789,7 +44799,7 @@ CVE-2018-1061 (python before versions 2.7.15, 3.4.9, 
3.5.6rc1, 3.6.5rc1 and 3.7.
        NOTE: 
https://github.com/python/cpython/commit/942cc04ae44825ea120e3a19a80c9b348b8194d0
 (3.4)
        NOTE: 
https://github.com/python/cpython/commit/e052d40cea15f582b50947f7d906b39744dc62a2
 (2.7)
 CVE-2018-1060 (python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 
3.7.0 is ...)
-       {DLA-1519-1}
+       {DLA-1520-1 DLA-1519-1}
        - python3.7 3.7.0~b3-1 (low)
        - python3.6 3.6.5~rc1-1 (low)
        - python3.5 3.5.6-1 (low)
@@ -48525,7 +48535,7 @@ CVE-2017-1000164 (Tine 2.0 version 2017.02.4 is 
vulnerable to XSS in the Address
 CVE-2017-1000160 (EllisLab ExpressionEngine 3.4.2 is vulnerable to cross-site 
scripting ...)
        NOT-FOR-US: EllisLab ExpressionEngine
 CVE-2017-1000158 (CPython (aka Python) up to 2.7.13 is vulnerable to an 
integer overflow ...)
-       {DLA-1519-1 DLA-1190-1 DLA-1189-1}
+       {DLA-1520-1 DLA-1519-1 DLA-1190-1 DLA-1189-1}
        - python3.5 3.5.5-1
        - python3.4 <removed>
        - python2.7 2.7.13-4



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4cc67c17c4659e6f1c05406fba53893f31ff7025

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4cc67c17c4659e6f1c05406fba53893f31ff7025
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to