[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Sat, 29 Sep 2018 01:11:38 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
cda35129 by security tracker role at 2018-09-29T08:10:29Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2018-17779
+       RESERVED
+CVE-2018-17778
+       RESERVED
+CVE-2018-17777
+       RESERVED
+CVE-2018-17776 (PCProtect Anti-Virus v4.8.35 has &quot;Everyone: (F)&quot; 
permission for ...)
+       TODO: check
+CVE-2018-17775
+       RESERVED
+CVE-2018-17774
+       RESERVED
+CVE-2018-17773
+       RESERVED
+CVE-2018-17772
+       RESERVED
+CVE-2018-17771
+       RESERVED
+CVE-2018-17770
+       RESERVED
+CVE-2018-17769
+       RESERVED
+CVE-2018-17768
+       RESERVED
+CVE-2018-17767
+       RESERVED
+CVE-2018-17766
+       RESERVED
+CVE-2018-17765
+       RESERVED
 CVE-2018-17764
        RESERVED
 CVE-2018-17763
@@ -2927,7 +2957,7 @@ CVE-2018-16456
        RESERVED
 CVE-2018-16455
        RESERVED
-CVE-2018-16454 (PHP Scripts Mall Olx Clone 3.4.2 has XSS. ...)
+CVE-2018-16454 (PHP Scripts Mall Currency Converter Script 2.0.5 allows remote 
attackers to cause a denial of service (web-interface change) via an inverted 
comma. ...)
        NOT-FOR-US: PHP Scripts Mall Olx Clone
 CVE-2018-16453
        RESERVED
@@ -4549,7 +4579,7 @@ CVE-2018-15838
        RESERVED
 CVE-2018-15837
        RESERVED
-CVE-2018-15836 (In Openswan before 2.6.50.1, IKEv2 signature verification is 
...)
+CVE-2018-15836 (In verify_signed_hash() in lib/liboswkeys/signatures.c in 
Openswan ...)
        - openswan <removed>
        NOTE: 
https://github.com/xelerance/Openswan/commit/0b460be9e287fd335c8ce58129c67bf06065ef51
        NOTE: https://lists.openswan.org/pipermail/users/2018-August/023761.html
@@ -21835,24 +21865,24 @@ CVE-2018-9084
        RESERVED
 CVE-2018-9083
        RESERVED
-CVE-2018-9082
-       RESERVED
-CVE-2018-9081
-       RESERVED
-CVE-2018-9080
-       RESERVED
-CVE-2018-9079
-       RESERVED
-CVE-2018-9078
-       RESERVED
-CVE-2018-9077
-       RESERVED
-CVE-2018-9076
-       RESERVED
-CVE-2018-9075
-       RESERVED
-CVE-2018-9074
-       RESERVED
+CVE-2018-9082 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 
4.1.402.34662 ...)
+       TODO: check
+CVE-2018-9081 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 
4.1.402.34662 ...)
+       TODO: check
+CVE-2018-9080 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 
4.1.402.34662 ...)
+       TODO: check
+CVE-2018-9079 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 
4.1.402.34662 ...)
+       TODO: check
+CVE-2018-9078 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 
4.1.402.34662 ...)
+       TODO: check
+CVE-2018-9077 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 
4.1.402.34662 ...)
+       TODO: check
+CVE-2018-9076 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 
4.1.402.34662 ...)
+       TODO: check
+CVE-2018-9075 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 
4.1.402.34662 ...)
+       TODO: check
+CVE-2018-9074 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 
4.1.402.34662 ...)
+       TODO: check
 CVE-2018-9073
        RESERVED
 CVE-2018-9072
@@ -68442,7 +68472,7 @@ CVE-2017-9869 (The II_step_one function in layer2.c in 
mpglib, as used in ...)
        NOTE: version, although the internal lame code was only fixed in 3.100 
(strictly speaking that would be
        NOTE: severity:unimportant for stretch onwards, but we don't have 
suite-specific severity annotations
 CVE-2017-9868 (In Mosquitto through 1.4.12, mosquitto.db (aka the persistence 
file) is ...)
-       {DLA-1146-1}
+       {DLA-1525-1 DLA-1146-1}
        - mosquitto 1.4.14-1 (bug #865959)
        [stretch] - mosquitto 1.4.10-3+deb9u1
        NOTE: https://github.com/eclipse/mosquitto/issues/468
@@ -77155,10 +77185,12 @@ CVE-2017-7656 (In Eclipse Jetty, versions 9.2.x and 
older, 9.3.x (all ...)
 CVE-2017-7655
        RESERVED
 CVE-2017-7654 (In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak 
vulnerability ...)
+       {DLA-1525-1}
        - mosquitto <unfixed>
        NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=533493
        NOTE: 
https://github.com/eclipse/mosquitto/commit/51ec5601c2ec523bf2973fdc1eca77335eafb8de
 CVE-2017-7653 (The Eclipse Mosquitto broker up to version 1.4.15 does not 
reject ...)
+       {DLA-1525-1}
        - mosquitto <unfixed>
        NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=532113
        NOTE: 
https://github.com/eclipse/mosquitto/commit/729a09310a7a56fbe5933b70b4588049da1a42b4



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cda351298ffa0341ca614f0d332c0b07470b5bd0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cda351298ffa0341ca614f0d332c0b07470b5bd0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to