Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0724e67e by Moritz Muehlenhoff at 2018-10-06T17:45:23Z
new nsis issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -84,7 +84,7 @@ CVE-2015-9272 (The videowhisper-video-presentation plugin
3.31.17 for WordPress
CVE-2014-10076 (The wp-db-backup plugin 2.2.4 for WordPress relies on a
five-character ...)
NOT-FOR-US: wp-db-backup plugin WordPress
CVE-2014-10075 (The karo gem 2.3.8 for Ruby allows Remote command injection
via the ...)
- TODO: check
+ NOT-FOR-US: karo gem
CVE-2013-7465 (Ice Cold Apps Servers Ultimate 6.0.2(12) does not require ...)
NOT-FOR-US: Ice Cold Apps Servers Ultimate
CVE-2018-17983 (cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds
read ...)
@@ -495,9 +495,9 @@ CVE-2018-17794 (An issue was discovered in cplus-dem.c in
GNU libiberty, as dist
[jessie] - binutils <ignored> (Minor issue)
NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350
CVE-2015-9268 (Nullsoft Scriptable Install System (NSIS) before 2.49 has
unsafe ...)
- TODO: check
+ - nsis 2.50-1
CVE-2015-9267 (Nullsoft Scriptable Install System (NSIS) before 2.49 uses
temporary ...)
- TODO: check
+ - nsis 2.50-1
CVE-2018-17793 (Virtualenv 16.0.0 allows a sandbox escape via "python
$(bash >&2)" and ...)
- python-virtualenv <unfixed> (unimportant)
NOTE: https://github.com/pypa/virtualenv/issues/1207
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0724e67e3437126c7d2dcff9525e73a23952e32f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0724e67e3437126c7d2dcff9525e73a23952e32f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
