Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2d2a24d5 by security tracker role at 2018-10-21T08:10:15Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,24 @@
-CVE-2018-18541 [remote DOS by forging connection packets]
+CVE-2018-18549
+ RESERVED
+CVE-2018-18548
+ RESERVED
+CVE-2018-18547
+ RESERVED
+CVE-2018-18546 (ThinkPHP 3.2.4 has SQL Injection via the order parameter
because the ...)
+ TODO: check
+CVE-2018-18545 (Fiyo CMS 2.0.7 has XSS via the
dapur\apps\app_user\edit_user.php name ...)
+ TODO: check
+CVE-2018-18544 (There is a memory leak in the function WriteMSLImage of
coders/msl.c in ...)
+ TODO: check
+CVE-2018-18543
+ RESERVED
+CVE-2018-18542
+ RESERVED
+CVE-2018-18540 (TeaKKi 2.7 allows XSS via a crafted onerror attribute for a
picture's ...)
+ TODO: check
+CVE-2018-18539
+ RESERVED
+CVE-2018-18541 (In Teeworlds before 0.6.5, connection packets could be forged.
There ...)
- teeworlds <unfixed> (bug #911487)
NOTE: https://www.teeworlds.com/forum/viewtopic.php?id=12544
NOTE: https://github.com/teeworlds/teeworlds/issues/1536
@@ -5385,6 +5405,7 @@ CVE-2018-16338 (An issue was discovered in AuraCMS 2.3.
There is a CSRF vulnerab
CVE-2018-16337 (An issue was discovered in Cscms V4.1.8. There is a CSRF
vulnerability ...)
NOT-FOR-US: Cscms
CVE-2018-16336 (Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows
remote ...)
+ {DLA-1551-1}
- exiv2 <unfixed>
NOTE: https://github.com/Exiv2/exiv2/issues/400
NOTE:
https://github.com/Exiv2/exiv2/commit/35b3e596edacd2437c2c5d3dd2b5c9502626163d
@@ -18962,7 +18983,7 @@ CVE-2018-11001
CVE-2018-11000
RESERVED
CVE-2018-10999 (An issue was discovered in Exiv2 0.26. The ...)
- {DSA-4238-1 DLA-1402-1}
+ {DSA-4238-1 DLA-1551-1 DLA-1402-1}
- exiv2 0.25-4
NOTE: https://github.com/Exiv2/exiv2/issues/306
NOTE:
https://github.com/Exiv2/exiv2/commit/2fb00c8a16ce93756cddd70536e361a49369ba88
@@ -19075,7 +19096,7 @@ CVE-2018-10960
CVE-2018-10959
RESERVED
CVE-2018-10958 (In types.cpp in Exiv2 0.26, a large size value may lead to a
SIGABRT ...)
- {DSA-4238-1 DLA-1402-1}
+ {DSA-4238-1 DLA-1551-1 DLA-1402-1}
- exiv2 0.25-4
NOTE: https://github.com/Exiv2/exiv2/issues/302
NOTE:
https://github.com/Exiv2/exiv2/commit/2fb00c8a16ce93756cddd70536e361a49369ba88
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2d2a24d57347183255a25ef41a6f7c763abb1273
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2d2a24d57347183255a25ef41a6f7c763abb1273
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
