[Git][security-tracker-team/security-tracker][master] automatic update

Wed, 24 Oct 2018 13:10:52 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
68d6d1d8 by security tracker role at 2018-10-24T20:10:23Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2018-18631
+       RESERVED
 CVE-2018-18630
        RESERVED
 CVE-2018-18629
@@ -66,7 +68,7 @@ CVE-2018-18605 (A heap-based buffer over-read issue was 
discovered in the functi
        NOTE: 
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61
 CVE-2018-18604
        RESERVED
-CVE-2018-18603 (360 Total Security 3.5.0.1033 allows a Sandbox Escape via an 
"import ...)
+CVE-2018-18603 (** DISPUTED ** 360 Total Security 3.5.0.1033 allows a Sandbox 
Escape ...)
        NOT-FOR-US: 360 Total Security
 CVE-2018-18602
        RESERVED
@@ -1818,8 +1820,8 @@ CVE-2018-17937
        RESERVED
 CVE-2018-17936
        RESERVED
-CVE-2018-17935
-       RESERVED
+CVE-2018-17935 (All versions of Telecrane F25 Series Radio Controls before 
00.0A use ...)
+       TODO: check
 CVE-2018-17934
        RESERVED
 CVE-2018-17933
@@ -7850,8 +7852,8 @@ CVE-2018-15444
        RESERVED
 CVE-2018-15443
        RESERVED
-CVE-2018-15442
-       RESERVED
+CVE-2018-15442 (A vulnerability in the update service of Cisco Webex Meetings 
Desktop ...)
+       TODO: check
 CVE-2018-15441
        RESERVED
 CVE-2018-15440
@@ -7979,6 +7981,7 @@ CVE-2018-15380
 CVE-2018-15379 (A vulnerability in which the HTTP web server for Cisco Prime 
...)
        NOT-FOR-US: Cisco
 CVE-2018-15378 (A vulnerability in ClamAV versions prior to 0.100.2 could 
allow an ...)
+       {DLA-1553-1}
        - clamav 0.100.2+dfsg-1 (bug #910430)
        [stretch] - clamav <no-dsa> (clamav is updated via -updates)
        NOTE: 
https://blog.clamav.net/2018/10/clamav-01002-has-been-released.html
@@ -17037,8 +17040,8 @@ CVE-2018-1000182 (A server-side request forgery 
vulnerability exists in Jenkins
        NOT-FOR-US: Jenkins plugin
 CVE-2018-11805
        RESERVED
-CVE-2018-11804
-       RESERVED
+CVE-2018-11804 (Spark's Apache Maven-based build includes a convenience 
script, ...)
+       TODO: check
 CVE-2018-11803
        RESERVED
 CVE-2018-11802
@@ -45704,8 +45707,8 @@ CVE-2018-1543 (IBM WebSphere MQ 8.0 and 9.0 could allow 
a remote attacker to obt
        NOT-FOR-US: IBM
 CVE-2018-1542 (IBM FileNet Content Manager, IBM Content Foundation, and IBM 
Case ...)
        NOT-FOR-US: IBM
-CVE-2018-1541
-       RESERVED
+CVE-2018-1541 (IBM WebSphere Commerce Enterprise V7, V8, and V9 is vulnerable 
to ...)
+       TODO: check
 CVE-2018-1540
        RESERVED
 CVE-2018-1539 (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 
6.0 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/68d6d1d88c2a860ba5b3d2acf285dbf979f7cf20

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/68d6d1d88c2a860ba5b3d2acf285dbf979f7cf20
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to