Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 60a10cbc by security tracker role at 2018-11-03T08:10:39Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,11 +1,29 @@ +CVE-2018-18915 (There is an infinite loop in the Exiv2::Image::printIFDStructure ...) + TODO: check +CVE-2018-18914 + RESERVED +CVE-2018-18913 + RESERVED +CVE-2018-18912 + RESERVED +CVE-2018-18911 + RESERVED +CVE-2018-18910 + RESERVED +CVE-2018-18909 + RESERVED +CVE-2018-18908 + RESERVED +CVE-2018-18907 + RESERVED CVE-2018-18906 RESERVED CVE-2018-18905 RESERVED CVE-2018-18904 RESERVED -CVE-2018-18903 - RESERVED +CVE-2018-18903 (Vanilla 2.6.x before 2.6.4 allows remote code execution. ...) + TODO: check CVE-2018-18902 RESERVED CVE-2018-18901 @@ -4973,14 +4991,12 @@ CVE-2018-16851 RESERVED CVE-2018-16850 RESERVED -CVE-2018-16849 [std.ssh action may disclose presence of arbitrary files] - RESERVED +CVE-2018-16849 (A flaw was found in openstack-mistral. By manipulating the SSH private ...) - mistral <unfixed> (bug #912714) NOTE: https://bugs.launchpad.net/mistral/+bug/1783708 CVE-2018-16848 RESERVED -CVE-2018-16847 [nvme: Out-of-bounds r/w buffer access in cmb operations] - RESERVED +CVE-2018-16847 (An OOB heap buffer r/w access issue was found in the NVM Express ...) - qemu <unfixed> (bug #912655) [stretch] - qemu <not-affected> (support for Controller Memory Buffers added later) [jessie] - qemu <not-affected> (support for Controller Memory Buffers added later) @@ -7786,8 +7802,8 @@ CVE-2018-15764 (Dell EMC ESRS Policy Manager versions 6.8 and prior contain a re NOT-FOR-US: EMC ESRS Policy Manager CVE-2018-15763 (Pivotal Container Service, versions prior to 1.2.0, contains an ...) NOT-FOR-US: Pivotal Container Service -CVE-2018-15762 - RESERVED +CVE-2018-15762 (Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions ...) + TODO: check CVE-2018-15761 RESERVED CVE-2018-15760 @@ -19899,8 +19915,8 @@ CVE-2018-11064 (Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE . NOT-FOR-US: Dell CVE-2018-11063 (Dell WMS versions 1.1 and prior are impacted by multiple unquoted ...) NOT-FOR-US: Dell WMS -CVE-2018-11062 - RESERVED +CVE-2018-11062 (Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 ...) + TODO: check CVE-2018-11061 (RSA NetWitness Platform versions prior to 11.1.0.2 and RSA Security ...) NOT-FOR-US: RSA CVE-2018-11060 (RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/60a10cbc02fb4381892e950927dbe5413c1ae82d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/60a10cbc02fb4381892e950927dbe5413c1ae82d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits