[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Sat, 03 Nov 2018 01:11:49 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
60a10cbc by security tracker role at 2018-11-03T08:10:39Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,29 @@
+CVE-2018-18915 (There is an infinite loop in the 
Exiv2::Image::printIFDStructure ...)
+       TODO: check
+CVE-2018-18914
+       RESERVED
+CVE-2018-18913
+       RESERVED
+CVE-2018-18912
+       RESERVED
+CVE-2018-18911
+       RESERVED
+CVE-2018-18910
+       RESERVED
+CVE-2018-18909
+       RESERVED
+CVE-2018-18908
+       RESERVED
+CVE-2018-18907
+       RESERVED
 CVE-2018-18906
        RESERVED
 CVE-2018-18905
        RESERVED
 CVE-2018-18904
        RESERVED
-CVE-2018-18903
-       RESERVED
+CVE-2018-18903 (Vanilla 2.6.x before 2.6.4 allows remote code execution. ...)
+       TODO: check
 CVE-2018-18902
        RESERVED
 CVE-2018-18901
@@ -4973,14 +4991,12 @@ CVE-2018-16851
        RESERVED
 CVE-2018-16850
        RESERVED
-CVE-2018-16849 [std.ssh action may disclose presence of arbitrary files]
-       RESERVED
+CVE-2018-16849 (A flaw was found in openstack-mistral. By manipulating the SSH 
private ...)
        - mistral <unfixed> (bug #912714)
        NOTE: https://bugs.launchpad.net/mistral/+bug/1783708
 CVE-2018-16848
        RESERVED
-CVE-2018-16847 [nvme: Out-of-bounds r/w buffer access in cmb operations]
-       RESERVED
+CVE-2018-16847 (An OOB heap buffer r/w access issue was found in the NVM 
Express ...)
        - qemu <unfixed> (bug #912655)
        [stretch] - qemu <not-affected> (support for Controller Memory Buffers 
added later)
        [jessie] - qemu <not-affected> (support for Controller Memory Buffers 
added later)
@@ -7786,8 +7802,8 @@ CVE-2018-15764 (Dell EMC ESRS Policy Manager versions 6.8 
and prior contain a re
        NOT-FOR-US: EMC ESRS Policy Manager
 CVE-2018-15763 (Pivotal Container Service, versions prior to 1.2.0, contains 
an ...)
        NOT-FOR-US: Pivotal Container Service
-CVE-2018-15762
-       RESERVED
+CVE-2018-15762 (Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, 
versions ...)
+       TODO: check
 CVE-2018-15761
        RESERVED
 CVE-2018-15760
@@ -19899,8 +19915,8 @@ CVE-2018-11064 (Dell EMC Unity OE versions 4.3.0.x and 
4.3.1.x and UnityVSA OE .
        NOT-FOR-US: Dell
 CVE-2018-11063 (Dell WMS versions 1.1 and prior are impacted by multiple 
unquoted ...)
        NOT-FOR-US: Dell WMS
-CVE-2018-11062
-       RESERVED
+CVE-2018-11062 (Integrated Data Protection Appliance versions 2.0, 2.1, and 
2.2 ...)
+       TODO: check
 CVE-2018-11061 (RSA NetWitness Platform versions prior to 11.1.0.2 and RSA 
Security ...)
        NOT-FOR-US: RSA
 CVE-2018-11060 (RSA Archer, versions prior to 6.4.0.1, contain an 
authorization bypass ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/60a10cbc02fb4381892e950927dbe5413c1ae82d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/60a10cbc02fb4381892e950927dbe5413c1ae82d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to