[Git][security-tracker-team/security-tracker][master] some bugs filed

Wed, 07 Nov 2018 11:01:29 -0800 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5ee4129b by Moritz Muehlenhoff at 2018-11-07T19:00:31Z
some bugs filed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -337,7 +337,7 @@ CVE-2018-18899
 CVE-2018-18898
        RESERVED
 CVE-2018-18897 (An issue was discovered in Poppler 0.71.0. There is a memory 
leak in ...)
-       - poppler <unfixed>
+       - poppler <unfixed> (low; bug #913164)
        [stretch] - poppler <ignored> (Negligable security impact)
        NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/654
 CVE-2018-18896
@@ -10831,7 +10831,7 @@ CVE-2018-14645 (A flaw was discovered in the HPACK 
decoder of HAProxy, before 1.
        NOTE: 
https://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=b4e05a3daa30f657db01ec144a0e48850c48f813
 CVE-2018-14644 [Crafted query for meta-types can cause a denial of service]
        RESERVED
-       - pdns-recursor <unfixed>
+       - pdns-recursor <unfixed> (bug #913162)
        NOTE: 
https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-07.html
        NOTE: https://downloads.powerdns.com/patches/2018-07/
 CVE-2018-14643 (An authentication bypass flaw was found in the 
smart_proxy_dynflow ...)
@@ -10889,9 +10889,9 @@ CVE-2018-14627 (The IIOP OpenJDK Subsystem in WildFly 
before version 14.0.0 does
        NOTE: https://github.com/wildfly/wildfly/pull/10675
 CVE-2018-14626 [Packet cache pollution via crafted query]
        RESERVED
-       - pdns <unfixed>
+       - pdns <unfixed> (bug #913163)
        [stretch] - pdns <not-affected> (Vulnerable code present only in >=  
4.1.0)
-       - pdns-recursor <unfixed>
+       - pdns-recursor <unfixed> (bug #913162)
        NOTE: 
https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-05.html
        NOTE: https://downloads.powerdns.com/patches/2018-05/
        NOTE: 
https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-06.html
@@ -21003,8 +21003,8 @@ CVE-2018-10852 (The UNIX pipe which sudo uses to 
contact SSSD and read the avail
        NOTE: https://pagure.io/SSSD/sssd/issue/3766
 CVE-2018-10851 [Crafted answer can cause a denial of service]
        RESERVED
-       - pdns <unfixed>
-       - pdns-recursor <unfixed>
+       - pdns <unfixed> (bug #913163)
+       - pdns-recursor <unfixed> (bug #913162)
        NOTE: 
https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-03.html
        NOTE: https://downloads.powerdns.com/patches/2018-03/
        NOTE: 
https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-04.html



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ee4129bb18105309f0349df99e8027ab0da2810

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ee4129bb18105309f0349df99e8027ab0da2810
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to