Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
abc5766a by Salvatore Bonaccorso at 2018-11-14T06:19:43Z
Process three NFUs for Keycloak
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11500,16 +11500,16 @@ CVE-2018-14659 (The Gluster file system through
versions 4.1.4 and 3.1.2 is vuln
NOTE: https://review.gluster.org/#/c/glusterfs/+/21530/
NOTE:
http://git.gluster.org/cgit/glusterfs.git/commit/?id=be1e1785e2e4f3d6345ea5b5b684a1429784a01c
CVE-2018-14658 (A flaw was found in JBOSS Keycloak 3.2.1.Final. The Redirect
URL for ...)
- TODO: check
+ NOT-FOR-US: Keycloak
CVE-2018-14657 (A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When
TOPT ...)
- TODO: check
+ NOT-FOR-US: Keycloak
CVE-2018-14656 (A missing address check in the callers of the show_opcodes()
in the ...)
- linux 4.18.6-1
[stretch] - linux <not-affected> (Vulnerable code not present)
[jessie] - linux <not-affected> (Vulnerable code not present)
NOTE: Fixed by:
https://git.kernel.org/linus/342db04ae71273322f0011384a9ed414df8bdae4
CVE-2018-14655 (A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2,
4.3.0.Final. ...)
- TODO: check
+ NOT-FOR-US: Keycloak
CVE-2018-14654 (The Gluster file system through version 4.1.4 is vulnerable to
abuse ...)
- glusterfs <unfixed> (bug #912997)
[jessie] - glusterfs <not-affected> (vulnerable code not present)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/abc5766a63272d702ccdd1299616480e1d67b465
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/abc5766a63272d702ccdd1299616480e1d67b465
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
