Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
067357b1 by security tracker role at 2018-11-14T20:10:21Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,120 @@
+CVE-2019-0235
+ RESERVED
+CVE-2019-0234
+ RESERVED
+CVE-2019-0233
+ RESERVED
+CVE-2019-0232
+ RESERVED
+CVE-2019-0231
+ RESERVED
+CVE-2019-0230
+ RESERVED
+CVE-2019-0229
+ RESERVED
+CVE-2019-0228
+ RESERVED
+CVE-2019-0227
+ RESERVED
+CVE-2019-0226
+ RESERVED
+CVE-2019-0225
+ RESERVED
+CVE-2019-0224
+ RESERVED
+CVE-2019-0223
+ RESERVED
+CVE-2019-0222
+ RESERVED
+CVE-2019-0221
+ RESERVED
+CVE-2019-0220
+ RESERVED
+CVE-2019-0219
+ RESERVED
+CVE-2019-0218
+ RESERVED
+CVE-2019-0217
+ RESERVED
+CVE-2019-0216
+ RESERVED
+CVE-2019-0215
+ RESERVED
+CVE-2019-0214
+ RESERVED
+CVE-2019-0213
+ RESERVED
+CVE-2019-0212
+ RESERVED
+CVE-2019-0211
+ RESERVED
+CVE-2019-0210
+ RESERVED
+CVE-2019-0209
+ RESERVED
+CVE-2019-0208
+ RESERVED
+CVE-2019-0207
+ RESERVED
+CVE-2019-0206
+ RESERVED
+CVE-2019-0205
+ RESERVED
+CVE-2019-0204
+ RESERVED
+CVE-2019-0203
+ RESERVED
+CVE-2019-0202
+ RESERVED
+CVE-2019-0201
+ RESERVED
+CVE-2019-0200
+ RESERVED
+CVE-2019-0199
+ RESERVED
+CVE-2019-0198
+ RESERVED
+CVE-2019-0197
+ RESERVED
+CVE-2019-0196
+ RESERVED
+CVE-2019-0195
+ RESERVED
+CVE-2019-0194
+ RESERVED
+CVE-2019-0193
+ RESERVED
+CVE-2019-0192
+ RESERVED
+CVE-2019-0191
+ RESERVED
+CVE-2019-0190
+ RESERVED
+CVE-2019-0189
+ RESERVED
+CVE-2019-0188
+ RESERVED
+CVE-2019-0187
+ RESERVED
+CVE-2019-0186
+ RESERVED
+CVE-2018-19277 (securityScan() in PHPOffice PhpSpreadsheet through 1.5.0
allows a ...)
+ TODO: check
+CVE-2018-19276
+ RESERVED
+CVE-2018-19275
+ RESERVED
+CVE-2018-19274
+ RESERVED
+CVE-2018-19273
+ RESERVED
+CVE-2018-19272
+ RESERVED
+CVE-2018-19271 (Centreon 3.4.x allows SQL Injection via the main.php searchH
parameter. ...)
+ TODO: check
+CVE-2018-19270
+ REJECTED
+ TODO: check
CVE-2019-0185
RESERVED
CVE-2019-0184
@@ -4549,38 +4666,31 @@ CVE-2018-17478
RESERVED
- chromium-browser <unfixed>
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17477
- RESERVED
+CVE-2018-17477 (Incorrect dialog placement in Extensions in Google Chrome
prior to ...)
{DSA-4330-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17476
- RESERVED
+CVE-2018-17476 (Incorrect dialog placement in Cast UI in Google Chrome prior
to ...)
{DSA-4330-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17475
- RESERVED
+CVE-2018-17475 (Incorrect handling of history on iOS in Navigation in Google
Chrome ...)
{DSA-4330-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17474
- RESERVED
+CVE-2018-17474 (Use after free in HTMLImportsController in Blink in Google
Chrome ...)
{DSA-4330-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17473
- RESERVED
+CVE-2018-17473 (Incorrect handling of confusable characters in Omnibox in
Google ...)
{DSA-4330-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17472
- RESERVED
+CVE-2018-17472 (Incorrect handling of googlechrome:// URL scheme on iOS in
Intents in ...)
{DSA-4330-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17471
- RESERVED
+CVE-2018-17471 (Incorrect dialog placement in WebContents in Google Chrome
prior to ...)
{DSA-4330-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -4589,43 +4699,35 @@ CVE-2018-17470
{DSA-4330-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17469
- RESERVED
+CVE-2018-17469 (Incorrect handling of PDF filter chains in PDFium in Google
Chrome ...)
{DSA-4330-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17468
- RESERVED
+CVE-2018-17468 (Incorrect handling of timer information during navigation in
Blink in ...)
{DSA-4330-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17467
- RESERVED
+CVE-2018-17467 (Insufficiently quick clearing of stale rendered content in
Navigation ...)
{DSA-4330-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17466
- RESERVED
+CVE-2018-17466 (Incorrect texture handling in Angle in Google Chrome prior to
...)
{DSA-4330-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17465
- RESERVED
+CVE-2018-17465 (Incorrect implementation of object trimming in V8 in Google
Chrome ...)
{DSA-4330-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17464
- RESERVED
+CVE-2018-17464 (Incorrect handling of history on iOS in Navigation in Google
Chrome ...)
{DSA-4330-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17463
- RESERVED
+CVE-2018-17463 (Incorrect side effect annotation in V8 in Google Chrome prior
to ...)
{DSA-4330-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17462
- RESERVED
+CVE-2018-17462 (Incorrect refcounting in AppCache in Google Chrome prior to
...)
{DSA-4330-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -9005,20 +9107,20 @@ CVE-2018-15716
RESERVED
CVE-2018-15715
RESERVED
-CVE-2018-15714
- RESERVED
-CVE-2018-15713
- RESERVED
-CVE-2018-15712
- RESERVED
-CVE-2018-15711
- RESERVED
-CVE-2018-15710
- RESERVED
-CVE-2018-15709
- RESERVED
-CVE-2018-15708
- RESERVED
+CVE-2018-15714 (Nagios XI 5.5.6 allows reflected cross site scripting from
remote ...)
+ TODO: check
+CVE-2018-15713 (Nagios XI 5.5.6 allows persistent cross site scripting from
remote ...)
+ TODO: check
+CVE-2018-15712 (Nagios XI 5.5.6 allows reflected cross site scripting from
remote ...)
+ TODO: check
+CVE-2018-15711 (Nagios XI 5.5.6 allows remote authenticated attackers to reset
and ...)
+ TODO: check
+CVE-2018-15710 (Nagios XI 5.5.6 allows local authenticated attackers to
escalate ...)
+ TODO: check
+CVE-2018-15709 (Nagios XI 5.5.6 allows remote authenticated attackers to
execute ...)
+ TODO: check
+CVE-2018-15708 (Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated
attackers ...)
+ TODO: check
CVE-2018-15707 (Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to
cross-site ...)
NOT-FOR-US: Advantech WebAccess
CVE-2018-15706 (WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows
remote ...)
@@ -18075,8 +18177,8 @@ CVE-2018-12176 (Improper input validation in firmware
for Intel NUC Kits may all
NOT-FOR-US: Intel
CVE-2018-12175 (Default install directory permissions in Intel Distribution
for Python ...)
NOT-FOR-US: Intel Distribution for Python
-CVE-2018-12174
- RESERVED
+CVE-2018-12174 (Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel
Studio XE ...)
+ TODO: check
CVE-2018-12173 (Insufficient access protection in firmware in Intel Server
Board, ...)
NOT-FOR-US: Intel
CVE-2018-12172 (Improper password hashing in firmware in Intel Server Board
...)
@@ -24936,8 +25038,8 @@ CVE-2018-9582
RESERVED
CVE-2018-9581
RESERVED
-CVE-2018-9580
- RESERVED
+CVE-2018-9580 (A Elevation of privilege vulnerability in the HTC bootloader.
Product: ...)
+ TODO: check
CVE-2018-9579
RESERVED
CVE-2018-9578
@@ -25006,56 +25108,56 @@ CVE-2018-9547
RESERVED
CVE-2018-9546
RESERVED
-CVE-2018-9545
- RESERVED
-CVE-2018-9544
- RESERVED
-CVE-2018-9543
- RESERVED
-CVE-2018-9542
- RESERVED
-CVE-2018-9541
- RESERVED
-CVE-2018-9540
- RESERVED
-CVE-2018-9539
- RESERVED
+CVE-2018-9545 (In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible ...)
+ TODO: check
+CVE-2018-9544 (In register_app of btif_hd.cc, there is a possible
out-of-bounds read ...)
+ TODO: check
+CVE-2018-9543 (In f2fs_format_utils.c WITH_BLKDISCARD is not defined, which
may cause ...)
+ TODO: check
+CVE-2018-9542 (In avrc_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible
out of ...)
+ TODO: check
+CVE-2018-9541 (In avrc_pars_vendor_rsp of avcr_pars_ct.cc, there is a possible
...)
+ TODO: check
+CVE-2018-9540 (In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.c, there is a
possible ...)
+ TODO: check
+CVE-2018-9539 (In the ClearKey CAS descrambler, there is a possible use after
free ...)
+ TODO: check
CVE-2018-9538
RESERVED
-CVE-2018-9537
- RESERVED
-CVE-2018-9536
- RESERVED
-CVE-2018-9535
- RESERVED
-CVE-2018-9534
- RESERVED
-CVE-2018-9533
- RESERVED
-CVE-2018-9532
- RESERVED
-CVE-2018-9531
- RESERVED
-CVE-2018-9530
- RESERVED
-CVE-2018-9529
- RESERVED
-CVE-2018-9528
- RESERVED
-CVE-2018-9527
- RESERVED
-CVE-2018-9526
- RESERVED
-CVE-2018-9525
- RESERVED
-CVE-2018-9524
- RESERVED
-CVE-2018-9523
- RESERVED
-CVE-2018-9522
- RESERVED
-CVE-2018-9521
- RESERVED
+CVE-2018-9537 (In CAacDecoder_DecodeFrame of aacdecode.cpp, there is a
possible ...)
+ TODO: check
+CVE-2018-9536 (In numerous functions of libFDK, there are possible out of
bounds ...)
+ TODO: check
+CVE-2018-9535 (In ixheaacd_reset_acelp_data_fix of ixheaacd_lpc.c there is a
possible ...)
+ TODO: check
+CVE-2018-9534 (In ixheaacd_mps_getstridemap of ixheaacd_mps_parse.c there is a
...)
+ TODO: check
+CVE-2018-9533 (In ixheaacd_dec_data_init of ixheaacd_create.c there is a
possible out ...)
+ TODO: check
+CVE-2018-9532 (In ixheaacd_extract_frame_info_ld of ixheaacd_env_extr.c there
is a ...)
+ TODO: check
+CVE-2018-9531 (In AudioSpecificConfig_Parse of tpdec_asc.cpp, there is a
possible ...)
+ TODO: check
+CVE-2018-9530 (In ixheaacd_tns_ar_filter_dec of ixheaacd_aac_tns.c there is a
...)
+ TODO: check
+CVE-2018-9529 (In ixheaacd_individual_ch_stream of ixheaacd_channel.c there is
a ...)
+ TODO: check
+CVE-2018-9528 (In ixheaacd_over_lap_add1_armv8 of ixheaacd_overlap_add1.s
there is a ...)
+ TODO: check
+CVE-2018-9527 (In vorbis_book_decodev_set of codebook.c there is a possible
out of ...)
+ TODO: check
+CVE-2018-9526 (In device configuration data, there is an improperly configured
...)
+ TODO: check
+CVE-2018-9525 (In the AndroidManifest.xml file defining the
SliceBroadcastReceiver ...)
+ TODO: check
+CVE-2018-9524 (In functionality implemented in System UI, there are
insufficient ...)
+ TODO: check
+CVE-2018-9523 (In Parcel.writeMapInternal of Parcel.java, there is a possible
parcel ...)
+ TODO: check
+CVE-2018-9522 (In the serialization functions of StatsLogEventWrapper.java,
there is ...)
+ TODO: check
+CVE-2018-9521 (In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a
possible out ...)
+ TODO: check
CVE-2018-9520
RESERVED
CVE-2018-9519
@@ -25215,8 +25317,8 @@ CVE-2018-9459 (In Attachment of Attachment.java and
getFilePath of ...)
NOT-FOR-US: Android
CVE-2018-9458 (In computeFocusedWindow of RootWindowContainer.java, and
related ...)
NOT-FOR-US: Android
-CVE-2018-9457
- RESERVED
+CVE-2018-9457 (In onCheckedChanged of BluetoothPairingController.java, there
is a ...)
+ TODO: check
CVE-2018-9456
RESERVED
NOT-FOR-US: Android
@@ -25472,8 +25574,7 @@ CVE-2018-9349
CVE-2018-9348
RESERVED
NOT-FOR-US: Android Media Framework
-CVE-2018-9347
- RESERVED
+CVE-2018-9347 (In function SMF_ParseMetaEvent of file eas_smf.c there is
incorrect ...)
NOT-FOR-US: Android Media Framework
CVE-2018-9346
RESERVED
@@ -30937,10 +31038,10 @@ CVE-2018-7360
RESERVED
CVE-2018-7359
RESERVED
-CVE-2018-7358
- RESERVED
-CVE-2018-7357
- RESERVED
+CVE-2018-7358 (ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5,
V2.2.0_PK1.2T2, ...)
+ TODO: check
+CVE-2018-7357 (ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5,
V2.2.0_PK1.2T2, ...)
+ TODO: check
CVE-2018-7356 (All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product
are ...)
NOT-FOR-US: ZTE ZXR10 8905E
CVE-2018-7355 (All versions up to V1.0.0B05 of ZTE MF65 and all versions up to
...)
@@ -35242,152 +35343,128 @@ CVE-2018-6085
CVE-2018-6084
RESERVED
- chromium-browser <not-affected> (Specific to MacOS)
-CVE-2018-6083
- RESERVED
+CVE-2018-6083 (Failure to disallow PWA installation from CSP sandboxed pages
in ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6082
- RESERVED
+CVE-2018-6082 (Including port 22 in the list of allowed FTP ports in
Networking in ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6081
- RESERVED
+CVE-2018-6081 (XSS vulnerabilities in Interstitials in Google Chrome prior to
...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6080
- RESERVED
+CVE-2018-6080 (Lack of access control checks in Instrumentation in Google
Chrome ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6079
- RESERVED
+CVE-2018-6079 (Inappropriate sharing of TEXTURE_2D_ARRAY/TEXTURE_3D data
between tabs ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6078
- RESERVED
+CVE-2018-6078 (Incorrect handling of confusable characters in Omnibox in
Google ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6077
- RESERVED
+CVE-2018-6077 (Displacement map filters being applied to cross-origin images
in Blink ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6076
- RESERVED
+CVE-2018-6076 (Insufficient encoding of URL fragment identifiers in Blink in
Google ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6075
- RESERVED
+CVE-2018-6075 (Incorrect handling of specified filenames in file downloads in
Google ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6074
- RESERVED
+CVE-2018-6074 (Failure to apply Mark-of-the-Web in Downloads in Google Chrome
prior ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6073
- RESERVED
+CVE-2018-6073 (A heap buffer overflow in WebGL in Google Chrome prior to ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6072
- RESERVED
+CVE-2018-6072 (An integer overflow leading to use after free in PDFium in
Google ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6071
- RESERVED
+CVE-2018-6071 (An integer overflow in Skia in Google Chrome prior to
65.0.3325.146 ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6070
- RESERVED
+CVE-2018-6070 (Lack of CSP enforcement on WebUI pages in Bink in Google Chrome
prior ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6069
- RESERVED
+CVE-2018-6069 (Stack buffer overflow in Skia in Google Chrome prior to
65.0.3325.146 ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6068
- RESERVED
+CVE-2018-6068 (Object lifecycle issue in Chrome Custom Tab in Google Chrome
prior to ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6067
- RESERVED
+CVE-2018-6067 (Incorrect IPC serialization in Skia in Google Chrome prior to
...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6066
- RESERVED
+CVE-2018-6066 (Lack of CORS checking by ResourceFetcher/ResourceLoader in
Blink in ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6065
- RESERVED
+CVE-2018-6065 (Integer overflow in computing the required allocation size when
...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- libv8 <unfixed> (unimportant)
NOTE: libv8 not covered by security support
-CVE-2018-6064
- RESERVED
+CVE-2018-6064 (Type Confusion in the implementation of __defineGetter__ in V8
in ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- libv8 <unfixed> (unimportant)
NOTE: libv8 not covered by security support
-CVE-2018-6063
- RESERVED
+CVE-2018-6063 (Incorrect use of mojo::WrapSharedMemoryHandle in Mojo in Google
Chrome ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6062
- RESERVED
+CVE-2018-6062 (Heap overflow write in Skia in Google Chrome prior to
65.0.3325.146 ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6061
- RESERVED
+CVE-2018-6061 (A race in the handling of SharedArrayBuffers in WebAssembly in
Google ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- libv8 <unfixed> (unimportant)
NOTE: libv8 not covered by security support
-CVE-2018-6060
- RESERVED
+CVE-2018-6060 (Use after free in WebAudio in Google Chrome prior to
65.0.3325.146 ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -35398,8 +35475,7 @@ CVE-2018-6059
CVE-2018-6058
RESERVED
- chromium-browser <not-affected> (Chromium doesn't bundle Flash)
-CVE-2018-6057
- RESERVED
+CVE-2018-6057 (Lack of special casing of Android ashmem in Google Chrome prior
to ...)
{DSA-4182-1}
- chromium-browser 65.0.3325.146-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -37054,8 +37130,8 @@ CVE-2018-5497
RESERVED
CVE-2018-5496
RESERVED
-CVE-2018-5495
- RESERVED
+CVE-2018-5495 (All StorageGRID Webscale versions are susceptible to a
vulnerability ...)
+ TODO: check
CVE-2018-5494
RESERVED
CVE-2018-5493
@@ -41877,14 +41953,14 @@ CVE-2018-3701
RESERVED
CVE-2018-3700
RESERVED
-CVE-2018-3699
- RESERVED
-CVE-2018-3698
- RESERVED
-CVE-2018-3697
- RESERVED
-CVE-2018-3696
- RESERVED
+CVE-2018-3699 (Cross-site scripting in the Intel RAID Web Console v3 for
Windows may ...)
+ TODO: check
+CVE-2018-3698 (Improper file permissions in the installer for the Intel Ready
Mode ...)
+ TODO: check
+CVE-2018-3697 (Improper directory permissions in the installer for the Intel
Media ...)
+ TODO: check
+CVE-2018-3696 (Authentication bypass in the Intel RAID Web Console 3 for
Windows ...)
+ TODO: check
CVE-2018-3695
RESERVED
CVE-2018-3694
@@ -42045,8 +42121,8 @@ CVE-2018-3637
RESERVED
CVE-2018-3636
RESERVED
-CVE-2018-3635
- RESERVED
+CVE-2018-3635 (Insufficient input validation in installer in Intel Rapid Store
...)
+ TODO: check
CVE-2018-3634 (Parameter corruption in NDIS filter driver in Intel Online
Connect ...)
NOT-FOR-US: Intel
CVE-2018-3633
@@ -42073,8 +42149,8 @@ CVE-2018-3623
RESERVED
CVE-2018-3622
RESERVED
-CVE-2018-3621
- RESERVED
+CVE-2018-3621 (Insufficient input validation in the Intel Driver & Support
Assistant ...)
+ TODO: check
CVE-2018-3620 (Systems with microprocessors utilizing speculative execution
and ...)
{DSA-4279-1 DSA-4274-1 DLA-1529-1 DLA-1481-1}
- linux 4.17.15-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/067357b1662c04f9475edee9c7bd147e2e7ec605
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/067357b1662c04f9475edee9c7bd147e2e7ec605
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
