Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
92cdaf58 by security tracker role at 2018-11-19T20:10:21Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2018-19365
+ RESERVED
+CVE-2018-19364
+ RESERVED
+CVE-2018-19363
+ RESERVED
+CVE-2018-19362
+ RESERVED
+CVE-2018-19361
+ RESERVED
+CVE-2018-19360
+ RESERVED
CVE-2018-19359
RESERVED
CVE-2018-19358 (GNOME Keyring through 3.28.2 allows local users to retrieve
login ...)
@@ -2284,8 +2296,8 @@ CVE-2018-18520 (An Invalid Memory Address Dereference
exists in the function elf
[jessie] - elfutils <no-dsa> (Minor issue)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23787
NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00057.html
-CVE-2018-18519
- RESERVED
+CVE-2018-18519 (BestXsoftware Best Free Keylogger 5.2.9 allows local users to
gain ...)
+ TODO: check
CVE-2018-18518
RESERVED
CVE-2018-18517 (Citrix NetScaler Gateway 10.5.x before 10.5.69.003, 11.1.x
before ...)
@@ -3433,6 +3445,7 @@ CVE-2018-18090
CVE-2018-18089
RESERVED
CVE-2018-18088 (OpenJPEG 2.3.0 has a NULL pointer dereference for
"red" in the ...)
+ {DLA-1579-1}
- openjpeg2 <unfixed> (low; bug #910763)
[stretch] - openjpeg2 <ignored> (Minor issue)
NOTE: https://github.com/uclouvain/openjpeg/issues/1152
@@ -5581,8 +5594,7 @@ CVE-2018-17192
RESERVED
CVE-2018-17191
RESERVED
-CVE-2018-17190
- RESERVED
+CVE-2018-17190 (In all versions of Apache Spark, its standalone resource
manager ...)
NOT-FOR-US: Apache Spark
CVE-2018-17189
RESERVED
@@ -9210,12 +9222,12 @@ CVE-2018-15763 (Pivotal Container Service, versions
prior to 1.2.0, contains an
NOT-FOR-US: Pivotal Container Service
CVE-2018-15762 (Pivotal Operations Manager, versions 2.0.x prior to 2.0.24,
versions ...)
NOT-FOR-US: Pivotal
-CVE-2018-15761
- RESERVED
+CVE-2018-15761 (Cloud Foundry UAA release, versions prior to v64.0, and UAA,
versions ...)
+ TODO: check
CVE-2018-15760
RESERVED
-CVE-2018-15759
- RESERVED
+CVE-2018-15759 (Pivotal Cloud Foundry On Demand Services SDK, versions prior
to 0.24 ...)
+ TODO: check
CVE-2018-15758 (Spring Security OAuth, versions 2.3 prior to 2.3.4, and 2.2
prior to ...)
NOT-FOR-US: Spring Security OAuth
CVE-2018-15757
@@ -26292,12 +26304,12 @@ CVE-2018-9211
RESERVED
CVE-2018-9210
RESERVED
-CVE-2018-9209
- RESERVED
+CVE-2018-9209 (Unauthenticated arbitrary file upload vulnerability in
FineUploader ...)
+ TODO: check
CVE-2018-9208 (Unauthenticated arbitrary file upload vulnerability in jQuery
Picture ...)
NOT-FOR-US: jQuery Picture
-CVE-2018-9207
- RESERVED
+CVE-2018-9207 (Arbitrary file upload in jQuery Upload File <= 4.0.2 ...)
+ TODO: check
CVE-2018-9206 (Unauthenticated arbitrary file upload vulnerability in Blueimp
...)
- libjs-jquery-file-upload 9.25.0-1
NOTE: https://github.com/blueimp/jQuery-File-Upload/pull/3514
@@ -47425,8 +47437,8 @@ CVE-2018-1843
RESERVED
CVE-2018-1842 (IBM Cognos Analytics 11 Configuration tool, under certain ...)
NOT-FOR-US: IBM
-CVE-2018-1841
- RESERVED
+CVE-2018-1841 (IBM Cloud Private 2.1.0 could allow a local user to obtain the
CA ...)
+ TODO: check
CVE-2018-1840
RESERVED
CVE-2018-1839
@@ -49042,6 +49054,7 @@ CVE-2017-17482 (An issue was discovered in OpenVMS
through V8.4-2L2 on Alpha and
CVE-2017-17481
RESERVED
CVE-2017-17480 (In OpenJPEG 2.3.0, a stack-based buffer overflow was
discovered in the ...)
+ {DLA-1579-1}
- openjpeg2 <unfixed> (bug #884738)
NOTE: https://github.com/uclouvain/openjpeg/issues/1044
NOTE:
https://github.com/uclouvain/openjpeg/commit/0bc90e4062a5f9258c91eca018c019b179066c62
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/92cdaf58f7424a50078942ddc9e6b98ea1e902dd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/92cdaf58f7424a50078942ddc9e6b98ea1e902dd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
