[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Fri, 23 Nov 2018 12:11:30 -0800

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
bf6d43a3 by security tracker role at 2018-11-23T20:10:20Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,53 @@
+CVE-2018-19504 (An issue was discovered in Freeware Advanced Audio Decoder 2 
(FAAD2) ...)
+       TODO: check
+CVE-2018-19503 (An issue was discovered in Freeware Advanced Audio Decoder 2 
(FAAD2) ...)
+       TODO: check
+CVE-2018-19502 (An issue was discovered in Freeware Advanced Audio Decoder 2 
(FAAD2) ...)
+       TODO: check
+CVE-2018-19501
+       RESERVED
+CVE-2018-19500
+       RESERVED
+CVE-2018-19499 (Vanilla before 2.5.5 and 2.6.x before 2.6.2 allows Remote Code 
...)
+       TODO: check
+CVE-2018-19498
+       RESERVED
+CVE-2018-19497
+       RESERVED
+CVE-2018-19496
+       RESERVED
+CVE-2018-19495
+       RESERVED
+CVE-2018-19494
+       RESERVED
+CVE-2018-19493
+       RESERVED
+CVE-2018-19492 (An issue was discovered in cairo.trm in Gnuplot 5.2.5. This 
issue ...)
+       TODO: check
+CVE-2018-19491 (An issue was discovered in post.trm in Gnuplot 5.2.5. This 
issue allows ...)
+       TODO: check
+CVE-2018-19490 (An issue was discovered in datafile.c in Gnuplot 5.2.5. This 
issue ...)
+       TODO: check
+CVE-2018-19489
+       RESERVED
+CVE-2018-19488
+       RESERVED
+CVE-2018-19487
+       RESERVED
+CVE-2018-19485
+       RESERVED
+CVE-2018-19484
+       RESERVED
+CVE-2018-19483
+       RESERVED
+CVE-2018-19482
+       RESERVED
+CVE-2018-19481
+       RESERVED
+CVE-2018-19480
+       RESERVED
+CVE-2018-19479
+       RESERVED
 CVE-2018-19478
        RESERVED
 CVE-2018-19474
@@ -40,7 +90,7 @@ CVE-2018-19456
        RESERVED
 CVE-2018-19455
        RESERVED
-CVE-2018-19486 [run-command: do not fall back to cwd when command is not in 
$PATH]
+CVE-2018-19486 (Git before 2.19.2 on Linux and UNIX executes commands from the 
current ...)
        - git 1:2.19.2-1
        [stretch] - git <not-affected> (Vulnerable code introduced later)
        [jessie] - git <not-affected> (Vulnerable code introduced later)
@@ -449,6 +499,7 @@ CVE-2018-19298
 CVE-2018-19297
        RESERVED
 CVE-2018-19296 (PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to 
an object ...)
+       {DLA-1591-1}
        - libphp-phpmailer <unfixed> (bug #913912)
        NOTE: 
https://github.com/PHPMailer/PHPMailer/commit/f1231a9771505f4f34da060390d82eadb8448271
 CVE-2018-19295
@@ -1148,6 +1199,7 @@ CVE-2018-19122 (An issue has been found in libIEC61850 
v1.3. It is a NULL pointe
 CVE-2018-19121 (An issue has been found in libIEC61850 v1.3. It is a SEGV in 
...)
        NOT-FOR-US: libIEC61850
 CVE-2018-19141 (Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 
5.0.x before ...)
+       {DLA-1592-1}
        - otrs2 6.0.1-1
        NOTE: 
https://community.otrs.com/security-advisory-2018-09-security-update-for-otrs-framework/
        NOTE: Only the 4.x and 5.x series are affected (and possibly earlier 
versions).
@@ -1158,6 +1210,7 @@ CVE-2018-19142 (Open Ticket Request System (OTRS) 6.0.x 
before 6.0.13 allows an
        [jessie] - otrs2 <not-affected> (Only affects 6.x)
        NOTE: 
https://community.otrs.com/security-advisory-2018-08-security-update-for-otrs-framework/
 CVE-2018-19143 (Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x 
before ...)
+       {DLA-1592-1}
        - otrs2 6.0.13-1
        NOTE: 
https://community.otrs.com/security-advisory-2018-07-security-update-for-otrs-framework/
 CVE-2018-19120 [HTML Thumbnailer automatic remote file access]
@@ -41546,7 +41599,7 @@ CVE-2018-4015
 CVE-2018-4014
        RESERVED
 CVE-2018-4013 (An exploitable code execution vulnerability exists in the HTTP 
...)
-       {DLA-1582-1}
+       {DSA-4343-1 DLA-1582-1}
        - liblivemedia 2018.10.17-1
        NOTE: 
http://lists.live555.com/pipermail/live-devel/2018-October/021071.html
        NOTE: 
https://talosintelligence.com/vulnerability_reports/TALOS-2018-0684
@@ -90757,7 +90810,7 @@ CVE-2017-5225 (LibTIFF version 4.0.7 is vulnerable to a 
heap buffer overflow in
 CVE-2017-5224
        RESERVED
 CVE-2017-5223 (An issue was discovered in PHPMailer before 5.2.22. PHPMailer's 
msgHTML ...)
-       {DLA-817-1}
+       {DLA-1591-1 DLA-817-1}
        - libphp-phpmailer 5.2.14+dfsg-2.3 (bug #853232)
        NOTE: Fixed by: 
https://github.com/PHPMailer/PHPMailer/commit/ad4cb09682682da2217799a0c521d4cdc6753402
 (v5.2.22)
        NOTE: 
http://kalilinux.co/2017/01/12/phpmailer-cve-2017-5223-local-information-disclosure-vulnerability-analysis/



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bf6d43a3556dd45fca97dd004e20e82ac475166e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bf6d43a3556dd45fca97dd004e20e82ac475166e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to