Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1afb0f07 by security tracker role at 2018-12-11T08:10:15Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,49 @@
+CVE-2018-20051 (Mishandling of '>' on the Jooan JA-Q1H Wi-Fi camera with
firmware ...)
+ TODO: check
+CVE-2018-20050 (Mishandling of an empty string on the Jooan JA-Q1H Wi-Fi
camera with ...)
+ TODO: check
+CVE-2018-20049
+ RESERVED
+CVE-2018-20048
+ RESERVED
+CVE-2018-20047
+ RESERVED
+CVE-2018-20046
+ RESERVED
+CVE-2018-20045
+ RESERVED
+CVE-2018-20044
+ RESERVED
+CVE-2018-20043
+ RESERVED
+CVE-2018-20042
+ RESERVED
+CVE-2018-20041
+ RESERVED
+CVE-2018-20040
+ RESERVED
+CVE-2018-20039
+ RESERVED
+CVE-2018-20038
+ RESERVED
+CVE-2018-20037
+ RESERVED
+CVE-2018-20036
+ RESERVED
+CVE-2018-20035
+ RESERVED
+CVE-2018-20034
+ RESERVED
+CVE-2018-20033
+ RESERVED
+CVE-2018-20032
+ RESERVED
+CVE-2018-20031
+ RESERVED
+CVE-2018-20030
+ RESERVED
+CVE-2018-20029 (The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine
before ...)
+ TODO: check
CVE-2019-2394
RESERVED
CVE-2019-2393
@@ -1815,6 +1861,7 @@ CVE-2018-19960 (The debug_mode function in web/web.py in
OnionShare through 1.3.
- onionshare <unfixed> (bug #915859)
[jessie] - onionshare <no-dsa> (contrib not supported)
CVE-2018-19935 (ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows
remote ...)
+ {DSA-4353-1}
- php7.3 7.3.0-1
- php7.2 <removed>
- php7.0 <removed>
@@ -5763,6 +5810,7 @@ CVE-2018-19475 (psi/zdevice2.c in Artifex Ghostscript
before 9.26 allows remote
NOTE:
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=aeea342904978c9fe17d85f4906a0f6fcce2d315
(master)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700153
CVE-2018-19518 (University of Washington IMAP Toolkit 2007f on UNIX, as used
in ...)
+ {DSA-4353-1}
- php7.3 7.3.0-1 (bug #913775)
- php7.2 <removed> (bug #913835)
- php7.0 <removed> (bug #913836)
@@ -12019,7 +12067,7 @@ CVE-2018-17084
CVE-2018-17083
RESERVED
CVE-2018-17082 (The Apache2 component in PHP before 5.6.38, 7.0.x before
7.0.32, 7.1.x ...)
- {DLA-1509-1}
+ {DSA-4353-1 DLA-1509-1}
- php7.3 7.3.0~rc2-1
- php7.2 <unfixed>
- php7.1 <removed>
@@ -15422,7 +15470,7 @@ CVE-2018-15759 (Pivotal Cloud Foundry On Demand
Services SDK, versions prior to
CVE-2018-15758 (Spring Security OAuth, versions 2.3 prior to 2.3.4, and 2.2
prior to ...)
NOT-FOR-US: Spring Security OAuth
CVE-2018-15757
- RESERVED
+ REJECTED
CVE-2018-15756 (Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10,
...)
- libspring-java <unfixed> (bug #911786)
[jessie] - libspring-java <not-affected> (vulnerable code introduced in
later version)
@@ -17434,7 +17482,7 @@ CVE-2018-14884 (An issue was discovered in PHP 7.0.x
before 7.0.27, 7.1.x before
NOTE: Fixed by:
https://github.com/php/php-src/commit/0e097f2c96ce31b16fa371981045f224e5a37160
NOTE: Introduced in:
https://github.com/php/php-src/commit/5146d9f8ac170d8ba7109370d732d56dc0777578
CVE-2018-14883 (An issue was discovered in PHP before 5.6.37, 7.0.x before
7.0.31, ...)
- {DLA-1490-1}
+ {DSA-4353-1 DLA-1490-1}
- php7.2 7.2.8-1
- php7.1 7.1.20-1
- php7.0 7.0.31-1
@@ -17521,7 +17569,7 @@ CVE-2018-14853
CVE-2018-14852
RESERVED
CVE-2018-14851 (exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before
5.6.37, ...)
- {DLA-1490-1}
+ {DSA-4353-1 DLA-1490-1}
- php7.2 7.2.8-1
- php7.1 7.1.20-1
- php7.0 7.0.31-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1afb0f074dc87d51bc7bd2ac0ccdb3daaab48489
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1afb0f074dc87d51bc7bd2ac0ccdb3daaab48489
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
