Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dbc65f1f by security tracker role at 2018-12-22T20:10:18Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2018-20367 (The "mall some commodity details: commodity
consultation" component in ...)
+ TODO: check
+CVE-2018-20366
+ RESERVED
+CVE-2018-20365 (LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer
overflow. ...)
+ TODO: check
+CVE-2018-20364 (LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a
NULL ...)
+ TODO: check
+CVE-2018-20363 (LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a
NULL pointer ...)
+ TODO: check
+CVE-2018-20362 (A NULL pointer dereference was discovered in ifilter_bank of
...)
+ TODO: check
+CVE-2018-20361 (An invalid memory address dereference was discovered in the
hf_assembly ...)
+ TODO: check
+CVE-2018-20360 (An invalid memory address dereference was discovered in the
...)
+ TODO: check
+CVE-2018-20359 (An invalid memory address dereference was discovered in the
...)
+ TODO: check
+CVE-2018-20358 (An invalid memory address dereference was discovered in the
...)
+ TODO: check
+CVE-2018-20357 (A NULL pointer dereference was discovered in
sbr_process_channel of ...)
+ TODO: check
+CVE-2018-20356
+ RESERVED
+CVE-2018-20355
+ RESERVED
+CVE-2018-20354
+ RESERVED
+CVE-2018-20353
+ RESERVED
+CVE-2018-20352
+ RESERVED
CVE-2018-20351 (The Markdown component in Evernote (Chinese) before 8.3.2 on
macOS ...)
TODO: check
CVE-2018-20350
@@ -5119,8 +5151,8 @@ CVE-2018-19865 (A keystroke logging issue was discovered
in Virtual Keyboard in
TODO: check for completeness
CVE-2018-19864 (NUUO NVRmini2 Network Video Recorder firmware through 3.9.1
allows ...)
NOT-FOR-US: NUUO NVRmini2 Network Video Recorder firmware
-CVE-2018-19863
- RESERVED
+CVE-2018-19863 (An issue was discovered in 1Password 7.2.3.BETA before
7.2.3.BETA-3 on ...)
+ TODO: check
CVE-2018-19862
RESERVED
CVE-2018-19861
@@ -21982,6 +22014,7 @@ CVE-2018-14424 (The daemon in GDM through 3.29.1 does
not properly unexport disp
NOTE:
https://gitlab.gnome.org/GNOME/gdm/commit/6060db704a19b0db68f2e9e6a2d020c0c78b6bba
NOTE:
https://gitlab.gnome.org/GNOME/gdm/commit/765b306c364885dd89d47fe9fe8618ce6a467bc1
CVE-2018-14423 (Division-by-zero vulnerabilities in the functions
pi_next_pcrl, ...)
+ {DLA-1614-1}
- openjpeg2 <unfixed> (low; bug #904873)
[stretch] - openjpeg2 <ignored> (Minor issue)
NOTE: https://github.com/uclouvain/openjpeg/issues/1123
@@ -43027,6 +43060,7 @@ CVE-2018-6618 (Easy Hosting Control Panel (EHCP)
v0.37.12.b allows attackers to
CVE-2018-6617 (Easy Hosting Control Panel (EHCP) v0.37.12.b, when using a
local MySQL ...)
NOT-FOR-US: Easy Hosting Control Panel (EHCP)
CVE-2018-6616 (In OpenJPEG 2.3.0, there is excessive iteration in the ...)
+ {DLA-1614-1}
- openjpeg2 <unfixed> (bug #889683)
NOTE: https://github.com/uclouvain/openjpeg/issues/1059
NOTE:
https://github.com/uclouvain/openjpeg/commit/8ee335227bbcaf1614124046aa25e53d67b11ec3
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/dbc65f1f4f808e83ec3b37de786c620e00672a40
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/dbc65f1f4f808e83ec3b37de786c620e00672a40
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
