Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
371131a2 by security tracker role at 2018-12-27T20:10:22Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,56 @@
-CVE-2018-20511 [net/appletalk: fix minor pointer leak to userspace in
SIOCFINDIPDDPRT]
+CVE-2018-20530 (PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a
Profile ...)
+ TODO: check
+CVE-2018-20529
+ RESERVED
+CVE-2018-20528 (JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile
parameter. ...)
+ TODO: check
+CVE-2018-20527
+ RESERVED
+CVE-2018-20526
+ RESERVED
+CVE-2018-20525
+ RESERVED
+CVE-2018-20524 (The Chat Anywhere extension 2.4.0 for Chrome allows XSS via
crafted use ...)
+ TODO: check
+CVE-2018-20523
+ RESERVED
+CVE-2018-20522
+ RESERVED
+CVE-2018-20521
+ RESERVED
+CVE-2018-20520 (MiniCMS V1.10 has XSS via the mc-admin/post-edit.php query
string, a ...)
+ TODO: check
+CVE-2018-20519 (An issue was discovered in 74cms v4.2.111. It allows remote
...)
+ TODO: check
+CVE-2018-20518
+ RESERVED
+CVE-2018-20517
+ RESERVED
+CVE-2018-20516
+ RESERVED
+CVE-2018-20515
+ RESERVED
+CVE-2018-20514
+ RESERVED
+CVE-2018-20513
+ RESERVED
+CVE-2018-20512
+ RESERVED
+CVE-2018-20510
+ RESERVED
+CVE-2018-20509
+ RESERVED
+CVE-2018-20508 (CrashFix 1.0.4 has SQL Injection via the User[status]
parameter. This ...)
+ TODO: check
+CVE-2018-1000890 (FrontAccounting 2.4.5 contains a Time Based Blind SQL
Injection ...)
+ TODO: check
+CVE-2018-1000889 (Logisim Evolution version 2.14.3 and earlier contains an XML
External ...)
+ TODO: check
+CVE-2018-1000888 (PEAR Archive_Tar version 1.4.3 and earlier contains a
CWE-502, CWE-915 ...)
+ TODO: check
+CVE-2018-1000887 (Peel shopping peel-shopping_9_1_0 version contains a Cross
Site ...)
+ TODO: check
+CVE-2018-20511 (An issue was discovered in the Linux kernel before 4.18.11.
The ...)
- linux 4.18.20-1
[stretch] - linux 4.9.130-1
NOTE: Fixed by:
https://git.kernel.org/linus/9824dfae5741275473a23a7ed5756c7b6efacc9d (4.19-rc5)
@@ -493,6 +545,7 @@ CVE-2018-1000882 (WeBid version up to current version 1.2.2
contains a Directory
CVE-2018-1000881 (Traccar Traccar Server version 4.0 and earlier contains a
CWE-94: ...)
NOT-FOR-US: Traccar Traccar Server
CVE-2018-1000880 (libarchive version commit
9693801580c0cf7c70e862d305270a16b52826a7 ...)
+ {DSA-4360-1}
- libarchive 3.3.3-2 (bug #916960)
[jessie] - libarchive <not-affected> (Vulnerable code introduced later)
NOTE: https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
@@ -508,14 +561,14 @@ CVE-2018-1000879 (libarchive version commit
379867ecb330b3a952fb7bfa7bffb7bbd554
NOTE: Introduced in:
https://github.com/libarchive/libarchive/commit/379867ecb330b3a952fb7bfa7bffb7bbd5547205
(3.3.0)
NOTE: Fixed by:
https://github.com/libarchive/libarchive/commit/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175
CVE-2018-1000878 (libarchive version commit
416694915449219d505531b1096384f3237dd6cc ...)
- {DLA-1612-1}
+ {DSA-4360-1 DLA-1612-1}
- libarchive 3.3.3-2 (bug #916963)
NOTE: https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
NOTE: https://github.com/libarchive/libarchive/pull/1105
NOTE: Introduced after:
https://github.com/libarchive/libarchive/commit/416694915449219d505531b1096384f3237dd6cc
NOTE: Fixed by:
https://github.com/libarchive/libarchive/commit/bfcfe6f04ed20db2504db8a254d1f40a1d84eb28
CVE-2018-1000877 (libarchive version commit
416694915449219d505531b1096384f3237dd6cc ...)
- {DLA-1612-1}
+ {DSA-4360-1 DLA-1612-1}
- libarchive 3.3.3-2 (bug #916964)
NOTE: https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
NOTE: https://github.com/libarchive/libarchive/pull/1105
@@ -972,6 +1025,7 @@ CVE-2018-20190 (In LibSass 3.5.5, a NULL Pointer
Dereference in the function ...
[stretch] - libsass <no-dsa> (Minor issue)
NOTE: https://github.com/sass/libsass/issues/2786
CVE-2018-20189 (In GraphicsMagick 1.3.31, the ReadDIBImage function of
coders/dib.c has ...)
+ {DLA-1619-1}
- graphicsmagick 1.4~hg15873-1 (bug #916752)
NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/648e2b406589
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/585/
@@ -982,10 +1036,12 @@ CVE-2018-20187
CVE-2018-20186 (An issue was discovered in Bento4 1.5.1-627.
AP4_Sample::ReadData in ...)
NOT-FOR-US: Bento4
CVE-2018-20185 (In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit
platforms, there ...)
+ {DLA-1619-1}
- graphicsmagick 1.4~hg15873-1 (bug #916719)
NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/648e3977a293
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/582/
CVE-2018-20184 (In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a
heap-based ...)
+ {DLA-1619-1}
- graphicsmagick 1.4~hg15873-1 (bug #916721)
NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/15d1b5fd003b
NOTE: upstream patch contains unrelated refactoring, trimmed down
version available on the Debian bug report
@@ -6148,38 +6204,45 @@ CVE-2018-19630 (cgi_handle_request in uhttpd in OpenWrt
through 18.06.1 and LEDE
CVE-2018-19629
RESERVED
CVE-2018-19628 (In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could
crash. This ...)
+ {DSA-4359-1}
- wireshark 2.6.5-1
[jessie] - wireshark <not-affected> (Vulnerable code not present,
zigbee color control support added in v2.1.0)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15281
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=212b18825d9b668cda23d334c48867dfa66b2b36
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-57.html
CVE-2018-19627 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the
IxVeriWave file ...)
+ {DSA-4359-1}
- wireshark 2.6.5-1
[jessie] - wireshark <not-affected> (Vulnerable code not present,
variable buffer to find_signature introduced in 2.4.0 with OCTO support)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15279
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bdc33cfaecb1b4cf2c114ed9015713ddf8569a60
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-55.html
CVE-2018-19626 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM
dissector ...)
+ {DSA-4359-1}
- wireshark 2.6.5-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15130
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c5a65115ebab55cfd5ce0a855c2256e01cab6449
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-52.html
CVE-2018-19625 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the
dissection engine ...)
+ {DSA-4359-1}
- wireshark 2.6.5-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14466
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=dc4d209f39132a4ae05675a11609176ae9705cfc
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-51.html
CVE-2018-19624 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS
dissector ...)
+ {DSA-4359-1}
- wireshark 2.6.5-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15280
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3e319db1107b08fc3be804b6d449143ec9aa0dec
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-56.html
CVE-2018-19623 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM
dissector ...)
+ {DSA-4359-1}
- wireshark 2.6.5-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15132
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9c8645ec7b28e4d7193962ecd2a418613bf6a84f
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-53.html
CVE-2018-19622 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE
dissector ...)
+ {DSA-4359-1}
- wireshark 2.6.5-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15250
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3b7555d32d11862f0e500ec466ad6bfe54190076
@@ -9171,7 +9234,7 @@ CVE-2018-19479
RESERVED
CVE-2018-19478 [Attempting to open a carefully crafted PDF file results in
long-running computation]
RESERVED
- {DSA-4346-1}
+ {DSA-4346-1 DLA-1620-1}
- ghostscript 9.26~dfsg-1
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699856
NOTE:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0a7e5a1c309fa0911b892fa40996a7d55d90bace
@@ -10333,7 +10396,7 @@ CVE-2018-19136 (DomainMOD through 4.11.01 has XSS via
the ...)
CVE-2018-19135 (ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder
file ...)
NOT-FOR-US: ClipperCMS
CVE-2018-19134 (In Artifex Ghostscript through 9.25, the setpattern operator
did not ...)
- {DSA-4346-1}
+ {DSA-4346-1 DLA-1620-1}
- ghostscript 9.26~dfsg-1
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700141
NOTE:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=693baf02152119af6e6afd30bb8ec76d14f84bbf
(master)
@@ -12763,18 +12826,21 @@ CVE-2018-18229
CVE-2018-18228
RESERVED
CVE-2018-18227 (In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP
protocol ...)
+ {DSA-4359-1}
- wireshark 2.6.4-1
[jessie] - wireshark <not-affected> (Vulnerable code not present, mswsp
support added in v1.99.9)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15119
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d443be449a52f95df5754adc39e1f3472fec2f03
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-47.html
CVE-2018-18226 (In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector
could ...)
+ {DSA-4359-1}
- wireshark 2.6.4-1
[jessie] - wireshark <not-affected> (Vulnerable code not present)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15171
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6e920ddc3cad2886ef07ca1a8e50e2a5c50986f7
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-48.html
CVE-2018-18225 (In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash.
This was ...)
+ {DSA-4359-1}
- wireshark 2.6.4-1
[jessie] - wireshark <not-affected> (Vulnerable code not present,
2.31-continue-code added in v2.1.0)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15172
@@ -28425,6 +28491,7 @@ CVE-2018-12088 (S3QL before 2.27 mishandles
checksumming, and consequently allow
CVE-2018-12087 (Failure to validate certificates in OPC Foundation UA Client
...)
NOT-FOR-US: OPC UA
CVE-2018-12086 (Buffer overflow in OPC UA applications allows remote attackers
to ...)
+ {DSA-4359-1}
- wireshark 2.6.4-1
[jessie] - wireshark <ignored> (changes are too intrusive to backport)
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-50.html
@@ -51961,6 +52028,7 @@ CVE-2018-3741 (There is a possible XSS vulnerability in
all rails-html-sanitizer
- ruby-rails-html-sanitizer 1.0.4-1 (bug #893994)
NOTE:
https://github.com/rails/rails-html-sanitizer/commit/f3ba1a839a35f2ba7f941c15e239a1cb379d56ae
CVE-2018-3740 (A specially crafted HTML fragment can cause Sanitize gem for
Ruby to ...)
+ {DSA-4358-1}
[experimental] - ruby-sanitize 4.6.5-1
- ruby-sanitize 4.6.6-1 (bug #893610)
[jessie] - ruby-sanitize <ignored> (Only occurs with libxml2 >= 2.9.2,
jessie has 2.9.1)
@@ -71230,19 +71298,19 @@ CVE-2017-14504 (ReadPNMImage in coders/pnm.c in
GraphicsMagick 1.3.26 does not e
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/465/
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/466/
CVE-2017-14503 (libarchive 3.3.2 suffers from an out-of-bounds read within ...)
- {DLA-1600-1}
+ {DSA-4360-1 DLA-1600-1}
- libarchive 3.2.2-4.1 (bug #875960)
[wheezy] - libarchive <no-dsa> (Minor issue)
NOTE: https://github.com/libarchive/libarchive/issues/948
NOTE:
https://github.com/libarchive/libarchive/commit/2c8c83b9731ff822fad6cc8c670ea5519c366a14
CVE-2017-14502 (read_header in archive_read_support_format_rar.c in libarchive
3.3.2 ...)
- {DLA-1600-1}
+ {DSA-4360-1 DLA-1600-1}
- libarchive 3.2.2-4.1 (bug #875974)
[wheezy] - libarchive <no-dsa> (Minor issue)
NOTE:
https://github.com/libarchive/libarchive/commit/5562545b5562f6d12a4ef991fae158bf4ccf92b6
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=573
CVE-2017-14501 (An out-of-bounds read flaw exists in parse_file_info in ...)
- {DLA-1600-1}
+ {DSA-4360-1 DLA-1600-1}
- libarchive 3.2.2-4.2 (bug #875966)
[wheezy] - libarchive <no-dsa> (Minor issue)
NOTE: https://github.com/libarchive/libarchive/issues/949
@@ -72257,7 +72325,7 @@ CVE-2017-14162
CVE-2017-14161
RESERVED
CVE-2017-14166 (libarchive 3.3.2 allows remote attackers to cause a denial of
service ...)
- {DLA-1600-1 DLA-1092-1}
+ {DSA-4360-1 DLA-1600-1 DLA-1092-1}
- libarchive 3.2.2-3.1 (bug #874539)
NOTE: http://www.openwall.com/lists/oss-security/2017/09/06/5
NOTE:
https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71
@@ -89795,12 +89863,12 @@ CVE-2016-10351 (Telegram Desktop 0.10.19 uses 0755
permissions for ...)
- telegram-desktop 1.1.19-2
NOTE: https://github.com/telegramdesktop/tdesktop/issues/2666
CVE-2016-10350 (The archive_read_format_cab_read_header function in ...)
- {DLA-1600-1 DLA-1006-1}
+ {DSA-4360-1 DLA-1600-1 DLA-1006-1}
- libarchive 3.2.2-3.1 (bug #861609)
NOTE: https://github.com/libarchive/libarchive/issues/835
NOTE: Fixed by:
https://github.com/libarchive/libarchive/commit/88eb9e1d73fef46f04677c25b1697b8e25777ed3
(v3.3.0)
CVE-2016-10349 (The archive_le32dec function in archive_endian.h in libarchive
3.2.2 ...)
- {DLA-1600-1 DLA-1006-1}
+ {DSA-4360-1 DLA-1600-1 DLA-1006-1}
- libarchive 3.2.2-3.1 (bug #861609)
NOTE: https://github.com/libarchive/libarchive/issues/834
NOTE: Fixed by:
https://github.com/libarchive/libarchive/commit/88eb9e1d73fef46f04677c25b1697b8e25777ed3
(v3.3.0)
@@ -97700,7 +97768,7 @@ CVE-2016-10210 (libyara/lexer.l in YARA 3.5.0 allows
remote attackers to cause a
[jessie] - yara 3.1.0-2+deb8u1
NOTE: https://github.com/VirusTotal/yara/issues/576
CVE-2016-10209 (The archive_wstring_append_from_mbs function in
archive_string.c in ...)
- {DLA-1600-1 DLA-1006-1}
+ {DSA-4360-1 DLA-1600-1 DLA-1006-1}
- libarchive 3.2.2-3.1 (low; bug #859456)
NOTE: https://github.com/libarchive/libarchive/issues/842
NOTE: Fixed by:
https://github.com/libarchive/libarchive/commit/42a3408ac7df1e69bea9ea12b72e14f59f7400c0
(v3.3.0)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/371131a2301e087fd82377fb1af3995fb11dfa6f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/371131a2301e087fd82377fb1af3995fb11dfa6f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
