[Git][security-tracker-team/security-tracker][master] automatic update

Sat, 12 Jan 2019 00:11:21 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4d3cd4dd by security tracker role at 2019-01-12T08:10:14Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2019-6244 (An issue was discovered in UsualToolCMS 8.0. ...)
+       TODO: check
+CVE-2019-6243 (Frog CMS 0.9.5 allows XSS via the forgot password page (aka the 
...)
+       TODO: check
+CVE-2019-6242
+       RESERVED
+CVE-2019-6241
+       RESERVED
+CVE-2019-6240
+       RESERVED
+CVE-2018-20699 (Docker Engine before 18.09 allows attackers to cause a denial 
of ...)
+       TODO: check
 CVE-2019-6239
        RESERVED
 CVE-2019-6238
@@ -5095,8 +5107,8 @@ CVE-2019-3804 [Crash when parsing invalid base64 headers]
        - cockpit 184-1
        NOTE: https://github.com/cockpit-project/cockpit/pull/10819
        NOTE: https://github.com/cockpit-project/cockpit/commit/c51f6177576d7e12
-CVE-2019-3803
-       RESERVED
+CVE-2019-3803 (Pivotal Concourse, all versions prior to 4.2.2, puts the user 
access ...)
+       TODO: check
 CVE-2019-3802
        RESERVED
 CVE-2019-3801
@@ -22563,8 +22575,7 @@ CVE-2018-16866 (An out of bounds read was discovered in 
systemd-journald in the
        NOTE: Fixed by: 
https://github.com/systemd/systemd/commit/8595102d3ddde6d25c282f965573a6de34ab4421
 (v240) [2/2]
        NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
        NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
-CVE-2018-16865 [memory corruption]
-       RESERVED
+CVE-2018-16865 (An allocation of memory without limits, that could result in 
the stack ...)
        - systemd <unfixed> (bug #918848)
        NOTE: Intorduced in: 
https://github.com/systemd/systemd/commit/cf244689e9d1ab50082c9ddd0f3c4d1eb982badc
 (v38)
        NOTE: Exploitable since: 
https://github.com/systemd/systemd/commit/c4aa09b06f835c91cea9e021df4c3605cff2318d
 (v201)
@@ -22573,8 +22584,7 @@ CVE-2018-16865 [memory corruption]
        NOTE: Fixes for master: https://github.com/systemd/systemd/pull/11374
        NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
        NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
-CVE-2018-16864 [memory corruption]
-       RESERVED
+CVE-2018-16864 (An allocation of memory without limits, that could result in 
the stack ...)
        - systemd <unfixed> (bug #918841)
        NOTE: Introduced in: 
https://github.com/systemd/systemd/commit/ae018d9bc900d6355dea4af05119b49c67945184
 (v203)
        NOTE: Exploitable since: 
https://github.com/systemd/systemd/commit/ac2e41f5103ce2c679089c4f8fb6be61d7caec07
 (v230)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4d3cd4ddf8d5aae38f8294b3b1f3729e2e7a4bc3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4d3cd4ddf8d5aae38f8294b3b1f3729e2e7a4bc3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to