[Git][security-tracker-team/security-tracker][master] automatic update

Mon, 14 Jan 2019 00:10:33 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f02017e2 by security tracker role at 2019-01-14T08:10:16Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2019-6258
+       RESERVED
+CVE-2019-6257 (A Server Side Request Forgery (SSRF) vulnerability in elFinder 
before ...)
+       TODO: check
+CVE-2019-6256 (A Denial of Service issue was discovered in the LIVE555 
Streaming Media ...)
+       TODO: check
+CVE-2019-6255
+       RESERVED
+CVE-2019-6254
+       RESERVED
+CVE-2019-6253
+       RESERVED
+CVE-2019-6252
+       RESERVED
+CVE-2019-6251 (embed/ephy-web-view.c in GNOME Web (aka Epiphany) through 
3.31.4 allows ...)
+       TODO: check
 CVE-2019-6249 (An issue was discovered in HuCart v5.7.4. There is a CSRF 
vulnerability ...)
        TODO: check
 CVE-2019-6250 (A pointer overflow, with code execution, was discovered in 
ZeroMQ ...)
@@ -22622,6 +22638,7 @@ CVE-2018-16867 (A flaw was found in qemu Media Transfer 
Protocol (MTP) before ve
        NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg00390.html
        NOTE: 
https://git.qemu.org/?p=qemu.git;a=commit;h=c52d46e041b42bb1ee6f692e00a0abe37a9659f6
 (master)
 CVE-2018-16866 (An out of bounds read was discovered in systemd-journald in 
the way it ...)
+       {DSA-4367-1}
        - systemd 240-1
        NOTE: Introduced in: 
https://github.com/systemd/systemd/commit/ec5ff4445cca6a1d786b8da36cf6fe0acc0b94c8
 (v221)
        NOTE: Fixed by: 
https://github.com/systemd/systemd/commit/a6aadf4ae0bae185dc4c414d492a4a781c80ffe5
 (v240) [1/2]
@@ -22629,6 +22646,7 @@ CVE-2018-16866 (An out of bounds read was discovered in 
systemd-journald in the
        NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
        NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
 CVE-2018-16865 (An allocation of memory without limits, that could result in 
the stack ...)
+       {DSA-4367-1}
        - systemd 240-4 (bug #918848)
        NOTE: Intorduced in: 
https://github.com/systemd/systemd/commit/cf244689e9d1ab50082c9ddd0f3c4d1eb982badc
 (v38)
        NOTE: Exploitable since: 
https://github.com/systemd/systemd/commit/c4aa09b06f835c91cea9e021df4c3605cff2318d
 (v201)
@@ -22638,6 +22656,7 @@ CVE-2018-16865 (An allocation of memory without limits, 
that could result in the
        NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
        NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
 CVE-2018-16864 (An allocation of memory without limits, that could result in 
the stack ...)
+       {DSA-4367-1}
        - systemd 240-4 (bug #918841)
        NOTE: Introduced in: 
https://github.com/systemd/systemd/commit/ae018d9bc900d6355dea4af05119b49c67945184
 (v203)
        NOTE: Exploitable since: 
https://github.com/systemd/systemd/commit/ac2e41f5103ce2c679089c4f8fb6be61d7caec07
 (v230)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f02017e2cfa753314608369690eff82cfb28621e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f02017e2cfa753314608369690eff82cfb28621e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to