Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: d07d829f by Moritz Muehlenhoff at 2019-01-14T22:39:00Z new r-cran-readxl issues more retroctively assigned Chromium CVE IDs - - - - - 2 changed files: - data/CVE/list - data/DSA/list Changes: ===================================== data/CVE/list ===================================== @@ -6656,11 +6656,11 @@ CVE-2018-20454 (An issue was discovered in 74cms v4.2.111. ...) CVE-2018-20453 (The getlong function in numutils.c in libdoc through 2017-10-23 has a ...) TODO: check, potentially affects src:catdoc CVE-2018-20452 (The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid ...) - TODO: check, potentially affects src:r-cran-readxl + - r-cran-readxl <unfixed> (bug #919324) CVE-2018-20451 (The process_file function in reader.c in libdoc through 2017-10-23 has ...) TODO: check, potentially affects src:catdoc CVE-2018-20450 (The read_MSAT function in ole.c in libxls 1.4.0 has a double free that ...) - TODO: check, potentially affects src:r-cran-readxl + - r-cran-readxl <unfixed> (bug #919324) CVE-2018-20449 RESERVED CVE-2018-20448 (Frog CMS 0.9.5 has XSS via the Database name field to the ...) @@ -9850,19 +9850,20 @@ CVE-2018-20073 [chromium stores download meta data in extended attributes] CVE-2018-20072 RESERVED CVE-2018-20071 (Insufficiently strict origin checks during JIT payment app ...) - TODO: check + - chromium-browser 70.0.3538.67-1 + [jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020) CVE-2018-20070 (Incorrect handling of confusable characters in URL Formatter in Google ...) - TODO: check + - chromium 71.0.3578.80-1 CVE-2018-20069 (Failure to prevent navigation to top frame to data URLs in Navigation ...) - TODO: check + - chromium <not-affected> (Specific to iOS) CVE-2018-20068 (Incorrect handling of 304 status codes in Navigation in Google Chrome ...) - TODO: check + - chromium 71.0.3578.80-1 CVE-2018-20067 (A renderer initiated back navigation was incorrectly allowed to cancel ...) - TODO: check + - chromium 71.0.3578.80-1 CVE-2018-20066 (Incorrect object lifecycle in Extensions in Google Chrome prior to ...) - TODO: check + - chromium 71.0.3578.80-1 CVE-2018-20065 (Handling of URI action in PDFium in Google Chrome prior to ...) - TODO: check + - chromium 71.0.3578.80-1 CVE-2018-20064 (doorGets 7.0 allows remote attackers to write to arbitrary files via ...) NOT-FOR-US: doorGets CVE-2018-20063 ===================================== data/DSA/list ===================================== @@ -51,7 +51,7 @@ {CVE-2018-14851 CVE-2018-14883 CVE-2018-17082 CVE-2018-19518 CVE-2018-19935} [stretch] - php7.0 7.0.33-0+deb9u1 [07 Dec 2018] DSA-4352-1 chromium-browser - security update - {CVE-2018-17480 CVE-2018-17481 CVE-2018-18335 CVE-2018-18336 CVE-2018-18337 CVE-2018-18338 CVE-2018-18339 CVE-2018-18340 CVE-2018-18341 CVE-2018-18342 CVE-2018-18343 CVE-2018-18344 CVE-2018-18345 CVE-2018-18346 CVE-2018-18347 CVE-2018-18348 CVE-2018-18349 CVE-2018-18350 CVE-2018-18351 CVE-2018-18352 CVE-2018-18353 CVE-2018-18354 CVE-2018-18355 CVE-2018-18356 CVE-2018-18357 CVE-2018-18358 CVE-2018-18359 CVE-2018-20346} + {CVE-2018-17480 CVE-2018-17481 CVE-2018-18335 CVE-2018-18336 CVE-2018-18337 CVE-2018-18338 CVE-2018-18339 CVE-2018-18340 CVE-2018-18341 CVE-2018-18342 CVE-2018-18343 CVE-2018-18344 CVE-2018-18345 CVE-2018-18346 CVE-2018-18347 CVE-2018-18348 CVE-2018-18349 CVE-2018-18350 CVE-2018-18351 CVE-2018-18352 CVE-2018-18353 CVE-2018-18354 CVE-2018-18355 CVE-2018-18356 CVE-2018-18357 CVE-2018-18358 CVE-2018-18359 CVE-2018-20346 CVE-2018-20070 CVE-2018-20068 CVE-2018-20067 CVE-2018-20066 CVE-2018-20065} [stretch] - chromium-browser 71.0.3578.80-1~deb9u1 [07 Dec 2018] DSA-4351-1 libphp-phpmailer - security update {CVE-2018-19296} @@ -119,7 +119,7 @@ {CVE-2018-16839 CVE-2018-16842} [stretch] - curl 7.52.1-5+deb9u8 [02 Nov 2018] DSA-4330-1 chromium-browser - security update - {CVE-2018-5179 CVE-2018-17462 CVE-2018-17463 CVE-2018-17464 CVE-2018-17465 CVE-2018-17466 CVE-2018-17467 CVE-2018-17468 CVE-2018-17469 CVE-2018-17470 CVE-2018-17471 CVE-2018-17472 CVE-2018-17473 CVE-2018-17474 CVE-2018-17475 CVE-2018-17476 CVE-2018-17477} + {CVE-2018-5179 CVE-2018-17462 CVE-2018-17463 CVE-2018-17464 CVE-2018-17465 CVE-2018-17466 CVE-2018-17467 CVE-2018-17468 CVE-2018-17469 CVE-2018-17470 CVE-2018-17471 CVE-2018-17472 CVE-2018-17473 CVE-2018-17474 CVE-2018-17475 CVE-2018-17476 CVE-2018-17477 CVE-2018-20071} [stretch] - chromium-browser 70.0.3538.67-1~deb9u1 [28 Oct 2018] DSA-4329-1 teeworlds - security update {CVE-2018-18541} View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d07d829f0feff4ded71b9be99ab445364c793670 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d07d829f0feff4ded71b9be99ab445364c793670 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits