Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fd7b119a by security tracker role at 2019-01-23T08:10:15Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,349 @@
+CVE-2019-6689
+ RESERVED
+CVE-2019-6688
+ RESERVED
+CVE-2019-6687
+ RESERVED
+CVE-2019-6686
+ RESERVED
+CVE-2019-6685
+ RESERVED
+CVE-2019-6684
+ RESERVED
+CVE-2019-6683
+ RESERVED
+CVE-2019-6682
+ RESERVED
+CVE-2019-6681
+ RESERVED
+CVE-2019-6680
+ RESERVED
+CVE-2019-6679
+ RESERVED
+CVE-2019-6678
+ RESERVED
+CVE-2019-6677
+ RESERVED
+CVE-2019-6676
+ RESERVED
+CVE-2019-6675
+ RESERVED
+CVE-2019-6674
+ RESERVED
+CVE-2019-6673
+ RESERVED
+CVE-2019-6672
+ RESERVED
+CVE-2019-6671
+ RESERVED
+CVE-2019-6670
+ RESERVED
+CVE-2019-6669
+ RESERVED
+CVE-2019-6668
+ RESERVED
+CVE-2019-6667
+ RESERVED
+CVE-2019-6666
+ RESERVED
+CVE-2019-6665
+ RESERVED
+CVE-2019-6664
+ RESERVED
+CVE-2019-6663
+ RESERVED
+CVE-2019-6662
+ RESERVED
+CVE-2019-6661
+ RESERVED
+CVE-2019-6660
+ RESERVED
+CVE-2019-6659
+ RESERVED
+CVE-2019-6658
+ RESERVED
+CVE-2019-6657
+ RESERVED
+CVE-2019-6656
+ RESERVED
+CVE-2019-6655
+ RESERVED
+CVE-2019-6654
+ RESERVED
+CVE-2019-6653
+ RESERVED
+CVE-2019-6652
+ RESERVED
+CVE-2019-6651
+ RESERVED
+CVE-2019-6650
+ RESERVED
+CVE-2019-6649
+ RESERVED
+CVE-2019-6648
+ RESERVED
+CVE-2019-6647
+ RESERVED
+CVE-2019-6646
+ RESERVED
+CVE-2019-6645
+ RESERVED
+CVE-2019-6644
+ RESERVED
+CVE-2019-6643
+ RESERVED
+CVE-2019-6642
+ RESERVED
+CVE-2019-6641
+ RESERVED
+CVE-2019-6640
+ RESERVED
+CVE-2019-6639
+ RESERVED
+CVE-2019-6638
+ RESERVED
+CVE-2019-6637
+ RESERVED
+CVE-2019-6636
+ RESERVED
+CVE-2019-6635
+ RESERVED
+CVE-2019-6634
+ RESERVED
+CVE-2019-6633
+ RESERVED
+CVE-2019-6632
+ RESERVED
+CVE-2019-6631
+ RESERVED
+CVE-2019-6630
+ RESERVED
+CVE-2019-6629
+ RESERVED
+CVE-2019-6628
+ RESERVED
+CVE-2019-6627
+ RESERVED
+CVE-2019-6626
+ RESERVED
+CVE-2019-6625
+ RESERVED
+CVE-2019-6624
+ RESERVED
+CVE-2019-6623
+ RESERVED
+CVE-2019-6622
+ RESERVED
+CVE-2019-6621
+ RESERVED
+CVE-2019-6620
+ RESERVED
+CVE-2019-6619
+ RESERVED
+CVE-2019-6618
+ RESERVED
+CVE-2019-6617
+ RESERVED
+CVE-2019-6616
+ RESERVED
+CVE-2019-6615
+ RESERVED
+CVE-2019-6614
+ RESERVED
+CVE-2019-6613
+ RESERVED
+CVE-2019-6612
+ RESERVED
+CVE-2019-6611
+ RESERVED
+CVE-2019-6610
+ RESERVED
+CVE-2019-6609
+ RESERVED
+CVE-2019-6608
+ RESERVED
+CVE-2019-6607
+ RESERVED
+CVE-2019-6606
+ RESERVED
+CVE-2019-6605
+ RESERVED
+CVE-2019-6604
+ RESERVED
+CVE-2019-6603
+ RESERVED
+CVE-2019-6602
+ RESERVED
+CVE-2019-6601
+ RESERVED
+CVE-2019-6600
+ RESERVED
+CVE-2019-6599
+ RESERVED
+CVE-2019-6598
+ RESERVED
+CVE-2019-6597
+ RESERVED
+CVE-2019-6596
+ RESERVED
+CVE-2019-6595
+ RESERVED
+CVE-2019-6594
+ RESERVED
+CVE-2019-6593
+ RESERVED
+CVE-2019-6592
+ RESERVED
+CVE-2019-6591
+ RESERVED
+CVE-2019-6590
+ RESERVED
+CVE-2019-6589
+ RESERVED
+CVE-2019-6588
+ RESERVED
+CVE-2019-6587
+ RESERVED
+CVE-2019-6586
+ RESERVED
+CVE-2019-6585
+ RESERVED
+CVE-2019-6584
+ RESERVED
+CVE-2019-6583
+ RESERVED
+CVE-2019-6582
+ RESERVED
+CVE-2019-6581
+ RESERVED
+CVE-2019-6580
+ RESERVED
+CVE-2019-6579
+ RESERVED
+CVE-2019-6578
+ RESERVED
+CVE-2019-6577
+ RESERVED
+CVE-2019-6576
+ RESERVED
+CVE-2019-6575
+ RESERVED
+CVE-2019-6574
+ RESERVED
+CVE-2019-6573
+ RESERVED
+CVE-2019-6572
+ RESERVED
+CVE-2019-6571
+ RESERVED
+CVE-2019-6570
+ RESERVED
+CVE-2019-6569
+ RESERVED
+CVE-2019-6568
+ RESERVED
+CVE-2019-6567
+ RESERVED
+CVE-2019-6566
+ RESERVED
+CVE-2019-6565
+ RESERVED
+CVE-2019-6564
+ RESERVED
+CVE-2019-6563
+ RESERVED
+CVE-2019-6562
+ RESERVED
+CVE-2019-6561
+ RESERVED
+CVE-2019-6560
+ RESERVED
+CVE-2019-6559
+ RESERVED
+CVE-2019-6558
+ RESERVED
+CVE-2019-6557
+ RESERVED
+CVE-2019-6556
+ RESERVED
+CVE-2019-6555
+ RESERVED
+CVE-2019-6554
+ RESERVED
+CVE-2019-6553
+ RESERVED
+CVE-2019-6552
+ RESERVED
+CVE-2019-6551
+ RESERVED
+CVE-2019-6550
+ RESERVED
+CVE-2019-6549
+ RESERVED
+CVE-2019-6548
+ RESERVED
+CVE-2019-6547
+ RESERVED
+CVE-2019-6546
+ RESERVED
+CVE-2019-6545
+ RESERVED
+CVE-2019-6544
+ RESERVED
+CVE-2019-6543
+ RESERVED
+CVE-2019-6542
+ RESERVED
+CVE-2019-6541
+ RESERVED
+CVE-2019-6540
+ RESERVED
+CVE-2019-6539
+ RESERVED
+CVE-2019-6538
+ RESERVED
+CVE-2019-6537
+ RESERVED
+CVE-2019-6536
+ RESERVED
+CVE-2019-6535
+ RESERVED
+CVE-2019-6534
+ RESERVED
+CVE-2019-6533
+ RESERVED
+CVE-2019-6532
+ RESERVED
+CVE-2019-6531
+ RESERVED
+CVE-2019-6530
+ RESERVED
+CVE-2019-6529
+ RESERVED
+CVE-2019-6528
+ RESERVED
+CVE-2019-6527
+ RESERVED
+CVE-2019-6526
+ RESERVED
+CVE-2019-6525
+ RESERVED
+CVE-2019-6524
+ RESERVED
+CVE-2019-6523
+ RESERVED
+CVE-2019-6522
+ RESERVED
+CVE-2019-6521
+ RESERVED
+CVE-2019-6520
+ RESERVED
+CVE-2019-6519
+ RESERVED
+CVE-2019-6518
+ RESERVED
+CVE-2019-6517
+ RESERVED
CVE-2019-6516
RESERVED
CVE-2019-6515
@@ -684,8 +1030,8 @@ CVE-2019-6262 (An issue was discovered in Joomla! before
3.9.2. Inadequate check
NOT-FOR-US: Joomla
CVE-2019-6261 (An issue was discovered in Joomla! before 3.9.2. Inadequate
escaping in ...)
NOT-FOR-US: Joomla
-CVE-2019-6260
- RESERVED
+CVE-2019-6260 (The ASPEED ast2400 and ast2500 Baseband Management Controller
(BMC) ...)
+ TODO: check
CVE-2019-6259 (An issue was discovered in idreamsoft iCMS V7.0.13. There is
SQL ...)
NOT-FOR-US: idreamsoft iCMS
CVE-2018-20707
@@ -18026,24 +18372,24 @@ CVE-2018-19021
RESERVED
CVE-2018-19020
RESERVED
-CVE-2018-19019
- RESERVED
+CVE-2018-19019 (A type confusion vulnerability exists when processing project
files in ...)
+ TODO: check
CVE-2018-19018
RESERVED
-CVE-2018-19017
- RESERVED
+CVE-2018-19017 (Several use after free vulnerabilities have been identified in
...)
+ TODO: check
CVE-2018-19016
RESERVED
CVE-2018-19015
RESERVED
CVE-2018-19014
RESERVED
-CVE-2018-19013
- RESERVED
+CVE-2018-19013 (An attacker could inject commands to delete files and/or
delete the ...)
+ TODO: check
CVE-2018-19012
RESERVED
-CVE-2018-19011
- RESERVED
+CVE-2018-19011 (CX-Supervisor (Versions 3.42 and prior) can execute code that
has been ...)
+ TODO: check
CVE-2018-19010
RESERVED
CVE-2018-19009
@@ -19271,7 +19617,7 @@ CVE-2018-18499
RESERVED
CVE-2018-18498
RESERVED
- {DSA-4354-1 DLA-1605-1}
+ {DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
- firefox 64.0-1
- firefox-esr 60.4.0esr-1
- thunderbird 1:60.4.0-1
@@ -19292,7 +19638,7 @@ CVE-2018-18495
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18495
CVE-2018-18494
RESERVED
- {DSA-4354-1 DLA-1605-1}
+ {DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
- firefox 64.0-1
- firefox-esr 60.4.0esr-1
- thunderbird 1:60.4.0-1
@@ -19301,7 +19647,7 @@ CVE-2018-18494
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-31/#CVE-2018-18494
CVE-2018-18493
RESERVED
- {DSA-4354-1 DLA-1605-1}
+ {DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
- firefox 64.0-1
- firefox-esr 60.4.0esr-1
- thunderbird 1:60.4.0-1
@@ -19310,7 +19656,7 @@ CVE-2018-18493
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-31/#CVE-2018-18493
CVE-2018-18492
RESERVED
- {DSA-4354-1 DLA-1605-1}
+ {DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
- firefox 64.0-1
- firefox-esr 60.4.0esr-1
- thunderbird 1:60.4.0-1
@@ -21971,7 +22317,7 @@ CVE-2018-17467 (Insufficiently quick clearing of stale
rendered content in Navig
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
CVE-2018-17466 (Incorrect texture handling in Angle in Google Chrome prior to
...)
- {DSA-4354-1 DSA-4330-1 DLA-1605-1}
+ {DSA-4362-1 DSA-4354-1 DSA-4330-1 DLA-1624-1 DLA-1605-1}
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
- firefox 64.0-1
@@ -23490,7 +23836,7 @@ CVE-2018-16866 (An out of bounds read was discovered in
systemd-journald in the
NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
CVE-2018-16865 (An allocation of memory without limits, that could result in
the stack ...)
- {DSA-4367-1}
+ {DSA-4367-1 DLA-1639-1}
- systemd 240-4 (bug #918848)
NOTE: Intorduced in:
https://github.com/systemd/systemd/commit/cf244689e9d1ab50082c9ddd0f3c4d1eb982badc
(v38)
NOTE: Exploitable since:
https://github.com/systemd/systemd/commit/c4aa09b06f835c91cea9e021df4c3605cff2318d
(v201)
@@ -23500,7 +23846,7 @@ CVE-2018-16865 (An allocation of memory without limits,
that could result in the
NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
CVE-2018-16864 (An allocation of memory without limits, that could result in
the stack ...)
- {DSA-4367-1}
+ {DSA-4367-1 DLA-1639-1}
- systemd 240-4 (bug #918841)
NOTE: Introduced in:
https://github.com/systemd/systemd/commit/ae018d9bc900d6355dea4af05119b49c67945184
(v203)
NOTE: Exploitable since:
https://github.com/systemd/systemd/commit/ac2e41f5103ce2c679089c4f8fb6be61d7caec07
(v230)
@@ -34976,7 +35322,7 @@ CVE-2018-12406
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-12406
CVE-2018-12405
RESERVED
- {DSA-4354-1 DLA-1605-1}
+ {DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
- firefox 64.0-1
- firefox-esr 60.4.0esr-1
- thunderbird 1:60.4.0-1
@@ -38356,14 +38702,17 @@ CVE-2018-11216
CVE-2018-11215
RESERVED
CVE-2018-11214 (An issue was discovered in libjpeg 9a. The get_text_rgb_row
function in ...)
+ {DLA-1638-1}
- libjpeg9 1:9c-1 (low; bug #902176)
- libjpeg-turbo 1:1.4.2-1
NOTE:
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/6709e4a0cfa44d4f54ee8ad05753d4aa9260cb91
(1.4.2)
CVE-2018-11213 (An issue was discovered in libjpeg 9a. The get_text_gray_row
function ...)
+ {DLA-1638-1}
- libjpeg9 1:9c-1 (low; bug #902176)
- libjpeg-turbo 1:1.4.2-1
NOTE:
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/6709e4a0cfa44d4f54ee8ad05753d4aa9260cb91
(1.4.2)
CVE-2018-11212 (An issue was discovered in libjpeg 9a. The alloc_sarray
function in ...)
+ {DLA-1638-1}
- libjpeg9 1:9c-1 (low; bug #902176)
- libjpeg-turbo 1:1.4.2-1
NOTE:
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/82923eb93a2eacf4a593e00e3e672bbb86a8a3a0
(1.4.2)
@@ -67113,6 +67462,7 @@ CVE-2018-1154 (In SecurityCenter versions prior to
5.7.0, a username enumeration
CVE-2018-1153 (Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate
the ...)
NOT-FOR-US: Burp Suite (different from src:burp)
CVE-2018-1152 (libjpeg-turbo 1.5.90 is vulnerable to a denial of service ...)
+ {DLA-1638-1}
- libjpeg-turbo <unfixed> (low; bug #902950)
[stretch] - libjpeg-turbo <no-dsa> (Minor issue)
NOTE:
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6
@@ -140839,6 +141189,7 @@ CVE-2016-3618
CVE-2016-3617
RESERVED
CVE-2016-3616 (The cjpeg utility in libjpeg allows remote attackers to cause a
denial ...)
+ {DLA-1638-1}
- libjpeg-turbo 1:1.4.2-1
NOTE: libjpeg-turbo: Fixed by:
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/6709e4a0cfa44d4f54ee8ad05753d4aa9260cb91
(1.4.2)
- libjpeg6b <unfixed> (unimportant)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fd7b119add0062a6fdeb42d1752c5eec24b1314b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fd7b119add0062a6fdeb42d1752c5eec24b1314b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
