[Git][security-tracker-team/security-tracker][master] new python-aioxmpp, recon-ng issues

Tue, 05 Feb 2019 05:15:13 -0800 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
be163cb3 by Moritz Muehlenhoff at 2019-02-05T13:14:13Z
new python-aioxmpp, recon-ng issues
audacity dupe

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -135,7 +135,7 @@ CVE-2019-1000009 (Helm ChartMuseum version >=0.1.0 and 
< 0.8.1 contains a
 CVE-2019-1000008 (All versions of Helm between Helm >=2.0.0 and < 2.12.2 
contains a ...)
        NOT-FOR-US: Helm Kubernetes package manager, different from src:helm
 CVE-2019-1000007 (aioxmpp version 0.10.2 and earlier contains a Improper 
Handling of ...)
-       TODO: check
+       - python-aioxmpp 0.10.3-1
 CVE-2019-1000006 (RIOT RIOT-OS version after commit ...)
        NOT-FOR-US: RIOT RIOT-OS
 CVE-2019-1000005 (mPDF version 7.1.7 and earlier contains a CWE-502: 
Deserialization of ...)
@@ -151,7 +151,7 @@ CVE-2019-1000001 (TeamPass version 2.1.27 and earlier 
contains a Storing Passwor
 CVE-2018-20753 (Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and 
R9.5 ...)
        NOT-FOR-US: Kaseya VSA RMM
 CVE-2018-20752 (An issue was discovered in Recon-ng before 4.9.5. Lack of 
validation in ...)
-       TODO: check
+       - recon-ng 4.9.5-1
 CVE-2018-1000999 (Fastnet SA MailCleaner version 2018092601 contains a Command 
Injection ...)
        NOT-FOR-US: Fastnet SA MailCleaner
 CVE-2018-1000998 (FreeBSD CVSweb version 2.x contains a Cross Site Scripting 
(XSS) ...)
@@ -161,7 +161,7 @@ CVE-2017-18362 (ConnectWise ManagedITSync integration 
through 2017 for Kaseya VS
 CVE-2016-1000282
        RESERVED
 CVE-2016-1000276 (Audacity version 2.1.2 is vulnerable to DLL Hijack, it tries 
to load ...)
-       TODO: check
+       TODO: check, probably a dupe of CVE-2017-1000010
 CVE-2016-1000271 (Joomla extension DT Register version before 3.1.12 (Joomla 
3.x) / ...)
        NOT-FOR-US: Joomla extension
 CVE-2019-7355



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/be163cb3b20fc4b77e3387e4ca42a95e28b5dd84

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/be163cb3b20fc4b77e3387e4ca42a95e28b5dd84
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to