[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Fri, 15 Feb 2019 12:11:18 -0800

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a53fe151 by security tracker role at 2019-02-15T20:10:29Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2019-8350
+       RESERVED
+CVE-2019-8349
+       RESERVED
+CVE-2019-8348
+       RESERVED
+CVE-2019-8347 (BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP 
accounts via ...)
+       TODO: check
+CVE-2019-8346
+       RESERVED
+CVE-2019-8345 (The Help feature in the ES File Explorer File Manager 
application ...)
+       TODO: check
+CVE-2019-8344
+       RESERVED
 CVE-2019-8343 (In Netwide Assembler (NASM) 2.14.02, there is a use-after-free 
in ...)
        - nasm <unfixed>
        [stretch] - nasm <no-dsa> (Minor issue)
@@ -3198,8 +3212,7 @@ CVE-2019-6975 (Django 1.11.x before 1.11.19, 2.0.x before 
2.0.11, and 2.1.x befo
        NOTE: Upstream re-released https://code.djangoproject.com/ticket/30175
        NOTE: 
https://www.djangoproject.com/weblog/2019/feb/11/security-releases/
        NOTE: 
https://github.com/django/django/commit/0bbb560183fabf0533289700845dafa94951f227
 (1.11 branch)
-CVE-2019-6974 [kvm: fix kvm_ioctl_create_device() reference counting]
-       RESERVED
+CVE-2019-6974 (In the Linux kernel before 4.20.8, kvm_ioctl_create_device in 
...)
        - linux 4.19.20-1
        NOTE: 
https://git.kernel.org/linus/cfa39381173d5f969daf43582c95ad679189cbc9
 CVE-2019-6973
@@ -6003,7 +6016,7 @@ CVE-2019-5786
        RESERVED
 CVE-2019-5785
        RESERVED
-       {DSA-4391-1}
+       {DSA-4391-1 DLA-1677-1}
        - firefox 65.0.1-1
        - firefox-esr 60.5.1esr-1
        - thunderbird 1:60.5.1-1
@@ -20709,40 +20722,40 @@ CVE-2019-0269
        RESERVED
 CVE-2019-0268
        RESERVED
-CVE-2019-0267
-       RESERVED
-CVE-2019-0266
-       RESERVED
-CVE-2019-0265
-       RESERVED
+CVE-2019-0267 (SAP Manufacturing Integration and Intelligence, versions 15.0, 
15.1 ...)
+       TODO: check
+CVE-2019-0266 (Under certain conditions SAP HANA Extended Application 
Services, ...)
+       TODO: check
+CVE-2019-0265 (SLD Registration of ABAP Platform allows an attacker to prevent 
...)
+       TODO: check
 CVE-2019-0264
        RESERVED
 CVE-2019-0263
        RESERVED
-CVE-2019-0262
-       RESERVED
-CVE-2019-0261
-       RESERVED
+CVE-2019-0262 (SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not 
...)
+       TODO: check
+CVE-2019-0261 (Under certain circumstances, SAP HANA Extended Application 
Services, ...)
+       TODO: check
 CVE-2019-0260
        RESERVED
-CVE-2019-0259
-       RESERVED
-CVE-2019-0258
-       RESERVED
-CVE-2019-0257
-       RESERVED
-CVE-2019-0256
-       RESERVED
-CVE-2019-0255
-       RESERVED
-CVE-2019-0254
-       RESERVED
+CVE-2019-0259 (SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) 
allows ...)
+       TODO: check
+CVE-2019-0258 (SAP Disclosure Management, version 10.01, does not perform 
necessary ...)
+       TODO: check
+CVE-2019-0257 (Customizing functionality of SAP NetWeaver AS ABAP Platform 
(fixed in ...)
+       TODO: check
+CVE-2019-0256 (Under certain conditions SAP Business One Mobile Android App, 
version ...)
+       TODO: check
+CVE-2019-0255 (SAP NetWeaver AS ABAP Platform, Krnl64nuc 7.74, krnl64UC 7.73, 
7.74, ...)
+       TODO: check
+CVE-2019-0254 (SAP Disclosure Management (before version 10.1 Stack 1301) does 
not ...)
+       TODO: check
 CVE-2019-0253
        RESERVED
 CVE-2019-0252
        RESERVED
-CVE-2019-0251
-       RESERVED
+CVE-2019-0251 (The Fiori Launchpad of SAP BusinessObjects, before versions 4.2 
and ...)
+       TODO: check
 CVE-2019-0250
        RESERVED
 CVE-2019-0249 (Under certain conditions SAP Landscape Management (VCM 3.0) 
allows an ...)
@@ -24184,7 +24197,7 @@ CVE-2018-18357 (Incorrect handling of confusable 
characters in URL Formatter in
        {DSA-4352-1}
        - chromium 71.0.3578.80-1
 CVE-2018-18356 (An integer overflow in path handling lead to a use after free 
in Skia ...)
-       {DSA-4391-1 DSA-4352-1}
+       {DSA-4391-1 DSA-4352-1 DLA-1677-1}
        - chromium 71.0.3578.80-1
        - firefox 65.0.1-1
        - firefox-esr 60.5.1esr-1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a53fe15166d37c690fb940206ba1b65d6fe87033

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a53fe15166d37c690fb940206ba1b65d6fe87033
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to