[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Tue, 19 Mar 2019 13:11:22 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ce79dcba by security tracker role at 2019-03-19T20:10:17Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2019-9878 (There is an invalid memory access in the function 
GfxIndexedColorSpace ...)
+       TODO: check
+CVE-2019-9877 (There is an invalid memory access vulnerability in the function 
TextPa ...)
+       TODO: check
+CVE-2019-9876
+       RESERVED
+CVE-2019-9875
+       RESERVED
+CVE-2019-9874
+       RESERVED
+CVE-2019-9873
+       RESERVED
+CVE-2019-9872
+       RESERVED
+CVE-2019-9871
+       RESERVED
+CVE-2019-9870 (plugin.js in the w8tcha oEmbed plugin before 2019-03-14 for 
CKEditor m ...)
+       TODO: check
+CVE-2019-9869
+       RESERVED
+CVE-2019-9868 (An issue was discovered in the Web Console in Veritas NetBackup 
Applia ...)
+       TODO: check
+CVE-2019-9867 (An issue was discovered in the Web Console in Veritas NetBackup 
Applia ...)
+       TODO: check
+CVE-2019-9866
+       RESERVED
+CVE-2019-9865
+       RESERVED
 CVE-2019-9864
        RESERVED
 CVE-2019-9863
@@ -8652,10 +8680,10 @@ CVE-2019-6275
        RESERVED
 CVE-2019-6274
        RESERVED
-CVE-2019-6273
-       RESERVED
-CVE-2019-6272
-       RESERVED
+CVE-2019-6273 (download_file in GL.iNet GL-AR300M-Lite devices with firmware 
2.27 all ...)
+       TODO: check
+CVE-2019-6272 (Command injection vulnerability in login_cgi in GL.iNet 
GL-AR300M-Lite ...)
+       TODO: check
 CVE-2019-6271
        RESERVED
 CVE-2019-6270
@@ -9038,8 +9066,7 @@ CVE-2019-6118
        RESERVED
 CVE-2019-6117
        RESERVED
-CVE-2019-6116 [subroutines within pseudo-operators must themselves be 
pseudo-operators]
-       RESERVED
+CVE-2019-6116 (In Artifex Ghostscript through 9.26, ephemeral or transient 
procedures ...)
        {DSA-4372-1 DLA-1670-1}
        - ghostscript 9.26a~dfsg-1
        NOTE: https://www.openwall.com/lists/oss-security/2019/01/23/5
@@ -9557,8 +9584,7 @@ CVE-2019-5887 (An issue was discovered in ShopXO 1.2.0. 
In the UnlinkDir method
        NOT-FOR-US: ShopXO
 CVE-2019-5886 (An issue was discovered in ShopXO 1.2.0. In the 
application\install\co ...)
        NOT-FOR-US: ShopXO
-CVE-2019-5885 [Synapse: Derives macaroon_secret_key in a predictable way if 
none is specified]
-       RESERVED
+CVE-2019-5885 (Matrix Synapse before 0.34.0.1, when the macaroon_secret_key 
authentic ...)
        - matrix-synapse 0.34.1.1-1
        NOTE: 
https://matrix.org/blog/2019/01/10/critical-security-update-synapse-0-34-0-1-synapse-0-34-1-1/
        NOTE: 
https://matrix.org/blog/2019/01/15/further-details-on-critical-security-update-in-synapse-affecting-all-versions-prior-to-0-34-1-cve-2019-5885/
@@ -10036,8 +10062,8 @@ CVE-2019-5731
        RESERVED
 CVE-2019-5730
        RESERVED
-CVE-2019-5729
-       RESERVED
+CVE-2019-5729 (Splunk-SDK-Python before 1.6.6 does not properly verify 
untrusted TLS  ...)
+       TODO: check
 CVE-2019-5728
        RESERVED
 CVE-2019-5727 (Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x 
before 6.4.9 ...)
@@ -10048,10 +10074,10 @@ CVE-2019-5725 (qibosoft through V7 allows remote 
attackers to read arbitrary fil
        NOT-FOR-US: qibosoft
 CVE-2019-5724
        RESERVED
-CVE-2019-5723
-       RESERVED
-CVE-2019-5722
-       RESERVED
+CVE-2019-5723 (An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6. 
Passwor ...)
+       TODO: check
+CVE-2019-5722 (An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6. 
Due to  ...)
+       TODO: check
 CVE-2019-5721 (In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. 
This was ...)
        - wireshark 2.6.1-1
        [stretch] - wireshark 2.6.3-1~deb9u1
@@ -13414,8 +13440,8 @@ CVE-2019-4096
        RESERVED
 CVE-2019-4095
        RESERVED
-CVE-2019-4094
-       RESERVED
+CVE-2019-4094 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect 
Server) 9.7, ...)
+       TODO: check
 CVE-2019-4093
        RESERVED
 CVE-2019-4092
@@ -73525,8 +73551,8 @@ CVE-2018-1838 (IBM WebSphere Application Server 8.5 and 
9.0 in IBM Cloud could a
        NOT-FOR-US: IBM
 CVE-2018-1837
        RESERVED
-CVE-2018-1836
-       RESERVED
+CVE-2018-1836 (IBM WebSphere MQ 9.0.2, 9.0.3, 9.0.4, 9.0.5, 9.1.0.0, and 
9.1.0.1 cons ...)
+       TODO: check
 CVE-2018-1835 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 5 is 
vulnerable ...)
        NOT-FOR-US: IBM
 CVE-2018-1834 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect 
Server) 9.7, ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ce79dcba4b2f21649c3ebcf8a93c4a50e8373afc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ce79dcba4b2f21649c3ebcf8a93c4a50e8373afc
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to