[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Sun, 24 Mar 2019 13:10:52 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
0d7c8b3f by security tracker role at 2019-03-24T20:10:21Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,85 @@
+CVE-2019-9999
+       RESERVED
+CVE-2019-9998
+       RESERVED
+CVE-2019-9997
+       RESERVED
+CVE-2019-9996
+       RESERVED
+CVE-2019-9995
+       RESERVED
+CVE-2019-9994
+       RESERVED
+CVE-2019-9993
+       RESERVED
+CVE-2019-9992
+       RESERVED
+CVE-2019-9991
+       RESERVED
+CVE-2019-9990
+       RESERVED
+CVE-2019-9989
+       RESERVED
+CVE-2019-9988
+       RESERVED
+CVE-2019-9987
+       RESERVED
+CVE-2019-9986
+       RESERVED
+CVE-2019-9985
+       RESERVED
+CVE-2019-9984
+       RESERVED
+CVE-2019-9983
+       RESERVED
+CVE-2019-9982
+       RESERVED
+CVE-2019-9981
+       RESERVED
+CVE-2019-9980
+       RESERVED
+CVE-2019-9979
+       RESERVED
+CVE-2019-9978 (The social-warfare plugin before 3.5.3 for WordPress has stored 
XSS vi ...)
+       TODO: check
+CVE-2019-9977 (The renderer process in the entertainment system on Tesla Model 
3 vehi ...)
+       TODO: check
+CVE-2019-9976
+       RESERVED
+CVE-2019-9975
+       RESERVED
+CVE-2019-9974
+       RESERVED
+CVE-2019-9973
+       RESERVED
+CVE-2019-10013
+       RESERVED
+CVE-2019-10012
+       RESERVED
+CVE-2019-10011
+       RESERVED
+CVE-2019-10010 (Cross-site scripting (XSS) vulnerability in the PHP League 
CommonMark  ...)
+       TODO: check
+CVE-2019-10009
+       RESERVED
+CVE-2019-10008
+       RESERVED
+CVE-2019-10007
+       RESERVED
+CVE-2019-10006
+       RESERVED
+CVE-2019-10005
+       RESERVED
+CVE-2019-10004
+       RESERVED
+CVE-2019-10003
+       RESERVED
+CVE-2019-10002
+       RESERVED
+CVE-2019-10001
+       RESERVED
+CVE-2019-10000
+       RESERVED
 CVE-2019-9972
        RESERVED
 CVE-2019-9971
@@ -1044,6 +1126,7 @@ CVE-2019-9814
        RESERVED
 CVE-2019-9813
        RESERVED
+       {DSA-4417-1}
        - firefox 66.0.1-1
        - firefox-esr 60.6.1esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-09/#CVE-2019-9813
@@ -1054,6 +1137,7 @@ CVE-2019-9811
        RESERVED
 CVE-2019-9810
        RESERVED
+       {DSA-4417-1}
        - firefox 66.0.1-1
        - firefox-esr 60.6.1esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-09/#CVE-2019-9810
@@ -2538,6 +2622,7 @@ CVE-2019-9215 (In Live555 before 2019.02.27, malformed 
headers lead to invalid m
        - liblivemedia <unfixed> (bug #924655)
        NOTE: Reporter advisory and analysis: 
https://tools.cisco.com/security/center/viewAlert.x?alertId=59708
 CVE-2019-9214 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP 
dissector c ...)
+       {DSA-4416-1}
        - wireshark 2.6.7-1 (bug #923611)
        [jessie] - wireshark <not-affected> (Vulnerable code not present)
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15536
@@ -2566,11 +2651,13 @@ CVE-2018-20797 (An issue was discovered in PoDoFo 
0.9.6. There is an attempted e
        [jessie] - libpodofo <no-dsa> (Minor issue)
        NOTE: https://sourceforge.net/p/podofo/tickets/34/
 CVE-2019-9209 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER 
and rel ...)
+       {DSA-4416-1}
        - wireshark 2.6.7-1 (bug #923611)
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15447
        NOTE: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f8fbe9f934d65b2694fa74622e5eb2e1dc8cd20b
        NOTE: https://www.wireshark.org/security/wnpa-sec-2019-06.html
 CVE-2019-9208 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP 
dissector co ...)
+       {DSA-4416-1}
        - wireshark 2.6.7-1 (bug #923611)
        [jessie] - wireshark <not-affected> (Vulnerable code not present)
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15464
@@ -11142,12 +11229,13 @@ CVE-2016-10735 (In Bootstrap 3.x before 3.4.0 and 
4.x-beta before 4.0.0-beta.2,
 CVE-2019-5720 (includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 
contains a  ...)
        - frontaccounting <removed>
 CVE-2019-5719 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP 
dissector  ...)
-       {DLA-1645-1}
+       {DSA-4416-1 DLA-1645-1}
        - wireshark 2.6.6-1 (low)
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15374
        NOTE: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b5b02f2a9b8772d8814096f86c60a32889d61f2c
        NOTE: https://www.wireshark.org/security/wnpa-sec-2019-04.html
 CVE-2019-5718 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE 
dissector an ...)
+       {DSA-4416-1}
        - wireshark 2.6.6-1 (low)
        [jessie] - wireshark <not-affected> (Vulnerable code introduced later)
        NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1746
@@ -11155,13 +11243,13 @@ CVE-2019-5718 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 
to 2.4.11, the RTSE dissect
        NOTE: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cd09cb5cfb673beca3cce20b1d6a9bc67a134ae1
        NOTE: https://www.wireshark.org/security/wnpa-sec-2019-03.html
 CVE-2019-5717 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL 
dissector c ...)
-       {DLA-1645-1}
+       {DSA-4416-1 DLA-1645-1}
        - wireshark 2.6.6-1 (low)
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15337
        NOTE: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bf9272a92f3df1e4ccfaad434e123222ae5313f7
        NOTE: https://www.wireshark.org/security/wnpa-sec-2019-02.html
 CVE-2019-5716 (In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. 
This w ...)
-       {DLA-1645-1}
+       {DSA-4416-1 DLA-1645-1}
        - wireshark 2.6.6-1 (low)
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15217
        NOTE: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2b2eea1793dbff813896e1ae9dff1bedb39ee010
@@ -82786,6 +82874,7 @@ CVE-2017-16357 (In radare 2.0.1, a memory corruption 
vulnerability exists in sto
 CVE-2017-16356 (Reflected XSS in Kubik-Rubik SIGE (aka Simple Image Gallery 
Extended)  ...)
        NOT-FOR-US: Kubik-Rubik SIGE
 CVE-2017-16355 (In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 
5.1.10 (fixed ...)
+       {DSA-4415-1}
        - passenger 5.0.30-1.1 (bug #884463)
        - ruby-passenger <removed>
        [jessie] - ruby-passenger <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0d7c8b3fb264d1d90083eff1a04b3d43563aa1a4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0d7c8b3fb264d1d90083eff1a04b3d43563aa1a4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to