Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
acf1baed by Salvatore Bonaccorso at 2019-04-04T07:46:27Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3012,7 +3012,7 @@ CVE-2019-9761 (An XXE issue was discovered in PHPSHE 1.7,
which can be used to r
CVE-2019-9760 (FTPGetter Standard v.5.97.0.177 allows remote code execution
when a us ...)
NOT-FOR-US: FTPGetter
CVE-2019-9759 (An issue was discovered in TONGDA Office Anywhere 10.18.190121.
There ...)
- TODO: check
+ NOT-FOR-US: TONGDA Office Anywhere
CVE-2019-9758
RESERVED
CVE-2019-9757
@@ -69465,85 +69465,85 @@ CVE-2018-4358 (Multiple memory corruption issues were
addressed with improved me
NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
NOTE: Not covered by security support
CVE-2018-4357 (A memory corruption issue was addressed with improved input
validation ...)
- TODO: check
+ NOT-FOR-US: Apple Xcode
CVE-2018-4356 (A permissions issue existed. This issue was addressed with
improved pe ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4355 (A configuration issue was addressed with additional
restrictions. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4354 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4353 (A configuration issue was addressed with additional
restrictions. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4352 (A consistency issue existed in the handling of application
snapshots. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4351 (A memory initialization issue was addressed with improved
memory handl ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4350 (A memory corruption issue was addressed with improved input
validation ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4349
RESERVED
CVE-2018-4348 (A validation issue was addressed with improved logic. This
issue affec ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4347 (A use after free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4346 (A validation issue existed which allowed local file access.
This was a ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4345 (A cross-site scripting issue existed in Safari. This issue was
address ...)
- webkit2gtk 2.22.3-1 (unimportant)
NOTE: https://webkitgtk.org/security/WSA-2018-0008.html
NOTE: Not covered by security support
CVE-2018-4344 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4343 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4342 (A configuration issue was addressed with additional
restrictions. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4341 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4340 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4339
RESERVED
CVE-2018-4338 (A validation issue was addressed with improved input
sanitization. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4337 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4336 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4335 (A validation issue was addressed with improved input
sanitization. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4334 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4333 (A validation issue was addressed with improved input
sanitization. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4332 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4331 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4330 (In iOS before 11.4, a memory corruption issue exists and was
addressed ...)
NOT-FOR-US: Apple
CVE-2018-4329 (Clearing a history item may not clear visits with redirect
chains. The ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4328 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.22.0-2 (unimportant)
NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
NOTE: Not covered by security support
CVE-2018-4327 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4326 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4325 (A logic issue was addressed with improved restrictions. This
issue aff ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4324 (A permissions issue existed in the handling of the Apple ID.
This issu ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4323 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.22.0-2 (unimportant)
NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
NOTE: Not covered by security support
CVE-2018-4322 (This issue was addressed with improved entitlements. This issue
affect ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4321 (A validation issue existed in the entitlement verification.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4320
RESERVED
CVE-2018-4319 (A cross-origin issue existed with "iframe" elements. This was
addresse ...)
@@ -69571,7 +69571,7 @@ CVE-2018-4314 (A use after free issue was addressed
with improved memory managem
NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
NOTE: Not covered by security support
CVE-2018-4313 (A consistency issue existed in the handling of application
snapshots. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4312 (A use after free issue was addressed with improved memory
management. ...)
- webkit2gtk 2.22.0-2 (unimportant)
NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
@@ -69581,25 +69581,25 @@ CVE-2018-4311 (The issue was addressed by removing
origin information. This issu
NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
NOTE: Not covered by security support
CVE-2018-4310 (An access issue was addressed with additional sandbox
restrictions. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4309 (A cross-site scripting issue existed in Safari. This issue was
address ...)
- webkit2gtk 2.22.0-2 (unimportant)
NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
NOTE: Not covered by security support
CVE-2018-4308 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4307 (A logic issue was addressed with improved state management.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4306 (A use after free issue was addressed with improved memory
management. ...)
- webkit2gtk 2.22.0-2 (unimportant)
NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
NOTE: Not covered by security support
CVE-2018-4305 (An input validation issue was addressed with improved input
validation ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4304 (A denial of service issue was addressed with improved
validation. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4303 (An input validation issue was addressed with improved input
validation ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4302
RESERVED
CVE-2018-4301
@@ -69618,41 +69618,41 @@ CVE-2018-4297
CVE-2018-4296
RESERVED
CVE-2018-4295 (An input validation issue was addressed with improved input
validation ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4294
RESERVED
CVE-2018-4293 (A cookie management issue was addressed with improved checks.
This iss ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4292
RESERVED
CVE-2018-4291 (Multiple memory corruption issues were addressed with improved
memory ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4290 (A denial of service issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4289 (An information disclosure issue was addressed by removing the
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4288 (Multiple memory corruption issues were addressed with improved
memory ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4287 (Multiple memory corruption issues were addressed with improved
memory ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4286 (Multiple memory corruption issues were addressed with improved
memory ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4285 (A type confusion issue was addressed with improved memory
handling. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4284 (A type confusion issue was addressed with improved memory
handling. Th ...)
- webkit2gtk 2.20.4-1 (unimportant)
NOTE: Not covered by security support
NOTE: https://webkitgtk.org/security/WSA-2018-0006.html
CVE-2018-4283 (An out-of-bounds read issue existed that led to the disclosure
of kern ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4282 (An out-of-bounds read issue existed that led to the disclosure
of kern ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4281 (In SwiftNIO before 1.8.0, a buffer overflow was addressed with
improve ...)
NOT-FOR-US: Apple
CVE-2018-4280 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4279 (An inconsistent user interface issue was addressed with
improved state ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2018-4278 (In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS
before 11 ...)
- webkit2gtk 2.20.4-1 (unimportant)
NOTE: Not covered by security support
@@ -69660,11 +69660,11 @@ CVE-2018-4278 (In Safari before 11.1.2, iTunes before
12.8 for Windows, iOS befo
CVE-2018-4277 (In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1,
Safari ...)
NOT-FOR-US: Apple
CVE-2018-4276 (A null pointer dereference was addressed with improved
validation. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4275 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4274 (A spoofing issue existed in the handling of URLs. This issue
was addre ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4273 (Multiple memory corruption issues were addressed with improved
input v ...)
- webkit2gtk 2.20.4-1 (unimportant)
NOTE: Not covered by security support
@@ -69682,9 +69682,9 @@ CVE-2018-4270 (A memory corruption issue was addressed
with improved memory hand
NOTE: Not covered by security support
NOTE: https://webkitgtk.org/security/WSA-2018-0006.html
CVE-2018-4269 (A memory corruption issue was addressed with improved input
validation ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4268 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4267 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.20.4-1 (unimportant)
NOTE: Not covered by security support
@@ -69714,9 +69714,9 @@ CVE-2018-4261 (Multiple memory corruption issues were
addressed with improved me
NOTE: Not covered by security support
NOTE: https://webkitgtk.org/security/WSA-2018-0006.html
CVE-2018-4260 (An inconsistent user interface issue was addressed with
improved state ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4259 (Multiple memory corruption issues were addressed with improved
memory ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4258 (In macOS High Sierra before 10.13.5, a buffer overflow was
addressed w ...)
NOT-FOR-US: Apple
CVE-2018-4257 (In macOS High Sierra before 10.13.5, a buffer overflow was
addressed w ...)
@@ -69738,7 +69738,7 @@ CVE-2018-4250 (An issue was discovered in certain Apple
products. iOS before 11.
CVE-2018-4249 (An issue was discovered in certain Apple products. iOS before
11.4 is ...)
NOT-FOR-US: Apple
CVE-2018-4248 (An out-of-bounds read was addressed with improved input
validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4247 (An issue was discovered in certain Apple products. iOS before
11.4 is ...)
NOT-FOR-US: Apple
CVE-2018-4246 (An issue was discovered in certain Apple products. iOS before
11.4 is ...)
@@ -69812,7 +69812,7 @@ CVE-2018-4218 (An issue was discovered in certain Apple
products. iOS before 11.
CVE-2018-4217 (In macOS High Sierra before 10.13.5, a privacy issue in the
handling o ...)
NOT-FOR-US: Apple
CVE-2018-4216 (A logic issue existed in the handling of call URLs. This issue
was add ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4215 (An issue was discovered in certain Apple products. iOS before
11.4 is ...)
NOT-FOR-US: Apple
CVE-2018-4214 (An issue was discovered in certain Apple products. iOS before
11.4 is ...)
@@ -69854,7 +69854,7 @@ CVE-2018-4204 (An issue was discovered in certain Apple
products. iOS before 11.
NOTE: https://webkitgtk.org/security/WSA-2018-0004.html
NOTE: Not covered by security support
CVE-2018-4203 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4202 (An issue was discovered in certain Apple products. iOS before
11.4 is ...)
NOT-FOR-US: Apple (iBooks component)
CVE-2018-4201 (An issue was discovered in certain Apple products. iOS before
11.4 is ...)
@@ -69878,7 +69878,7 @@ CVE-2018-4197 (A use after free issue was addressed
with improved memory managem
CVE-2018-4196 (An issue was discovered in certain Apple products. macOS before
10.13. ...)
NOT-FOR-US: Apple (Accessibility Framework component)
CVE-2018-4195 (An inconsistent user interface issue was addressed with
improved state ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4194 (In iOS before 11.4, iCloud for Windows before 7.5, watchOS
before 4.3. ...)
NOT-FOR-US: Apple
CVE-2018-4193 (An issue was discovered in certain Apple products. macOS before
10.13. ...)
@@ -69924,7 +69924,7 @@ CVE-2018-4180 (In macOS High Sierra before 10.13.5, an
issue existed in CUPS. Th
CVE-2018-4179 (In macOS High Sierra before 10.13.4, there was an issue with
the handl ...)
NOT-FOR-US: Apple
CVE-2018-4178 (A permissions issue existed in which execute permission was
incorrectl ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4177
RESERVED
CVE-2018-4176 (An issue was discovered in certain Apple products. macOS before
10.13. ...)
@@ -69982,7 +69982,7 @@ CVE-2018-4155 (An issue was discovered in certain Apple
products. iOS before 11.
CVE-2018-4154 (An issue was discovered in certain Apple products. iOS before
11.3 is ...)
NOT-FOR-US: Apple
CVE-2018-4153 (An injection issue was addressed with improved validation. This
issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4152 (An issue was discovered in certain Apple products. macOS before
10.13. ...)
NOT-FOR-US: Apple
CVE-2018-4151 (An issue was discovered in certain Apple products. iOS before
11.3 is ...)
@@ -70000,7 +70000,7 @@ CVE-2018-4146 (An issue was discovered in certain Apple
products. iOS before 11.
NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
NOTE: Not covered by security support
CVE-2018-4145 (Multiple memory corruption issues were addressed with improved
memory ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4144 (An issue was discovered in certain Apple products. iOS before
11.3 is ...)
NOT-FOR-US: Apple
CVE-2018-4143 (An issue was discovered in certain Apple products. iOS before
11.3 is ...)
@@ -70046,7 +70046,7 @@ CVE-2018-4127 (An issue was discovered in certain Apple
products. iOS before 11.
NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
NOTE: Not covered by security support
CVE-2018-4126 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2018-4125 (An issue was discovered in certain Apple products. iOS before
11.3 is ...)
- webkit2gtk 2.20.0-2 (unimportant)
NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
@@ -92264,7 +92264,7 @@ CVE-2017-13913
CVE-2017-13912
RESERVED
CVE-2017-13911 (A configuration issue was addressed with additional
restrictions. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-13910
RESERVED
CVE-2017-13909
@@ -113407,7 +113407,7 @@ CVE-2017-7153 (An issue was discovered in certain
Apple products. iOS before 11.
CVE-2017-7152 (An issue was discovered in certain Apple products. iOS before
11.2 is ...)
NOT-FOR-US: Apple
CVE-2017-7151 (A race condition was addressed with additional validation. This
issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2017-7150 (An issue was discovered in certain Apple products. macOS before
10.13 ...)
NOT-FOR-US: Apple
CVE-2017-7149 (An issue was discovered in certain Apple products. macOS before
10.13 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/acf1baed04afcac76626ece02c95efaefc31a520
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/acf1baed04afcac76626ece02c95efaefc31a520
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
