Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
09b7fd3e by security tracker role at 2019-05-02T08:10:20Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,64 @@
-CVE-2019-11675 [Privilege escalation due to insecure use of logrotate]
+CVE-2019-11674
+ RESERVED
+CVE-2019-11673
+ RESERVED
+CVE-2019-11672
+ RESERVED
+CVE-2019-11671
+ RESERVED
+CVE-2019-11670
+ RESERVED
+CVE-2019-11669
+ RESERVED
+CVE-2019-11668
+ RESERVED
+CVE-2019-11667
+ RESERVED
+CVE-2019-11666
+ RESERVED
+CVE-2019-11665
+ RESERVED
+CVE-2019-11664
+ RESERVED
+CVE-2019-11663
+ RESERVED
+CVE-2019-11662
+ RESERVED
+CVE-2019-11661
+ RESERVED
+CVE-2019-11660
+ RESERVED
+CVE-2019-11659
+ RESERVED
+CVE-2019-11658
+ RESERVED
+CVE-2019-11657
+ RESERVED
+CVE-2019-11656
+ RESERVED
+CVE-2019-11655
+ RESERVED
+CVE-2019-11654
+ RESERVED
+CVE-2019-11653
+ RESERVED
+CVE-2019-11652
+ RESERVED
+CVE-2019-11651
+ RESERVED
+CVE-2019-11650
+ RESERVED
+CVE-2019-11649
+ RESERVED
+CVE-2019-11648
+ RESERVED
+CVE-2019-11647
+ RESERVED
+CVE-2019-11646
+ RESERVED
+CVE-2019-11645
+ RESERVED
+CVE-2019-11675 (The groonga-httpd package 6.1.5-1 for Debian sets the
/var/log/groonga ...)
- groonga <unfixed> (bug #928304)
CVE-2019-11644
RESERVED
@@ -31014,8 +31074,7 @@ CVE-2019-0228 (Apache PDFBox 2.0.14 does not properly
initialize the XML parser,
NOTE: https://www.openwall.com/lists/oss-security/2019/04/12/1
NOTE: https://issues.apache.org/jira/browse/PDFBOX-4505
NOTE: Fixed by: https://svn.apache.org/r1856952 (2.0.15)
-CVE-2019-0227 [Hard coded domain name in example web service named
StockQuoteService.jws leading to remote code execution]
- RESERVED
+CVE-2019-0227 (A Server Side Request Forgery (SSRF) vulnerability affected the
Apache ...)
- axis <unfixed> (unimportant)
NOTE:
https://rhinosecuritylabs.com/application-security/cve-2019-0227-expired-domain-rce-apache-axis/
NOTE:
https://github.com/apache/axis1-java/commit/7043f1ab0397d1ae35f879f2bcc99be1e9b55644
@@ -60912,8 +60971,8 @@ CVE-2018-8036 (In Apache PDFBox 1.8.0 to 1.8.14 and
2.0.0RC1 to 2.0.10, a carefu
[stretch] - libpdfbox-java <no-dsa> (Minor issue)
[jessie] - libpdfbox-java <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2018/06/29/2
-CVE-2018-8035
- RESERVED
+CVE-2018-8035 (This vulnerability relates to the user's browser processing of
DUCC we ...)
+ TODO: check
CVE-2018-8034 (The host name verification when using TLS with the WebSocket
client wa ...)
{DSA-4281-1 DLA-1491-1 DLA-1453-1}
- tomcat9 <not-affected> (Fixed before initial upload to Debian)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/09b7fd3e44467549b61810106b53c1ce26da22e4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/09b7fd3e44467549b61810106b53c1ce26da22e4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
