Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f34b74da by Moritz Muehlenhoff at 2019-05-06T17:59:07Z
stretch triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2174,10 +2174,11 @@ CVE-2019-10879 (In Teeworlds 0.7.2, there is an integer
overflow in CDataFileRea
NOTE: https://github.com/teeworlds/teeworlds/issues/2070
NOTE:
https://github.com/teeworlds/teeworlds/commit/4d529dcd2d01022e979ebfa0b91167dee37cdb8e
CVE-2019-10878 (In Teeworlds 0.7.2, there is a failed bounds check in
CDataFileReader: ...)
- - teeworlds 0.7.2-4 (bug #927152)
+ - teeworlds 0.7.2-5 (bug #927152)
[jessie] - teeworlds <end-of-life> (Not supported in jessie LTS)
NOTE: https://github.com/teeworlds/teeworlds/issues/2073
NOTE:
https://github.com/teeworlds/teeworlds/commit/e086f4b35b1adf7edc35b4ad332dc7ed1edc5988
+ NOTE:
https://github.com/teeworlds/teeworlds/commit/cc3d59ae706752956d6cb8acc4187c8398b61c5c
CVE-2019-10877 (In Teeworlds 0.7.2, there is an integer overflow in
CMap::Load() in en ...)
- teeworlds 0.7.2-4 (bug #927152)
[jessie] - teeworlds <end-of-life> (Not supported in jessie LTS)
@@ -16314,7 +16315,8 @@ CVE-2019-5431
CVE-2019-5430
RESERVED
CVE-2019-5429 (Untrusted search path in FileZilla before 3.41.0-rc1 allows an
attacke ...)
- - filezilla <unfixed> (bug #928282)
+ - filezilla <unfixed> (low; bug #928282)
+ [stretch] - filezilla <no-dsa> (Minor issue)
NOTE:
https://svn.filezilla-project.org/filezilla?revision=9097&view=revision
NOTE: https://www.tenable.com/security/research/tra-2019-14
CVE-2019-5428
@@ -31354,6 +31356,7 @@ CVE-2019-0224 (In Apache JSPWiki 2.9.0 to 2.11.0.M2, a
carefully crafted URL cou
- jspwiki <removed>
CVE-2019-0223 (While investigating bug PROTON-2014, we discovered that under
some cir ...)
- qpid-proton 0.22.0-1
+ [stretch] - qpid-proton <no-dsa> (Minor issue)
NOTE: https://issues.apache.org/jira/browse/PROTON-2014
NOTE: https://qpid.apache.org/cves/CVE-2019-0223.html
NOTE: https://gitbox.apache.org/repos/asf?p=qpid-proton.git;h=97c7733
@@ -31474,6 +31477,7 @@ CVE-2019-0188
RESERVED
CVE-2019-0187 (Unauthenticated RCE is possible when JMeter is used in
distributed mod ...)
- jakarta-jmeter <unfixed>
+ [stretch] - jakarta-jmeter <no-dsa> (Minor issue)
[jessie] - jakarta-jmeter <no-dsa> (Minor issue)
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62743
CVE-2019-0186 (The input fields of the Apache Pluto "Chat Room" demo portlet
3.0.0 an ...)
@@ -32142,6 +32146,7 @@ CVE-2018-19106 (Avi Vantage before 17.2.13 uses an
invalid URL encoding during a
CVE-2018-19105 (LibreCAD 2.1.3 allows remote attackers to cause a denial of
service (0 ...)
{DLA-1776-1}
- librecad <unfixed> (bug #928477)
+ [stretch] - librecad <no-dsa> (Minor issue)
NOTE: https://code610.blogspot.com/2018/11/crashing-librecad-213.html
NOTE: https://github.com/LibreCAD/LibreCAD/issues/1038
NOTE: Fixed by
https://github.com/LibreCAD/LibreCAD/commit/6da7cc5f7f31afb008f03dbd11e07207ccd82085
@@ -37060,8 +37065,10 @@ CVE-2018-17203
REJECTED
CVE-2018-17202
RESERVED
+ NOTE: Apache Commons Imaging
CVE-2018-17201
RESERVED
+ NOTE: Apache Commons Imaging
CVE-2018-17200
RESERVED
CVE-2018-17199 (In Apache HTTP Server 2.4 release 2.4.37 and prior,
mod_session checks ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f34b74dab39049f2430ec605536cd54982d4eba4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f34b74dab39049f2430ec605536cd54982d4eba4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
