[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Wed, 29 May 2019 01:10:48 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
cecf2d61 by security tracker role at 2019-05-29T08:10:17Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,87 @@
+CVE-2019-12438
+       RESERVED
+CVE-2019-12437
+       RESERVED
+CVE-2019-12436
+       RESERVED
+CVE-2019-12435
+       RESERVED
+CVE-2019-12434
+       RESERVED
+CVE-2019-12433
+       RESERVED
+CVE-2019-12432
+       RESERVED
+CVE-2019-12431
+       RESERVED
+CVE-2019-12430
+       RESERVED
+CVE-2019-12429
+       RESERVED
+CVE-2019-12428
+       RESERVED
+CVE-2019-12427
+       RESERVED
+CVE-2019-12426
+       RESERVED
+CVE-2019-12425
+       RESERVED
+CVE-2019-12424
+       RESERVED
+CVE-2019-12423
+       RESERVED
+CVE-2019-12422
+       RESERVED
+CVE-2019-12421
+       RESERVED
+CVE-2019-12420
+       RESERVED
+CVE-2019-12419
+       RESERVED
+CVE-2019-12418
+       RESERVED
+CVE-2019-12417
+       RESERVED
+CVE-2019-12416
+       RESERVED
+CVE-2019-12415
+       RESERVED
+CVE-2019-12414
+       RESERVED
+CVE-2019-12413
+       RESERVED
+CVE-2019-12412
+       RESERVED
+CVE-2019-12411
+       RESERVED
+CVE-2019-12410
+       RESERVED
+CVE-2019-12409
+       RESERVED
+CVE-2019-12408
+       RESERVED
+CVE-2019-12407
+       RESERVED
+CVE-2019-12406
+       RESERVED
+CVE-2019-12405
+       RESERVED
+CVE-2019-12404
+       RESERVED
+CVE-2019-12403
+       RESERVED
+CVE-2019-12402
+       RESERVED
+CVE-2019-12401
+       RESERVED
+CVE-2019-12400
+       RESERVED
+CVE-2019-12399
+       RESERVED
+CVE-2019-12398
+       RESERVED
+CVE-2019-12397
+       RESERVED
 CVE-2019-12396 (An issue was discovered in Revive Adserver before 4.2.1. In 
lib/OA/Dal ...)
        NOT-FOR-US: Revive Adserver
 CVE-2019-12395 (In Webbukkit Dynmap 3.0-beta-3, with Spigot 1.13.2, due to a 
missing l ...)
@@ -2564,7 +2648,7 @@ CVE-2019-11339 (The studio profile decoder in 
libavcodec/mpeg4videodec.c in FFmp
        NOTE: 
https://github.com/FFmpeg/FFmpeg/commit/1f686d023b95219db933394a7704ad9aa5f01cbb
        NOTE: 
https://github.com/FFmpeg/FFmpeg/commit/d227ed5d598340e719eff7156b1aa0a4469e9a6a
 CVE-2019-11338 (libavcodec/hevcdec.c in FFmpeg 4.1.2 mishandles detection of 
duplicate ...)
-       {DSA-4449-1}
+       {DSA-4449-1 DLA-1809-1}
        - ffmpeg 7:4.1.3-1
        - libav <removed>
        NOTE: 
https://github.com/FFmpeg/FFmpeg/commit/54655623a82632e7624714d7b2a3e039dc5faa7e
@@ -3458,12 +3542,12 @@ CVE-2019-10969
        RESERVED
 CVE-2019-10968
        RESERVED
-CVE-2019-10967
-       RESERVED
+CVE-2019-10967 (In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a 
stack-based  ...)
+       TODO: check
 CVE-2019-10966
        RESERVED
-CVE-2019-10965
-       RESERVED
+CVE-2019-10965 (In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a 
heap-based b ...)
+       TODO: check
 CVE-2019-10964
        RESERVED
 CVE-2019-10963
@@ -17743,8 +17827,8 @@ CVE-2019-5591
        RESERVED
 CVE-2019-5590
        RESERVED
-CVE-2019-5589
-       RESERVED
+CVE-2019-5589 (An Unsafe Search Path vulnerability in FortiClient Online 
Installer (W ...)
+       TODO: check
 CVE-2019-5588
        RESERVED
 CVE-2019-5587
@@ -27569,8 +27653,8 @@ CVE-2018-1000862 (An information exposure vulnerability 
exists in Jenkins 2.153
        NOT-FOR-US: Jenkins
 CVE-2018-1000861 (A code execution vulnerability exists in the Stapler web 
framework use ...)
        NOT-FOR-US: Jenkins
-CVE-2018-20008
-       RESERVED
+CVE-2018-20008 (iBall Baton iB-WRB302N20122017 devices have improper access 
control ov ...)
+       TODO: check
 CVE-2018-20007 (Yeelight Smart AI Speaker 3.3.10_0074 devices have improper 
access con ...)
        NOT-FOR-US: Yeelight Smart AI Speaker devices
 CVE-2018-20006 (An issue was discovered in PHPok v5.0.055. There is a Stored 
XSS vulne ...)
@@ -33179,8 +33263,7 @@ CVE-2019-0222 (In Apache ActiveMQ 5.0.0 - 5.15.8, 
unmarshalling corrupt MQTT fra
        [stretch] - activemq <no-dsa> (Minor issue)
        [jessie] - activemq <not-affected> (MQTT support not enabled)
        NOTE: 
http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt
-CVE-2019-0221 [XSS in SSI printenv]
-       RESERVED
+CVE-2019-0221 (The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 
8.5.0  ...)
        - tomcat9 <unfixed>
        - tomcat8 <removed>
        - tomcat7 <removed>
@@ -33393,7 +33476,7 @@ CVE-2019-0155
        RESERVED
 CVE-2019-0154
        RESERVED
-CVE-2019-0153 (Buffer overflow in subsystem in Intel(R) CSME before version 
12.0.35 m ...)
+CVE-2019-0153 (Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 
12.0.34 m ...)
        NOT-FOR-US: Intel(R) CSME
 CVE-2019-0152
        RESERVED
@@ -42611,7 +42694,7 @@ CVE-2018-15824
 CVE-2018-15823
        RESERVED
 CVE-2018-15822 (The flv_write_packet function in libavformat/flvenc.c in 
FFmpeg throug ...)
-       {DSA-4449-1}
+       {DSA-4449-1 DLA-1809-1}
        - ffmpeg 7:4.0.3-1 (low)
        NOTE: 
https://github.com/FFmpeg/FFmpeg/commit/6b67d7f05918f7a1ee8fc6ff21355d7e8736aa10
        - libav <removed>



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cecf2d616104653313d8435b0bc81daebbcb1529

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cecf2d616104653313d8435b0bc81daebbcb1529
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to