Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d584b38f by Salvatore Bonaccorso at 2019-06-25T21:02:00Z
Slightly change order of source package entries
- - - - -
749aa20e by Salvatore Bonaccorso at 2019-06-25T21:07:21Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -53,7 +53,7 @@ CVE-2019-12940 (LiveZilla Server before 8.0.1.1 is vulnerable
to Denial Of Servi
CVE-2019-12939 (LiveZilla Server before 8.0.1.1 is vulnerable to SQL Injection
in serv ...)
NOT-FOR-US: LiveZilla
CVE-2019-12938 (The Roundcube component of Analogic Poste.io 2.1.6 uses
.htaccess to p ...)
- TODO: check
+ NOT-FOR-US: Roundcube component of Analogic Poste.io
CVE-2018-20843 (In libexpat in Expat before 2.2.7, XML input including XML
names that ...)
- expat 2.2.6-2 (bug #931031)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5226
@@ -5822,7 +5822,7 @@ CVE-2019-10691 (The JSON encoder in Dovecot before
2.3.5.2 allows attackers to r
CVE-2019-10690
RESERVED
CVE-2019-10689 (VVX products using UCS software version 5.9.2 and earlier with
Better ...)
- TODO: check
+ NOT-FOR-US: VVX products using UCS software
CVE-2019-10688 (VVX products with software versions including and prior to,
UCS 5.9.2 ...)
NOT-FOR-US: VVX products using UCS
CVE-2019-10687
@@ -17497,9 +17497,9 @@ CVE-2019-6331
CVE-2019-6330
RESERVED
CVE-2019-6329 (HP Support Assistant 8.7.50 and earlier allows a user to gain
system p ...)
- TODO: check
+ NOT-FOR-US: HP Support Assistant
CVE-2019-6328 (HP Support Assistant 8.7.50 and earlier allows a user to gain
system p ...)
- TODO: check
+ NOT-FOR-US: HP Support Assistant
CVE-2019-6327 (HP Color LaserJet Pro M280-M281 Multifunction Printer series
(before v ...)
NOT-FOR-US: HP
CVE-2019-6326 (HP Color LaserJet Pro M280-M281 Multifunction Printer series
(before v ...)
@@ -23355,9 +23355,9 @@ CVE-2019-3812 (QEMU, through version 2.10 and through
version 3.1.0, is vulnerab
NOTE:
https://git.qemu.org/?p=qemu.git;a=commit;h=78c71af8049c40657b646d9dd722867fa15c0f1b
CVE-2019-3811 (A vulnerability was found in sssd. If a user was configured
with no ho ...)
{DLA-1635-1}
+ - sssd <unfixed> (bug #919051)
[buster] - sssd <no-dsa> (Minor issue)
[stretch] - sssd <no-dsa> (Minor issue)
- - sssd <unfixed> (bug #919051)
NOTE: Upstream ticket: https://pagure.io/SSSD/sssd/issue/3901
NOTE: Pull request: https://github.com/SSSD/sssd/pull/703
NOTE: Fixed by:
https://github.com/SSSD/sssd/commit/90f32399b4100ce39cf665649fde82d215e5eb49
(master)
@@ -57717,9 +57717,9 @@ CVE-2018-10853 (A flaw was found in the way Linux
kernel KVM hypervisor before 4
NOTE: Fixed by:
https://git.kernel.org/linus/3c9fa24ca7c9c47605672916491f79e8ccacb9e6
CVE-2018-10852 (The UNIX pipe which sudo uses to contact SSSD and read the
available s ...)
{DLA-1429-1}
+ - sssd <unfixed> (bug #902860)
[buster] - sssd <no-dsa> (Minor issue)
[stretch] - sssd <no-dsa> (Minor issue)
- - sssd <unfixed> (bug #902860)
NOTE: https://pagure.io/SSSD/sssd/issue/3766
CVE-2018-10851 (PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding
4.1.5 and 4. ...)
- pdns 4.1.5-1 (bug #913163)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/c4033775c5141833ea637b88b4fb427fd1c725b8...749aa20e94da55d10a1460433fb353ff1e55f4af
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/c4033775c5141833ea637b88b4fb427fd1c725b8...749aa20e94da55d10a1460433fb353ff1e55f4af
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
