[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Sat, 29 Jun 2019 13:10:55 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
aecb6ccf by security tracker role at 2019-06-29T20:10:28Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,48 @@
-CVE-2019-13045 [IRSSI-SA-2019-06 Irssi Security Advisory]
+CVE-2019-13055 (Certain Logitech Unifying devices allow attackers to dump AES 
keys and ...)
+       TODO: check
+CVE-2019-13054 (The Logitech R500 presentation clicker allows attackers to 
determine t ...)
+       TODO: check
+CVE-2019-13053 (Logitech Unifying devices allow keystroke injection, bypassing 
encrypt ...)
+       TODO: check
+CVE-2019-13052 (Logitech Unifying devices allow live decryption if the pairing 
of a ke ...)
+       TODO: check
+CVE-2019-13051
+       RESERVED
+CVE-2019-13050 (Interaction between the sks-keyserver code through 1.2.0 of 
the SKS ke ...)
+       TODO: check
+CVE-2019-13049 (An integer wrap in kernel/sys/syscall.c in ToaruOS 1.10.10 
allows user ...)
+       TODO: check
+CVE-2019-13048 (kernel/sys/syscall.c in ToaruOS through 1.10.9 allows a denial 
of serv ...)
+       TODO: check
+CVE-2019-13047 (kernel/sys/syscall.c in ToaruOS through 1.10.9 has incorrect 
access co ...)
+       TODO: check
+CVE-2019-13046 (linker/linker.c in ToaruOS through 1.10.9 has insecure 
LD_LIBRARY_PATH ...)
+       TODO: check
+CVE-2019-13044 (An insecure login process was discovered in Panduit IntraVUE 
before 3. ...)
+       TODO: check
+CVE-2019-13043
+       RESERVED
+CVE-2019-13042
+       RESERVED
+CVE-2019-13041
+       RESERVED
+CVE-2019-13040
+       RESERVED
+CVE-2019-13039
+       RESERVED
+CVE-2019-13038 (mod_auth_mellon through 0.14.2 has an Open Redirect via the 
login?Retu ...)
+       TODO: check
+CVE-2019-13037
+       RESERVED
+CVE-2019-13036
+       RESERVED
+CVE-2019-13035 (Artica Pandora FMS 7.0 NG before 735 suffers from local 
privilege esca ...)
+       TODO: check
+CVE-2019-13034
+       RESERVED
+CVE-2016-10761 (Logitech Unifying devices before 2016-02-26 allow keystroke 
injection, ...)
+       TODO: check
+CVE-2019-13045 (Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 
1.2.1, when S ...)
        - irssi <unfixed> (bug #931264)
        NOTE: https://irssi.org/security/irssi_sa_2019_06.txt
        NOTE: https://github.com/irssi/irssi/pull/1058
@@ -227,7 +271,7 @@ CVE-2019-12939 (LiveZilla Server before 8.0.1.1 is 
vulnerable to SQL Injection i
 CVE-2019-12938 (The Roundcube component of Analogic Poste.io 2.1.6 uses 
.htaccess to p ...)
        NOT-FOR-US: Roundcube component of Analogic Poste.io
 CVE-2018-20843 (In libexpat in Expat before 2.2.7, XML input including XML 
names that  ...)
-       {DSA-4472-1}
+       {DSA-4472-1 DLA-1839-1}
        - expat 2.2.6-2 (bug #931031)
        NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5226
        NOTE: https://github.com/libexpat/libexpat/issues/186
@@ -40129,6 +40173,7 @@ CVE-2018-17461 (An out of bounds read in PDFium in 
Google Chrome prior to 68.0.3
        - chromium-browser 68.0.3440.75-1
        [jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 CVE-2018-17460 (Insufficient data validation in filesystem URIs in Google 
Chrome prior ...)
+       {DSA-4256-1}
        - chromium-browser 68.0.3440.75-1
        [jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 CVE-2018-17457 (An object lifecycle issue in Blink could lead to a use after 
free in W ...)
@@ -43870,6 +43915,7 @@ CVE-2018-16065 (A Javascript reentrancy issues that 
caused a use-after-free in V
        - chromium-browser 69.0.3497.81-1
        [jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 CVE-2018-16064 (Insufficient data validation in Extensions API in Google 
Chrome prior  ...)
+       {DSA-4256-1}
        - chromium-browser 68.0.3440.75-1
        [jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 CVE-2018-16063
@@ -127127,6 +127173,7 @@ CVE-2017-5029 (The xsltAddTextString function in 
transform.c in libxslt 1.1.29,
        [jessie] - libxslt 1.1.28-2+deb8u3
        NOTE: Upstream fix in libxslt: 
https://git.gnome.org/browse/libxslt/commit/?id=08ab2774b870de1c7b5a48693df75e8154addae5
 CVE-2017-5028 (Insufficient data validation in V8 in Google Chrome prior to 
56.0.2924 ...)
+       {DSA-3776-1}
        - chromium-browser 56.0.2924.76-3
 CVE-2017-5027 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows 
and Ma ...)
        {DSA-3776-1}



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/aecb6ccfdbf6ca6f0535b18dd3a0a826ad772011

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/aecb6ccfdbf6ca6f0535b18dd3a0a826ad772011
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to