Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
23257ad7 by security tracker role at 2019-07-03T08:10:27Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,24 @@
-CVE-2019-13173 [File overwrite in fstream.DirWriter() function]
+CVE-2019-13183
+ RESERVED
+CVE-2019-13182
+ RESERVED
+CVE-2019-13181
+ RESERVED
+CVE-2019-13180
+ RESERVED
+CVE-2019-13179 (Calamares through 3.2.4 copies a LUKS encryption keyfile from
/crypto_ ...)
+ TODO: check
+CVE-2019-13178 (modules/luksbootkeyfile/main.py in Calamares through 3.2.4 has
a race ...)
+ TODO: check
+CVE-2019-13177 (verification.py in django-rest-registration (aka Django REST
Registrat ...)
+ TODO: check
+CVE-2019-13176
+ RESERVED
+CVE-2019-13175 (Read the Docs before 3.5.1 has an Open Redirect if certain
user-define ...)
+ TODO: check
+CVE-2019-13174
+ RESERVED
+CVE-2019-13173 (fstream before 1.0.12 is vulnerable to Arbitrary File
Overwrite. Extra ...)
- node-fstream <unfixed>
[stretch] - node-fstream <ignored> (Nodejs in stretch not covered by
security support)
NOTE: https://www.npmjs.com/advisories/886
@@ -5571,8 +5591,8 @@ CVE-2019-10977 (In Mitsubishi Electric MELSEC-Q series
Ethernet module QJ71E71-1
NOT-FOR-US: Mitsubishi
CVE-2019-10976
RESERVED
-CVE-2019-10975
- RESERVED
+CVE-2019-10975 (An out-of-bounds read vulnerability has been identified in
Fuji Electr ...)
+ TODO: check
CVE-2019-10974
RESERVED
CVE-2019-10973
@@ -7665,11 +7685,9 @@ CVE-2019-10139 (During HE deployment via cockpit-ovirt,
cockpit-ovirt generates
CVE-2019-10138
RESERVED
NOT-FOR-US: python-novajoin plugin for OpenStack
-CVE-2019-10137
- RESERVED
+CVE-2019-10137 (A path traversal flaw was found in spacewalk-proxy, all
versions throu ...)
NOT-FOR-US: Red Hat Satellite / Spacewalk
-CVE-2019-10136
- RESERVED
+CVE-2019-10136 (It was found that Spacewalk, all versions through 2.8, did not
safely ...)
NOT-FOR-US: Red Hat Satellite / Spacewalk
CVE-2019-10135
RESERVED
@@ -17306,16 +17324,16 @@ CVE-2019-6626
RESERVED
CVE-2019-6625
RESERVED
-CVE-2019-6624
- RESERVED
-CVE-2019-6623
- RESERVED
-CVE-2019-6622
- RESERVED
-CVE-2019-6621
- RESERVED
-CVE-2019-6620
- RESERVED
+CVE-2019-6624 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4,
and 12.1. ...)
+ TODO: check
+CVE-2019-6623 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4,
and 12.1. ...)
+ TODO: check
+CVE-2019-6622 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4,
12.1.0-12 ...)
+ TODO: check
+CVE-2019-6621 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4,
12.1.0-12 ...)
+ TODO: check
+CVE-2019-6620 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4,
12.1.0-12 ...)
+ TODO: check
CVE-2019-6619 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4,
the Tra ...)
NOT-FOR-US: F5 BIG-IP
CVE-2019-6618 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6 ...)
@@ -19991,8 +20009,7 @@ CVE-2019-5601
RESERVED
CVE-2019-5600
RESERVED
-CVE-2019-5599
- RESERVED
+CVE-2019-5599 (In FreeBSD 12.0-STABLE before r349197 and 12.0-RELEASE before
12.0-REL ...)
- kfreebsd-10 <not-affected> (Only affects FreeBSD 12)
CVE-2019-5598 (In FreeBSD 11.3-PRERELEASE before r345378, 12.0-STABLE before
r345377, ...)
- kfreebsd-10 <unfixed> (unimportant)
@@ -102923,7 +102940,7 @@ CVE-2017-12780 (The ReadData function in ebmlstring.c
in libebml2 through 2012-0
NOT-FOR-US: libembl2 (different codebase than src:libebml)
CVE-2017-12779 (The Node_GetData function in corec/corec/node/node.c in
mkvalidator 0. ...)
NOT-FOR-US: libembl2 (different codebase than src:libebml)
-CVE-2017-12778 (The UI Lock feature in qBittorrent version 3.3.15 is
vulnerable to Aut ...)
+CVE-2017-12778 (** DISPUTED ** The UI Lock feature in qBittorrent version
3.3.15 is vu ...)
TODO: check
CVE-2017-1000112 (Linux kernel: Exploitable memory corruption due to UFO to
non-UFO path ...)
{DSA-3981-1}
@@ -106362,12 +106379,12 @@ CVE-2017-11582 (dayrui FineCms 5.0.9 has SQL
Injection via the num parameter in
NOT-FOR-US: FineCms
CVE-2017-11581 (dayrui FineCms 5.0.9 has Cross Site Scripting (XSS) in
admin/Login.php ...)
NOT-FOR-US: FineCms
-CVE-2017-11580
- RESERVED
-CVE-2017-11579
- RESERVED
-CVE-2017-11578
- RESERVED
+CVE-2017-11580 (Blipcare Wifi blood pressure monitor BP700 10.1 devices allow
memory c ...)
+ TODO: check
+CVE-2017-11579 (In the most recent firmware for Blipcare, the device provides
an open ...)
+ TODO: check
+CVE-2017-11578 (It was discovered as a part of the research on IoT devices in
the most ...)
+ TODO: check
CVE-2017-11577 (FontForge 20161012 is vulnerable to a buffer over-read in
getsid (pars ...)
{DSA-3958-1 DLA-1065-1}
- fontforge 1:20170731~dfsg-1 (bug #869614)
@@ -115836,32 +115853,32 @@ CVE-2017-8418 (RuboCop 0.48.1 and earlier does not
use /tmp in safe way, allowin
- rubocop 0.49.1+dfsg-1 (bug #870852)
NOTE: https://github.com/bbatsov/rubocop/issues/4336
NOTE:
https://github.com/bbatsov/rubocop/commit/dcb258fabd5f2624c1ea0e1634763094590c09d7
-CVE-2017-8417
- RESERVED
-CVE-2017-8416
- RESERVED
-CVE-2017-8415
- RESERVED
-CVE-2017-8414
- RESERVED
-CVE-2017-8413
- RESERVED
-CVE-2017-8412
- RESERVED
+CVE-2017-8417 (An issue was discovered on D-Link DCS-1100 and DCS-1130
devices. The d ...)
+ TODO: check
+CVE-2017-8416 (An issue was discovered on D-Link DCS-1100 and DCS-1130
devices. The d ...)
+ TODO: check
+CVE-2017-8415 (An issue was discovered on D-Link DCS-1100 and DCS-1130
devices. The d ...)
+ TODO: check
+CVE-2017-8414 (An issue was discovered on D-Link DCS-1100 and DCS-1130
devices. The b ...)
+ TODO: check
+CVE-2017-8413 (An issue was discovered on D-Link DCS-1100 and DCS-1130
devices. The d ...)
+ TODO: check
+CVE-2017-8412 (An issue was discovered on D-Link DCS-1100 and DCS-1130
devices. The d ...)
+ TODO: check
CVE-2017-8411 (An issue was discovered on D-Link DCS-1130 devices. The device
provide ...)
TODO: check
-CVE-2017-8410
- RESERVED
-CVE-2017-8409
- RESERVED
+CVE-2017-8410 (An issue was discovered on D-Link DCS-1100 and DCS-1130
devices. The b ...)
+ TODO: check
+CVE-2017-8409 (An issue was discovered on D-Link DCS-1130 devices. The device
require ...)
+ TODO: check
CVE-2017-8408 (An issue was discovered on D-Link DCS-1130 devices. The device
provide ...)
TODO: check
CVE-2017-8407 (An issue was discovered on D-Link DCS-1130 devices. The device
provide ...)
TODO: check
CVE-2017-8406 (An issue was discovered on D-Link DCS-1130 devices. The device
provide ...)
TODO: check
-CVE-2017-8405
- RESERVED
+CVE-2017-8405 (An issue was discovered on D-Link DCS-1130 and DCS-1100
devices. The b ...)
+ TODO: check
CVE-2017-8404 (An issue was discovered on D-Link DCS-1130 devices. The device
provide ...)
TODO: check
CVE-2017-8403 (360fly 4K cameras allow unauthenticated Wi-Fi password changes
and com ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/23257ad735dc9b6f166680a88c25e3aced778abe
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/23257ad735dc9b6f166680a88c25e3aced778abe
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
