Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c954af81 by security tracker role at 2019-07-23T08:10:20Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2019-14239
+ RESERVED
+CVE-2019-14238
+ RESERVED
+CVE-2019-14237
+ RESERVED
+CVE-2019-14236
+ RESERVED
CVE-2019-14235
RESERVED
CVE-2019-14234
@@ -3051,7 +3059,7 @@ CVE-2019-13274
CVE-2019-13273
RESERVED
CVE-2019-13272 (In the Linux kernel before 5.1.17, ptrace_link in
kernel/ptrace.c mish ...)
- {DSA-4484-1}
+ {DSA-4484-1 DLA-1863-1 DLA-1862-1}
- linux 4.19.37-6
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1140671
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1903
@@ -4900,10 +4908,10 @@ CVE-2019-12554 (In SweetScape 010 Editor 9.0.1,
improper validation of arguments
NOT-FOR-US: SweetScape 010 Editor
CVE-2019-12553 (In SweetScape 010 Editor 9.0.1, improper validation of
arguments in th ...)
NOT-FOR-US: SweetScape 010 Editor
-CVE-2019-12552
- RESERVED
-CVE-2019-12551
- RESERVED
+CVE-2019-12552 (In SweetScape 010 Editor 9.0.1, an integer overflow during the
initial ...)
+ TODO: check
+CVE-2019-12551 (In SweetScape 010 Editor 9.0.1, improper validation of
arguments in th ...)
+ TODO: check
CVE-2019-12550 (WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505
before FW ...)
NOT-FOR-US: WAGO devices
CVE-2019-12549 (WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505
before FW ...)
@@ -10033,6 +10041,7 @@ CVE-2019-10640 (An issue was discovered in GitLab
Community and Enterprise Editi
- gitlab 11.8.6+dfsg-1 (bug #926482)
NOTE:
https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
CVE-2019-10639 (The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8
allows I ...)
+ {DLA-1862-1}
- linux 4.19.37-1
NOTE: https://arxiv.org/pdf/1906.10478.pdf
CVE-2019-10638 (In the Linux kernel before 5.1.7, a device can be tracked by
an attack ...)
@@ -23297,7 +23306,7 @@ CVE-2019-5739 (Keep-alive HTTP and HTTPS connections
can remain open and inactiv
NOTE: Nodejs not covered by security support
CVE-2019-5738
RESERVED
-CVE-2019-5737 (An attacker can cause a Denial of Service (DoS) by establishing
an HTT ...)
+CVE-2019-5737 (In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x
before ...)
- nodejs 10.15.2~dfsg-1 (unimportant)
NOTE:
https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
NOTE: Nodejs not covered by security support
@@ -24814,6 +24823,7 @@ CVE-2019-5052 (An exploitable integer overflow
vulnerability exists when loading
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0821
NOTE: https://hg.libsdl.org/SDL_image/rev/b920be2b3fc6
CVE-2019-5051 (An exploitable heap-based buffer overflow vulnerability exists
when lo ...)
+ {DLA-1861-1}
- libsdl2-image <unfixed> (bug #932754)
[buster] - libsdl2-image <no-dsa> (Minor issue)
[stretch] - libsdl2-image <no-dsa> (Minor issue)
@@ -33330,6 +33340,7 @@ CVE-2019-2103
CVE-2019-2102 (In the Bluetooth Low Energy (BLE) specification, there is a
provided e ...)
NOT-FOR-US: Android
CVE-2019-2101 (In uvc_parse_standard_control of uvc_driver.c, there is a
possible out ...)
+ {DLA-1862-1}
- linux 4.19.37-1
[stretch] - linux 4.9.168-1
NOTE:
https://git.kernel.org/linus/47bb117911b051bbc90764a8bff96543cbd2005f
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c954af8125ceea297e30641fa05872c74c755975
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c954af8125ceea297e30641fa05872c74c755975
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
