Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8fb632c9 by Moritz Muehlenhoff at 2019-08-05T09:10:04Z
new issues in solr, sleuthkit, milkytracker
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -274,9 +274,13 @@ CVE-2019-14534
CVE-2019-14533
RESERVED
CVE-2019-14532 (An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There
is an off ...)
- TODO: check
+ - sleuthkit <unfixed> (unimportant)
+ NOTE: https://github.com/sleuthkit/sleuthkit/issues/1575
+ NOTE: Negligible security impact
CVE-2019-14531 (An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There
is an out ...)
- TODO: check
+ - sleuthkit <unfixed> (unimportant)
+ NOTE: https://github.com/sleuthkit/sleuthkit/issues/1576
+ NOTE: Negligible security impact
CVE-2019-14530
RESERVED
CVE-2019-14529 (OpenEMR before 5.0.2 allows SQL Injection in
interface/forms/eye_mag/s ...)
@@ -354,9 +358,13 @@ CVE-2019-14499
CVE-2019-14498
RESERVED
CVE-2019-14497 (ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in
MilkyTr ...)
- TODO: check
+ - milkytracker <unfixed>
+ NOTE: https://github.com/milkytracker/MilkyTracker/issues/182
+ NOTE:
https://github.com/milkytracker/MilkyTracker/commit/ea7772a3fae0a9dd0a322e8fec441d15843703b7
CVE-2019-14496 (LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker
1.02.00 ha ...)
- TODO: check
+ - milkytracker <unfixed>
+ NOTE: https://github.com/milkytracker/MilkyTracker/issues/183
+ NOTE:
https://github.com/milkytracker/MilkyTracker/commit/ea7772a3fae0a9dd0a322e8fec441d15843703b7
CVE-2019-14495 (webadmin.c in 3proxy before 0.8.13 has an out-of-bounds write
in the a ...)
- 3proxy <itp> (bug #718219)
CVE-2019-14494 (An issue was discovered in Poppler through 0.78.0. There is a
divide-b ...)
@@ -436,7 +444,9 @@ CVE-2019-14465 (fmt_mtm_load_song in fmt/mtm.c in Schism
Tracker 20190722 has a
NOTE: https://github.com/schismtracker/schismtracker/issues/198
NOTE:
https://github.com/schismtracker/schismtracker/commit/b78e8d32883f8a865035436af4fa6d541b6ebb42
CVE-2019-14464 (XMFile::read in XMFile.cpp in milkyplay in MilkyTracker
1.02.00 has a ...)
- TODO: check
+ - milkytracker <unfixed>
+ NOTE: https://github.com/milkytracker/MilkyTracker/issues/184
+ NOTE:
https://github.com/milkytracker/MilkyTracker/commit/fd607a3439fcdd0992e5efded3c16fc79c804e34
CVE-2019-14463 (An issue was discovered in libmodbus before 3.0.7 and 3.1.x
before 3.1 ...)
- libmodbus <unfixed> (bug #933805)
[buster] - libmodbus <no-dsa> (Minor issue)
@@ -41204,7 +41214,8 @@ CVE-2019-0195
CVE-2019-0194 (Apache Camel's File is vulnerable to directory traversal. Camel
2.21.0 ...)
NOT-FOR-US: Apache Camel
CVE-2019-0193 (In Apache Solr, the DataImportHandler, an optional but popular
module ...)
- TODO: check
+ - lucene-solr <unfixed> (low)
+ NOTE: https://issues.apache.org/jira/browse/SOLR-13669
CVE-2019-0192 (In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the
Config ...)
- lucene-solr <not-affected> (vulnerable code is not present)
NOTE: https://issues.apache.org/jira/browse/SOLR-13301
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8fb632c993ff8e8e2b4e006ec0930dc6cc42ca46
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8fb632c993ff8e8e2b4e006ec0930dc6cc42ca46
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
