Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a245ab4d by security tracker role at 2019-09-20T20:10:37Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,319 @@
+CVE-2019-16645 (An issue was discovered in Embedthis GoAhead 2.5.0. Certain
pages (suc ...)
+ TODO: check
+CVE-2019-16644 (App\Home\Controller\ZhuantiController.class.php in TuziCMS
2.0.6 has S ...)
+ TODO: check
+CVE-2019-16643 (An issue was discovered in ZrLog 2.1.1. There is a Stored XSS
vulnerab ...)
+ TODO: check
+CVE-2019-16642 (App\Mobile\Controller\ZhuantiController.class.php in TuziCMS
2.0.6 has ...)
+ TODO: check
+CVE-2019-16641
+ RESERVED
+CVE-2019-16640
+ RESERVED
+CVE-2019-16639
+ RESERVED
+CVE-2019-16638
+ RESERVED
+CVE-2019-16637
+ RESERVED
+CVE-2019-16636
+ RESERVED
+CVE-2019-16635
+ RESERVED
+CVE-2019-16634
+ RESERVED
+CVE-2019-16633
+ RESERVED
+CVE-2019-16632
+ RESERVED
+CVE-2019-16631
+ RESERVED
+CVE-2019-16630
+ RESERVED
+CVE-2019-16629
+ RESERVED
+CVE-2019-16628
+ RESERVED
+CVE-2019-16627
+ RESERVED
+CVE-2019-16626
+ RESERVED
+CVE-2019-16625
+ RESERVED
+CVE-2019-16624
+ RESERVED
+CVE-2019-16623
+ RESERVED
+CVE-2019-16622
+ RESERVED
+CVE-2019-16621
+ RESERVED
+CVE-2019-16620
+ RESERVED
+CVE-2019-16619
+ RESERVED
+CVE-2019-16618
+ RESERVED
+CVE-2019-16617
+ RESERVED
+CVE-2019-16616
+ RESERVED
+CVE-2019-16615
+ RESERVED
+CVE-2019-16614
+ RESERVED
+CVE-2019-16613
+ RESERVED
+CVE-2019-16612
+ RESERVED
+CVE-2019-16611
+ RESERVED
+CVE-2019-16610
+ RESERVED
+CVE-2019-16609
+ RESERVED
+CVE-2019-16608
+ RESERVED
+CVE-2019-16607
+ RESERVED
+CVE-2019-16606
+ RESERVED
+CVE-2019-16605
+ RESERVED
+CVE-2019-16604
+ RESERVED
+CVE-2019-16603
+ RESERVED
+CVE-2019-16602
+ RESERVED
+CVE-2019-16601
+ RESERVED
+CVE-2019-16600
+ RESERVED
+CVE-2019-16599
+ RESERVED
+CVE-2019-16598
+ RESERVED
+CVE-2019-16597
+ RESERVED
+CVE-2019-16596
+ RESERVED
+CVE-2019-16595
+ RESERVED
+CVE-2019-16594
+ RESERVED
+CVE-2019-16593
+ RESERVED
+CVE-2019-16592
+ RESERVED
+CVE-2019-16591
+ RESERVED
+CVE-2019-16590
+ RESERVED
+CVE-2019-16589
+ RESERVED
+CVE-2019-16588
+ RESERVED
+CVE-2019-16587
+ RESERVED
+CVE-2019-16586
+ RESERVED
+CVE-2019-16585
+ RESERVED
+CVE-2019-16584
+ RESERVED
+CVE-2019-16583
+ RESERVED
+CVE-2019-16582
+ RESERVED
+CVE-2019-16581
+ RESERVED
+CVE-2019-16580
+ RESERVED
+CVE-2019-16579
+ RESERVED
+CVE-2019-16578
+ RESERVED
+CVE-2019-16577
+ RESERVED
+CVE-2019-16576
+ RESERVED
+CVE-2019-16575
+ RESERVED
+CVE-2019-16574
+ RESERVED
+CVE-2019-16573
+ RESERVED
+CVE-2019-16572
+ RESERVED
+CVE-2019-16571
+ RESERVED
+CVE-2019-16570
+ RESERVED
+CVE-2019-16569
+ RESERVED
+CVE-2019-16568
+ RESERVED
+CVE-2019-16567
+ RESERVED
+CVE-2019-16566
+ RESERVED
+CVE-2019-16565
+ RESERVED
+CVE-2019-16564
+ RESERVED
+CVE-2019-16563
+ RESERVED
+CVE-2019-16562
+ RESERVED
+CVE-2019-16561
+ RESERVED
+CVE-2019-16560
+ RESERVED
+CVE-2019-16559
+ RESERVED
+CVE-2019-16558
+ RESERVED
+CVE-2019-16557
+ RESERVED
+CVE-2019-16556
+ RESERVED
+CVE-2019-16555
+ RESERVED
+CVE-2019-16554
+ RESERVED
+CVE-2019-16553
+ RESERVED
+CVE-2019-16552
+ RESERVED
+CVE-2019-16551
+ RESERVED
+CVE-2019-16550
+ RESERVED
+CVE-2019-16549
+ RESERVED
+CVE-2019-16548
+ RESERVED
+CVE-2019-16547
+ RESERVED
+CVE-2019-16546
+ RESERVED
+CVE-2019-16545
+ RESERVED
+CVE-2019-16544
+ RESERVED
+CVE-2019-16543
+ RESERVED
+CVE-2019-16542
+ RESERVED
+CVE-2019-16541
+ RESERVED
+CVE-2019-16540
+ RESERVED
+CVE-2019-16539
+ RESERVED
+CVE-2019-16538
+ RESERVED
+CVE-2016-11013 (The wp-listings plugin before 2.0.2 for WordPress has
includes/views/s ...)
+ TODO: check
+CVE-2016-11012 (The sola-support-tickets plugin before 3.13 for WordPress has
incorrec ...)
+ TODO: check
+CVE-2016-11011 (The wp-invoice plugin before 4.1.1 for WordPress has
wpi_update_user_o ...)
+ TODO: check
+CVE-2016-11010 (The wp-invoice plugin before 4.1.1 for WordPress has incorrect
access ...)
+ TODO: check
+CVE-2016-11009 (The wp-invoice plugin before 4.1.1 for WordPress has incorrect
access ...)
+ TODO: check
+CVE-2016-11008 (The wp-invoice plugin before 4.1.1 for WordPress has incorrect
access ...)
+ TODO: check
+CVE-2016-11007 (The wp-invoice plugin before 4.1.1 for WordPress has incorrect
access ...)
+ TODO: check
+CVE-2016-11006 (The wp-invoice plugin before 4.1.1 for WordPress has incorrect
access ...)
+ TODO: check
+CVE-2016-11005 (The instalinker plugin before 1.1.2 for WordPress has
includes/instali ...)
+ TODO: check
+CVE-2016-11004 (The Elegant Themes Monarch plugin before 1.2.7 for WordPress
has privi ...)
+ TODO: check
+CVE-2016-11003 (The Elegant Themes Bloom plugin before 1.1.1 for WordPress has
privile ...)
+ TODO: check
+CVE-2016-11002 (The Elegant Themes Extra theme before 1.2.4 for WordPress has
privileg ...)
+ TODO: check
+CVE-2016-11001 (The user-submitted-posts plugin before 20160215 for WordPress
has XSS ...)
+ TODO: check
+CVE-2016-11000 (The wp-ultimate-exporter plugin through 1.1 for WordPress has
SQL inje ...)
+ TODO: check
+CVE-2016-10999 (The Goodnews theme through 2016-02-28 for WordPress has XSS
via the s ...)
+ TODO: check
+CVE-2016-10998 (The ocim-mp3 plugin through 2016-03-07 for WordPress has
wp-content/pl ...)
+ TODO: check
+CVE-2016-10997 (The beauty-premium theme 1.0.8 for WordPress has CSRF with
resultant a ...)
+ TODO: check
+CVE-2016-10996 (The optinmonster plugin before 1.1.4.6 for WordPress has
incorrect acc ...)
+ TODO: check
+CVE-2015-9408 (The xpinner-lite plugin through 2.2 for WordPress has
wp-admin/options ...)
+ TODO: check
+CVE-2015-9407 (The xpinner-lite plugin through 2.2 for WordPress has
xpinner-lite.php ...)
+ TODO: check
+CVE-2015-9406
+ RESERVED
+CVE-2015-9405 (The wp-piwik plugin before 1.0.5 for WordPress has XSS. ...)
+ TODO: check
+CVE-2015-9404 (The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_keywords
XSS. ...)
+ TODO: check
+CVE-2015-9403 (The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_location
XSS. ...)
+ TODO: check
+CVE-2015-9402 (The users-ultra plugin before 1.5.59 for WordPress has
uultra-form-cvs ...)
+ TODO: check
+CVE-2015-9401 (The websimon-tables plugin through 1.3.4 for WordPress has
wp-admin/to ...)
+ TODO: check
+CVE-2015-9400 (The wordpress-meta-robots plugin through 2.1 for WordPress has
wp-admi ...)
+ TODO: check
+CVE-2015-9399 (The wp-stats-dashboard plugin through 2.9.4 for WordPress has
admin/gr ...)
+ TODO: check
+CVE-2015-9398 (The gocodes plugin through 1.3.5 for WordPress has
wp-admin/tools.php ...)
+ TODO: check
+CVE-2015-9397 (The gocodes plugin through 1.3.5 for WordPress has
wp-admin/tools.php ...)
+ TODO: check
+CVE-2015-9396 (The auto-thickbox-plus plugin through 1.9 for WordPress has
wp-content ...)
+ TODO: check
+CVE-2015-9395 (The users-ultra plugin before 1.5.64 for WordPress has SQL
Injection v ...)
+ TODO: check
+CVE-2015-9394 (The users-ultra plugin before 1.5.63 for WordPress has CSRF via
action ...)
+ TODO: check
+CVE-2015-9393 (The users-ultra plugin before 1.5.63 for WordPress has XSS via
the p_d ...)
+ TODO: check
+CVE-2015-9392 (The users-ultra plugin before 1.5.63 for WordPress has XSS via
the p_n ...)
+ TODO: check
+CVE-2015-9391 (The yawpp plugin through 1.2.2 for WordPress has XSS via the
field1 pa ...)
+ TODO: check
+CVE-2015-9390 (The admin-management-xtended plugin before 2.4.0.1 for
WordPress has p ...)
+ TODO: check
+CVE-2015-9389 (The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via a
quiz n ...)
+ TODO: check
+CVE-2015-9388 (The mtouch-quiz plugin before 3.1.3 for WordPress has
wp-admin/edit.ph ...)
+ TODO: check
+CVE-2015-9387 (The mtouch-quiz plugin before 3.1.3 for WordPress has
wp-admin/options ...)
+ TODO: check
+CVE-2015-9386 (The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via
the quiz ...)
+ TODO: check
+CVE-2015-9385 (The quotes-and-tips plugin before 1.20 for WordPress has XSS.
...)
+ TODO: check
+CVE-2015-9384 (The relevant plugin before 1.0.8 for WordPress has XSS. ...)
+ TODO: check
+CVE-2014-10397
+ RESERVED
+CVE-2014-10396
+ RESERVED
CVE-2019-16537
RESERVED
CVE-2019-16536
RESERVED
CVE-2019-16535
RESERVED
-CVE-2019-16534
- RESERVED
-CVE-2019-16533
- RESERVED
+CVE-2019-16534 (On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists
via a c ...)
+ TODO: check
+CVE-2019-16533 (On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect
Access C ...)
+ TODO: check
CVE-2019-16532
RESERVED
CVE-2019-16531 (LayerBB before 1.1.4 has multiple CSRF issues, as demonstrated
by chan ...)
@@ -3963,16 +4269,16 @@ CVE-2019-15092 (The webtoffee "WordPress Users &
WooCommerce Customers Impor
NOT-FOR-US: webtoffee "WordPress Users & WooCommerce Customers Import
Export" plugin for WordPress
CVE-2019-15091 (filemgr.php in Artica Integria IMS 5.0.86 allows
index.php?sec=wiki&am ...)
NOT-FOR-US: Artica Integria IMS
-CVE-2019-15089
- RESERVED
-CVE-2019-15088
- RESERVED
-CVE-2019-15087
- RESERVED
-CVE-2019-15086
- RESERVED
-CVE-2019-15085
- RESERVED
+CVE-2019-15089 (An issue was discovered in PRiSE adAS 1.7.0. Forms have no
CSRF protec ...)
+ TODO: check
+CVE-2019-15088 (An issue was discovered in PRiSE adAS 1.7.0. Password hashes
are compa ...)
+ TODO: check
+CVE-2019-15087 (An issue was discovered in PRiSE adAS 1.7.0. An authenticated
user can ...)
+ TODO: check
+CVE-2019-15086 (An issue was discovered in PRiSE adAS 1.7.0. The newentityID
parameter ...)
+ TODO: check
+CVE-2019-15085 (An issue was discovered in PRiSE adAS 1.7.0. The current
database pass ...)
+ TODO: check
CVE-2019-15084 (Realtek Waves MaxxAudio driver 1.6.2.0, as used on Dell
laptops, insta ...)
NOT-FOR-US: Realtek
CVE-2019-15083
@@ -4679,18 +4985,18 @@ CVE-2019-14918
RESERVED
CVE-2019-14917
RESERVED
-CVE-2019-14916
- RESERVED
-CVE-2019-14915
- RESERVED
-CVE-2019-14914
- RESERVED
-CVE-2019-14913
- RESERVED
-CVE-2019-14912
- RESERVED
-CVE-2019-14911
- RESERVED
+CVE-2019-14916 (An issue was discovered in PRiSE adAS 1.7.0. A file's format
is not pr ...)
+ TODO: check
+CVE-2019-14915 (An issue was discovered in PRiSE adAS 1.7.0. Certificate data
are not ...)
+ TODO: check
+CVE-2019-14914 (An issue was discovered in PRiSE adAS 1.7.0. The path is not
properly ...)
+ TODO: check
+CVE-2019-14913 (An issue was discovered in PRiSE adAS 1.7.0. Log data are not
properly ...)
+ TODO: check
+CVE-2019-14912 (An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO
module does n ...)
+ TODO: check
+CVE-2019-14911 (An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO
module does n ...)
+ TODO: check
CVE-2019-14910
RESERVED
CVE-2019-14909
@@ -4899,16 +5205,14 @@ CVE-2019-14817 (A flaw was found in, ghostscript
versions prior to 9.28, in the
NOTE: For recent versions (9.28~~rc1~dfsg-1) the issue is mitigated
starting
NOTE: from
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=7ecbfda92b4c8dbf6f6c2bf8fc82020a29219eff
NOTE: which changed the access to file permissions.
-CVE-2019-14816
- RESERVED
+CVE-2019-14816 (There is heap-based buffer overflow in kernel, all versions up
to, exc ...)
- linux <unfixed>
CVE-2019-14815
RESERVED
- linux <unfixed>
[stretch] - linux <not-affected> (Vulnerability introduced later)
[jessie] - linux <not-affected> (Vulnerability introduced later)
-CVE-2019-14814
- RESERVED
+CVE-2019-14814 (There is heap-based buffer overflow in Linux kernel, all
versions up t ...)
- linux <unfixed>
CVE-2019-14813 (A flaw was found in ghostscript, versions 9.x before 9.28, in
the sets ...)
{DSA-4518-1 DLA-1915-1}
@@ -15753,10 +16057,10 @@ CVE-2019-11329
CVE-2019-11328 (An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a
malicious ...)
- singularity-container <not-affected> (No released Debian version
contains the issue, cf bug #929042)
NOTE: https://www.openwall.com/lists/oss-security/2019/05/16/1
-CVE-2019-11327
- RESERVED
-CVE-2019-11326
- RESERVED
+CVE-2019-11327 (An issue was discovered on Topcon Positioning Net-G5 GNSS
Receiver dev ...)
+ TODO: check
+CVE-2019-11326 (An issue was discovered on Topcon Positioning Net-G5 GNSS
Receiver dev ...)
+ TODO: check
CVE-2019-11325
RESERVED
CVE-2019-11323 (HAProxy before 1.9.7 mishandles a reload with rotated keys,
which trig ...)
@@ -15852,8 +16156,8 @@ CVE-2019-11282
RESERVED
CVE-2019-11281
RESERVED
-CVE-2019-11280
- RESERVED
+CVE-2019-11280 (Pivotal Apps Manager, included in Pivotal Application Service
versions ...)
+ TODO: check
CVE-2019-11279
RESERVED
CVE-2019-11278
@@ -16436,35 +16740,35 @@ CVE-2019-11044
CVE-2019-11043
RESERVED
CVE-2019-11042 (When PHP EXIF extension is parsing EXIF information from an
image, e.g ...)
- {DSA-4527-1 DLA-1878-1}
+ {DSA-4529-1 DSA-4527-1 DLA-1878-1}
- php7.3 7.3.8-1
- php7.0 <removed>
- php5 <removed>
NOTE: Fixed in 7.1.31, 7.2.21, 7.3.8
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=78256
CVE-2019-11041 (When PHP EXIF extension is parsing EXIF information from an
image, e.g ...)
- {DSA-4527-1 DLA-1878-1}
+ {DSA-4529-1 DSA-4527-1 DLA-1878-1}
- php7.3 7.3.8-1
- php7.0 <removed>
- php5 <removed>
NOTE: Fixed in 7.1.31, 7.2.21, 7.3.8
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=78222
CVE-2019-11040 (When PHP EXIF extension is parsing EXIF information from an
image, e.g ...)
- {DSA-4527-1 DLA-1813-1}
+ {DSA-4529-1 DSA-4527-1 DLA-1813-1}
- php7.3 7.3.6-1
- php7.0 <removed>
- php5 <removed>
NOTE: Fixed in 7.1.30, 7.2.19, 7.3.6
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77988
CVE-2019-11039 (Function iconv_mime_decode_headers() in PHP versions 7.1.x
below 7.1.3 ...)
- {DSA-4527-1 DLA-1813-1}
+ {DSA-4529-1 DSA-4527-1 DLA-1813-1}
- php7.3 7.3.6-1
- php7.0 <removed>
- php5 <removed>
NOTE: Fixed in 7.1.30, 7.2.19, 7.3.6
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=78069
CVE-2019-11038 (When using the gdImageCreateFromXbm() function in the GD
Graphics Libr ...)
- {DLA-1817-1}
+ {DSA-4529-1 DLA-1817-1}
- libgd2 2.2.5-5.2 (low; bug #929821)
[stretch] - libgd2 2.2.4-2+deb9u5
- php7.3 7.3.6-1 (unimportant)
@@ -16480,21 +16784,21 @@ CVE-2019-11037 (In PHP imagick extension in versions
between 3.3.0 and 3.4.4, wr
NOTE: https://bugs.php.net/bug.php?id=77791
NOTE: https://github.com/mkoppanen/imagick/commits/bugfix_77791
CVE-2019-11036 (When processing certain files, PHP EXIF extension in versions
7.1.x be ...)
- {DSA-4527-1 DLA-1803-1}
+ {DSA-4529-1 DSA-4527-1 DLA-1803-1}
- php7.3 7.3.6-1 (bug #928421)
- php7.0 <removed>
- php5 <removed>
NOTE: Fixed in 7.1.29, 7.2.18, 7.3.5
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77950
CVE-2019-11035 (When processing certain files, PHP EXIF extension in versions
7.1.x be ...)
- {DLA-1803-1}
+ {DSA-4529-1 DLA-1803-1}
- php7.3 7.3.4-1
- php7.0 <removed>
- php5 <removed>
NOTE: Fixed in 7.1.28, 7.2.17, 7.3.4
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77831
CVE-2019-11034 (When processing certain files, PHP EXIF extension in versions
7.1.x be ...)
- {DLA-1803-1}
+ {DSA-4529-1 DLA-1803-1}
- php7.3 7.3.4-1
- php7.0 <removed>
- php5 <removed>
@@ -31878,7 +32182,7 @@ CVE-2019-5533
RESERVED
CVE-2019-5532 (VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5
U3 and ...)
TODO: check
-CVE-2019-5531 (VMware vSphere ESXi (6.7 prior to ESXi670-201904101-SG, 6.5
prior to E ...)
+CVE-2019-5531 (VMware vSphere ESXi (6.7 prior to ESXi670-201810101-SG, 6.5
prior to E ...)
TODO: check
CVE-2019-5530 (Windows binaries generated with InstallBuilder versions earlier
than 1 ...)
NOT-FOR-US: InstallBuilder
@@ -31898,8 +32202,8 @@ CVE-2019-5523 (VMware vCloud Director for Service
Providers 9.5.x prior to 9.5.0
NOT-FOR-US: VMware vCloud Director for Service Providers
CVE-2019-5522 (VMware Tools for Windows update addresses an out of bounds read
vulner ...)
NOT-FOR-US: VMware
-CVE-2019-5521
- RESERVED
+CVE-2019-5521 (VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before
ESXi650-20 ...)
+ TODO: check
CVE-2019-5520 (VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before
ESXi650-20 ...)
NOT-FOR-US: VMware
CVE-2019-5519 (VMware ESXi (6.7 before ESXi670-201903001, 6.5 before
ESXi650-20190300 ...)
@@ -33990,8 +34294,8 @@ CVE-2019-4567
RESERVED
CVE-2019-4566
RESERVED
-CVE-2019-4565
- RESERVED
+CVE-2019-4565 (IBM Security Key Lifecycle Manager 3.0 and 3.0.1 does not
require that ...)
+ TODO: check
CVE-2019-4564
RESERVED
CVE-2019-4563
@@ -34110,8 +34414,8 @@ CVE-2019-4507
RESERVED
CVE-2019-4506
RESERVED
-CVE-2019-4505
- RESERVED
+CVE-2019-4505 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Network
Deploy ...)
+ TODO: check
CVE-2019-4504
RESERVED
CVE-2019-4503
@@ -51807,8 +52111,8 @@ CVE-2018-17791 (Newgen OmniFlow Intelligent Business
Process Suite (iBPS) 7.0 ha
TODO: check
CVE-2018-17790 (Prospecta Master Data Online (MDO) 2.0 has Stored XSS. ...)
NOT-FOR-US: Prospecta Master Data Online (MDO)
-CVE-2018-17789
- RESERVED
+CVE-2018-17789 (Prospecta Master Data Online (MDO) allows CSRF. ...)
+ TODO: check
CVE-2018-17788
RESERVED
CVE-2018-17787 (On D-Link DIR-823G devices, the GoAhead configuration allows
/HNAP1 Co ...)
@@ -69251,8 +69555,8 @@ CVE-2018-11202 (A NULL pointer dereference was
discovered in H5S_hyper_make_span
NOTE:
https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/992a199f90fec31e0ad72ed76ed279a3ccea59e4
CVE-2018-11201
RESERVED
-CVE-2018-11200
- RESERVED
+CVE-2018-11200 (An issue was discovered in Mautic 2.13.1. It has Stored XSS
via the co ...)
+ TODO: check
CVE-2018-11199
RESERVED
CVE-2018-11198 (An issue was discovered in Mautic 2.13.1. There is Stored XSS
via the ...)
@@ -159077,6 +159381,7 @@ CVE-2016-7400 (Multiple SQL injection vulnerabilities
in Exponent CMS before 2.4
CVE-2016-7399 (scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x
through 2.6. ...)
NOT-FOR-US: Veritas NetBackup Applianc
CVE-2016-7398 (A type confusion vulnerability in the merge_param() function of
php_ht ...)
+ {DLA-1929-1}
- php-pecl-http 3.1.0+2.6.0-1
NOTE: https://bugs.php.net/bug.php?id=73055
NOTE:
https://github.com/m6w6/ext-http/commit/17137d4ab1ce81a2cee0fae842340a344ef3da83
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a245ab4d463ca45e6b01f751aa97da9a0536f2b8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a245ab4d463ca45e6b01f751aa97da9a0536f2b8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
