Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1ae33de2 by Moritz Muehlenhoff at 2019-09-25T14:23:53Z
new hunspell issue
NFU
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -323,7 +323,9 @@ CVE-2019-16708 (ImageMagick 7.0.8-35 has a memory leak in
magick/xwindow.c, rela
- imagemagick <unfixed> (unimportant)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1531
CVE-2019-16707 (Hunspell 1.7.0 has an invalid read operation in
SuggestMgr::leftcommon ...)
- TODO: check
+ - hunspell <unfixed> (unimportant)
+ NOTE: Negligible security impact
+ NOTE: https://github.com/butterflyhack/hunspell-crash
CVE-2019-16706 (kkcms v1.3 has a CSRF vulnerablity that can add an user
account via ad ...)
NOT-FOR-US: kkcms
CVE-2018-21019 (Home Assistant before 0.67.0 was vulnerable to an information
disclosu ...)
@@ -794,6 +796,7 @@ CVE-2019-16525 (An XSS issue was discovered in the
checklist plugin before 1.1.9
NOT-FOR-US: checklist plugin for WordPress
CVE-2019-16524
RESERVED
+ NOT-FOR-US: Wordpress plugin
CVE-2019-16523
RESERVED
CVE-2019-16522
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1ae33de20c111d6ece2c1183f81e097fce26a63a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1ae33de20c111d6ece2c1183f81e097fce26a63a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
