Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e93be93f by security tracker role at 2019-10-02T08:10:16Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2019-17075 (An issue was discovered in write_tpt_entry in
drivers/infiniband/hw/cx ...)
+ TODO: check
CVE-2019-17074 (An issue was discovered in XunRuiCMS 4.3.1. There is a stored
XSS in t ...)
NOT-FOR-US: XunRuiCMS
CVE-2019-17073 (emlog through 6.0.0beta allows remote authenticated users to
delete ar ...)
@@ -5658,8 +5660,8 @@ CVE-2019-15043 (In Grafana 2.x through 6.x before 6.3.4,
parts of the HTTP API a
- grafana <removed>
CVE-2019-15042 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had
no SSL ...)
TODO: check
-CVE-2019-15041
- RESERVED
+CVE-2019-15041 (JetBrains YouTrack versions before 2019.1.52545 allowed
unbounded URL ...)
+ TODO: check
CVE-2019-15040
RESERVED
CVE-2019-15039 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had
a possi ...)
@@ -5670,8 +5672,8 @@ CVE-2019-15037
RESERVED
CVE-2019-15036
RESERVED
-CVE-2019-15035
- RESERVED
+CVE-2019-15035 (An issue was discovered in JetBrains TeamCity 2018.2.4. A
TeamCity Pro ...)
+ TODO: check
CVE-2019-15034
RESERVED
CVE-2019-15033 (Pydio 6.0.8 allows Authenticated SSRF during a Remote Link
Feature dow ...)
@@ -26491,16 +26493,16 @@ CVE-2019-8294
RESERVED
CVE-2019-8293
RESERVED
-CVE-2019-8292
- RESERVED
-CVE-2019-8291
- RESERVED
-CVE-2019-8290
- RESERVED
-CVE-2019-8289
- RESERVED
-CVE-2019-8288
- RESERVED
+CVE-2019-8292 (Online Store System v1.0 delete_product.php doesn't check to
see if a ...)
+ TODO: check
+CVE-2019-8291 (Online Store System v1.0 delete_file.php doesn't check to see
if a use ...)
+ TODO: check
+CVE-2019-8290 (Vulnerability in Online Store v1.0, The registration form
requirements ...)
+ TODO: check
+CVE-2019-8289 (Vulnerability in Online Store v1.0, stored XSS in
admin/user_view.php ...)
+ TODO: check
+CVE-2019-8288 (Vulnerability in Online Store v1.0, Stored XSS in user_view.php
where ...)
+ TODO: check
CVE-2019-8287
RESERVED
CVE-2019-8286 (Information Disclosure in Kaspersky Anti-Virus, Kaspersky
Internet Sec ...)
@@ -45264,7 +45266,7 @@ CVE-2018-19650 (Local attackers can trigger a
stack-based buffer overflow on vul
CVE-2019-1564
RESERVED
CVE-2019-1563 (In situations where an attacker receives automated notification
of the ...)
- {DLA-1932-1}
+ {DSA-4540-1 DSA-4539-1 DLA-1932-1}
- openssl 1.1.1d-1
- openssl1.0 <removed>
NOTE:
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=08229ad838c50f644d7e928e2eef147b4308ad64
(OpenSSL_1_1_1d)
@@ -45319,7 +45321,7 @@ CVE-2019-1549 (OpenSSL 1.1.1 introduced a rewritten
random number generator (RNG
CVE-2019-1548
RESERVED
CVE-2019-1547 (Normally in OpenSSL EC groups always have a co-factor present
and this ...)
- {DLA-1932-1}
+ {DSA-4540-1 DSA-4539-1 DLA-1932-1}
- openssl 1.1.1d-1
- openssl1.0 <removed>
NOTE:
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=21c856b75d81eff61aa63b4f036bb64a85bf6d46
(OpenSSL_1_0_2t)
@@ -49012,8 +49014,7 @@ CVE-2019-0232 (When running on Windows with
enableCmdLineArguments enabled, the
- tomcat9 <not-affected> (Windows-specific)
- tomcat8 <not-affected> (Windows-specific)
NOTE:
https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html
-CVE-2019-0231
- RESERVED
+CVE-2019-0231 (Handling of the close_notify SSL/TLS message does not lead to a
connec ...)
NOT-FOR-US: Apache MINA
CVE-2019-0230
RESERVED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e93be93fe696c4b662fc5543047ba6e9dca5ebfa
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e93be93fe696c4b662fc5543047ba6e9dca5ebfa
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
