[Git][security-tracker-team/security-tracker][master] automatic update

Fri, 04 Oct 2019 01:11:31 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
77ad0b39 by security tracker role at 2019-10-04T08:10:14Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,43 @@
+CVE-2019-17129
+       RESERVED
+CVE-2019-17128
+       RESERVED
+CVE-2019-17127
+       RESERVED
+CVE-2019-17126
+       RESERVED
+CVE-2019-17125
+       RESERVED
+CVE-2019-17124
+       RESERVED
+CVE-2019-17123
+       RESERVED
+CVE-2019-17122
+       RESERVED
+CVE-2019-17121 (REDCap before 9.3.4 has XSS on the Customize & Manage 
Locking/E-si ...)
+       TODO: check
+CVE-2019-17120
+       RESERVED
+CVE-2019-17119
+       RESERVED
+CVE-2019-17118
+       RESERVED
+CVE-2019-17117
+       RESERVED
+CVE-2019-17116
+       RESERVED
+CVE-2019-17115
+       RESERVED
+CVE-2019-17114
+       RESERVED
+CVE-2019-17113 (In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, 
ModPlug_Instrument ...)
+       TODO: check
+CVE-2019-17112
+       RESERVED
+CVE-2019-17111
+       RESERVED
+CVE-2019-17110 (A security issue was discovered in kube-state-metrics 1.7.x 
before 1.7 ...)
+       TODO: check
 CVE-2019-17109
        RESERVED
 CVE-2019-17108
@@ -1970,8 +2010,8 @@ CVE-2019-16330
        RESERVED
 CVE-2019-16329
        RESERVED
-CVE-2019-16328
-       RESERVED
+CVE-2019-16328 (In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically 
modify  ...)
+       TODO: check
 CVE-2019-16327
        RESERVED
 CVE-2019-16326
@@ -2285,6 +2325,7 @@ CVE-2019-16241
 CVE-2019-16240
        RESERVED
 CVE-2019-16239 (process_http_response in OpenConnect before 8.05 has a Buffer 
Overflow ...)
+       {DLA-1945-1}
        - openconnect <unfixed> (bug #940871)
        NOTE: 
http://lists.infradead.org/pipermail/openconnect-devel/2019-September/005412.html
        NOTE: 
https://github.com/openconnect/openconnect/commit/875f0a65ab73f4fb581ca870fd3a901bd278f8e8
@@ -2424,8 +2465,8 @@ CVE-2019-16200
        RESERVED
 CVE-2019-16199 (eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 
allow Remot ...)
        NOT-FOR-US: eQ-3 Homematic CCU2
-CVE-2019-16198
-       RESERVED
+CVE-2019-16198 (KSLabs KSWEB 3.93 allows ../ directory traversal, as 
demonstrated by t ...)
+       TODO: check
 CVE-2019-16197 (In htdocs/societe/card.php in Dolibarr 10.0.1, the value of 
the User-A ...)
        - dolibarr <removed>
 CVE-2019-16196
@@ -3524,8 +3565,8 @@ CVE-2019-15767 (In GNU Chess 6.2.5, there is a 
stack-based buffer overflow in th
        - gnuchess <unfixed> (unimportant; bug #936023)
        NOTE: 
https://lists.gnu.org/archive/html/bug-gnu-chess/2019-08/msg00004.html
        NOTE: Neutralised by toolchain hardening, no security impact
-CVE-2019-15766
-       RESERVED
+CVE-2019-15766 (The KSLABS KSWEB (aka ru.kslabs.ksweb) application 3.93 for 
Android al ...)
+       TODO: check
 CVE-2019-15765
        RESERVED
 CVE-2019-15764
@@ -11871,26 +11912,26 @@ CVE-2019-13334
        RESERVED
 CVE-2019-13333
        RESERVED
-CVE-2019-13332
-       RESERVED
-CVE-2019-13331
-       RESERVED
-CVE-2019-13330
-       RESERVED
-CVE-2019-13329
-       RESERVED
-CVE-2019-13328
-       RESERVED
-CVE-2019-13327
-       RESERVED
-CVE-2019-13326
-       RESERVED
-CVE-2019-13325
-       RESERVED
-CVE-2019-13324
-       RESERVED
-CVE-2019-13323
-       RESERVED
+CVE-2019-13332 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
+       TODO: check
+CVE-2019-13331 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
+       TODO: check
+CVE-2019-13330 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
+       TODO: check
+CVE-2019-13329 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
+       TODO: check
+CVE-2019-13328 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
+       TODO: check
+CVE-2019-13327 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
+       TODO: check
+CVE-2019-13326 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
+       TODO: check
+CVE-2019-13325 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
+       TODO: check
+CVE-2019-13324 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
+       TODO: check
+CVE-2019-13323 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
+       TODO: check
 CVE-2019-13322
        RESERVED
 CVE-2019-13321
@@ -15614,8 +15655,8 @@ CVE-2019-11934
        RESERVED
 CVE-2019-11933
        RESERVED
-CVE-2019-11932
-       RESERVED
+CVE-2019-11932 (A double free vulnerability in the DDGifSlurp function in 
decoding.c i ...)
+       TODO: check
 CVE-2019-11931
        RESERVED
 CVE-2019-11930



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/77ad0b398f5e62c2e57462d7acd3de6ea4ec7f5f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/77ad0b398f5e62c2e57462d7acd3de6ea4ec7f5f
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to