Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e29b930e by security tracker role at 2019-10-05T08:10:20Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2019-17192 (** DISPUTED ** The WebRTC component in the Signal Private
Messenger ap ...)
+ TODO: check
+CVE-2019-17191 (The Signal Private Messenger application before 4.47.7 for
Android all ...)
+ TODO: check
+CVE-2019-17190
+ RESERVED
+CVE-2019-17189
+ RESERVED
+CVE-2019-17188 (An unrestricted file upload vulnerability was discovered in
catalog/pr ...)
+ TODO: check
+CVE-2019-17187
+ RESERVED
+CVE-2019-17186
+ RESERVED
+CVE-2019-17185
+ RESERVED
+CVE-2019-17184 (Xerox AtlaLink B8045/B8055/B8065/B8075/B8090
C8030/C8035/C8045/C8055/C ...)
+ TODO: check
+CVE-2019-17183 (Foxit Reader before 9.7 allows an Access Violation and crash
if insuff ...)
+ TODO: check
+CVE-2019-17182
+ RESERVED
+CVE-2019-17181
+ RESERVED
+CVE-2019-17180 (Valve Steam Client before 2019-09-12 allows placing or
appending parti ...)
+ TODO: check
CVE-2019-17179 (XSS in library/custom_template/add_template.php in OpenEMR
through 5.0 ...)
NOT-FOR-US: OpenEMR
CVE-2019-17178 (HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG
through 2019-0 ...)
@@ -813,8 +839,8 @@ CVE-2015-9410 (The Blubrry PowerPress Podcasting plugin
6.0.4 for WordPress has
NOT-FOR-US: Blubrry PowerPress Podcasting plugin for WordPress
CVE-2015-9409 (The alo-easymail plugin before 2.6.01 for WordPress has CSRF
with resu ...)
NOT-FOR-US: Wordpress plugin
-CVE-2019-16865
- RESERVED
+CVE-2019-16865 (An issue was discovered in Pillow before 6.2.0. When reading
specially ...)
+ TODO: check
CVE-2019-16864
RESERVED
CVE-2019-16863
@@ -2106,7 +2132,7 @@ CVE-2019-16332 (In the api-bearer-auth plugin before
20190907 for WordPress, the
NOT-FOR-US: Wordpress plugin
CVE-2019-12412 [Remotely exploitable null pointer dereference bug]
RESERVED
- {DLA-1944-1}
+ {DSA-4541-1 DLA-1944-1}
- libapreq2 2.13-6 (bug #939937)
NOTE: http://svn.apache.org/r1866760
CVE-2019-16331
@@ -16651,10 +16677,10 @@ CVE-2019-11658 (Information exposure in Micro Focus
Content Manager, versions 9.
NOT-FOR-US: Micro Focus
CVE-2019-11657
RESERVED
-CVE-2019-11656
- RESERVED
-CVE-2019-11655
- RESERVED
+CVE-2019-11656 (Stored XSS vulnerability in Micro Focus ArcSight Logger,
affects versi ...)
+ TODO: check
+CVE-2019-11655 (Unrestricted file upload vulnerability in Micro Focus ArcSight
Logger, ...)
+ TODO: check
CVE-2019-11654 (Path traversal vulnerability in Micro Focus Verastream Host
Integrator ...)
NOT-FOR-US: Micro Focus
CVE-2019-11653 (Remote Access Control Bypass in Micro Focus Content Manager.
versions ...)
@@ -58640,7 +58666,7 @@ CVE-2018-16509 (An issue was discovered in Artifex
Ghostscript before 9.24. Inco
NOTE:
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=520bb0ea7519aa3e79db78aaf0589dae02103764
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699654
NOTE: Partially fixed in 9.22~dfsg-3, see #907703
-CVE-2018-16585 (An issue was discovered in Artifex Ghostscript before 9.24.
The .setdi ...)
+CVE-2018-16585 (** DISPUTED ** ...)
{DSA-4288-1 DLA-1504-1}
[experimental] - ghostscript 9.25~dfsg-1~exp1
- ghostscript 9.25~dfsg-1 (bug #908305)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e29b930e8d2bcbb5bf81fd9956d47eb81de34bae
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e29b930e8d2bcbb5bf81fd9956d47eb81de34bae
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
