[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Sun, 06 Oct 2019 13:10:52 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
70933710 by security tracker role at 2019-10-06T20:10:22Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,59 @@
+CVE-2019-17240 (bl-kernel/security.class.php in Bludit 3.9.2 allows attackers 
to bypas ...)
+       TODO: check
+CVE-2019-17239
+       RESERVED
+CVE-2019-17238
+       RESERVED
+CVE-2019-17237
+       RESERVED
+CVE-2019-17236
+       RESERVED
+CVE-2019-17235
+       RESERVED
+CVE-2019-17234
+       RESERVED
+CVE-2019-17233
+       RESERVED
+CVE-2019-17232
+       RESERVED
+CVE-2019-17231
+       RESERVED
+CVE-2019-17230
+       RESERVED
+CVE-2019-17229
+       RESERVED
+CVE-2019-17228
+       RESERVED
+CVE-2019-17227
+       RESERVED
+CVE-2019-17226 (CMS Made Simple (CMSMS) 2.2.11 allows XSS via the Site Admin 
&gt; Modu ...)
+       TODO: check
+CVE-2019-17225 (Subrion 4.2.1 allows XSS via the panel/members/ Username, Full 
Name, o ...)
+       TODO: check
+CVE-2019-17224
+       RESERVED
+CVE-2019-17223
+       RESERVED
+CVE-2019-17222
+       RESERVED
+CVE-2019-17221
+       RESERVED
+CVE-2019-17220
+       RESERVED
+CVE-2019-17219 (An issue was discovered on V-Zug Combi-Steam MSLQ devices 
before Ether ...)
+       TODO: check
+CVE-2019-17218 (An issue was discovered on V-Zug Combi-Steam MSLQ devices 
before Ether ...)
+       TODO: check
+CVE-2019-17217 (An issue was discovered on V-Zug Combi-Steam MSLQ devices 
before Ether ...)
+       TODO: check
+CVE-2019-17216 (An issue was discovered on V-Zug Combi-Steam MSLQ devices 
before Ether ...)
+       TODO: check
+CVE-2019-17215 (An issue was discovered on V-Zug Combi-Steam MSLQ devices 
before Ether ...)
+       TODO: check
+CVE-2019-17214 (The WebARX plugin 1.3.0 for WordPress allows firewall bypass 
by append ...)
+       TODO: check
+CVE-2019-17213 (The WebARX plugin 1.3.0 for WordPress has unauthenticated 
stored XSS v ...)
+       TODO: check
 CVE-2019-17212
        RESERVED
 CVE-2019-17211
@@ -580,11 +636,11 @@ CVE-2019-16945
 CVE-2019-16944
        RESERVED
 CVE-2019-16943 (A Polymorphic Typing issue was discovered in FasterXML 
jackson-databin ...)
-       {DLA-1943-1}
+       {DSA-4542-1 DLA-1943-1}
        - jackson-databind 2.10.0-2 (bug #941530)
        NOTE: https://github.com/FasterXML/jackson-databind/issues/2478
 CVE-2019-16942 (A Polymorphic Typing issue was discovered in FasterXML 
jackson-databin ...)
-       {DLA-1943-1}
+       {DSA-4542-1 DLA-1943-1}
        - jackson-databind 2.10.0-2 (bug #941530)
        NOTE: https://github.com/FasterXML/jackson-databind/issues/2478
 CVE-2019-16941 (NSA Ghidra through 9.0.4, when experimental mode is enabled, 
allows ar ...)
@@ -2163,7 +2219,7 @@ CVE-2019-16337
 CVE-2019-16336
        RESERVED
 CVE-2019-16335 (A Polymorphic Typing issue was discovered in FasterXML 
jackson-databin ...)
-       {DLA-1943-1}
+       {DSA-4542-1 DLA-1943-1}
        - jackson-databind 2.10.0-1 (bug #940498)
        NOTE: https://github.com/FasterXML/jackson-databind/issues/2449
        NOTE: 
https://github.com/FasterXML/jackson-databind/commit/73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db
@@ -7450,7 +7506,7 @@ CVE-2019-14541 (GnuCOBOL 2.2 has a stack-based buffer 
overflow in cb_encode_prog
        [jessie] - open-cobol <no-dsa> (Minor issue)
        NOTE: https://sourceforge.net/p/open-cobol/bugs/584/
 CVE-2019-14540 (A Polymorphic Typing issue was discovered in FasterXML 
jackson-databin ...)
-       {DLA-1943-1}
+       {DSA-4542-1 DLA-1943-1}
        - jackson-databind 2.10.0-1 (bug #940498)
        NOTE: https://github.com/FasterXML/jackson-databind/issues/2410
        NOTE: https://github.com/FasterXML/jackson-databind/issues/2449
@@ -8346,7 +8402,7 @@ CVE-2019-14441 (An issue was discovered in Libav 12.3. An 
access violation allow
 CVE-2019-14440
        RESERVED
 CVE-2019-14439 (A Polymorphic Typing issue was discovered in FasterXML 
jackson-databin ...)
-       {DLA-1879-1}
+       {DSA-4542-1 DLA-1879-1}
        - jackson-databind 2.9.9.3-1 (bug #933393)
        NOTE: https://github.com/FasterXML/jackson-databind/issues/2389
        NOTE: 
https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b
@@ -8498,7 +8554,7 @@ CVE-2019-14380 (libopenmpt before 0.4.5 allows a crash 
during playback due to an
        [stretch] - libopenmpt <not-affected> (Vulnerable code not present in 
0.2 branch)
        NOTE: 
https://lib.openmpt.org/libopenmpt/2019/05/27/security-update-0.4.5/
 CVE-2019-14379 (SubTypeValidator.java in FasterXML jackson-databind before 
2.9.9.2 mis ...)
-       {DLA-1879-1}
+       {DSA-4542-1 DLA-1879-1}
        - jackson-databind 2.9.9.3-1 (bug #933393)
        NOTE: https://github.com/FasterXML/jackson-databind/issues/2387
        NOTE: 
https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/709337107699d4ece424a82a706924bad350eff3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/709337107699d4ece424a82a706924bad350eff3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to