[Git][security-tracker-team/security-tracker][master] automatic update

Sat, 26 Oct 2019 01:11:22 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
49e27066 by security tracker role at 2019-10-26T08:10:12Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,43 @@
+CVE-2019-18465
+       RESERVED
+CVE-2019-18464
+       RESERVED
+CVE-2019-18463
+       RESERVED
+CVE-2019-18462
+       RESERVED
+CVE-2019-18461
+       RESERVED
+CVE-2019-18460
+       RESERVED
+CVE-2019-18459
+       RESERVED
+CVE-2019-18458
+       RESERVED
+CVE-2019-18457
+       RESERVED
+CVE-2019-18456
+       RESERVED
+CVE-2019-18455
+       RESERVED
+CVE-2019-18454
+       RESERVED
+CVE-2019-18453
+       RESERVED
+CVE-2019-18452
+       RESERVED
+CVE-2019-18451
+       RESERVED
+CVE-2019-18450
+       RESERVED
+CVE-2019-18449
+       RESERVED
+CVE-2019-18448
+       RESERVED
+CVE-2019-18447
+       RESERVED
+CVE-2019-18446
+       RESERVED
 CVE-2019-18445
        RESERVED
 CVE-2019-18444
@@ -473,14 +513,14 @@ CVE-2019-18223
        RESERVED
 CVE-2019-18222
        RESERVED
-CVE-2019-18221
-       RESERVED
+CVE-2019-18221 (CoreHR Core Portal before 27.0.7 allows stored XSS. ...)
+       TODO: check
 CVE-2019-18220 (Sitemagic CMS 4.4.1 is affected by a 
Cross-Site-Request-Forgery (CSRF) ...)
        NOT-FOR-US: Sitemagic CMS
 CVE-2019-18219 (Sitemagic CMS 4.4.1 is affected by a Cross-Site-Scripting 
(XSS) vulner ...)
        NOT-FOR-US: Sitemagic CMS
 CVE-2019-18218 (cdf_read_property_info in cdf.c in file through 5.37 does not 
restrict ...)
-       {DLA-1969-1}
+       {DSA-4550-1 DLA-1969-1}
        - file 1:5.37-6 (bug #942830)
        NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16780
        NOTE: 
https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84 
@@ -2771,6 +2811,7 @@ CVE-2017-1002201 (In haml versions prior to version 
5.0.0.beta.2, when using use
        NOTE: https://snyk.io/vuln/SNYK-RUBY-HAML-20362
        NOTE: 
https://github.com/haml/haml/commit/18576ae6e9bdcb4303fdbe6b3199869d289d67c2
 CVE-2019-17596 (Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an 
attempt to ...)
+       {DSA-4551-1}
        - golang-1.13 1.13.3-1 (bug #942628)
        - golang-1.12 1.12.12-1 (bug #942629)
        - golang-1.11 <removed>
@@ -115078,8 +115119,8 @@ CVE-2017-14744 (UEditor 1.4.3.3 has XSS via the SRC 
attribute of an IFRAME eleme
        NOT-FOR-US: UEditor
 CVE-2017-14743 (Faleemi FSC-880 00.01.01.0048P2 devices allow unauthenticated 
SQL inje ...)
        NOT-FOR-US: Faleemi FSC-880 00.01.01.0048P2 devices
-CVE-2017-14742
-       RESERVED
+CVE-2017-14742 (Buffer overflow in LabF nfsAxe FTP client 3.7 allows an 
attacker to ex ...)
+       TODO: check
 CVE-2017-14741 (The ReadCAPTIONImage function in coders/caption.c in 
ImageMagick 7.0.7 ...)
        {DLA-1785-1 DLA-1131-1}
        - imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878548)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/49e27066acdb71dd250a2a955ab0d84e199cdf21

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/49e27066acdb71dd250a2a955ab0d84e199cdf21
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to