[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Sat, 02 Nov 2019 01:11:14 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
bd7b1855 by security tracker role at 2019-11-02T08:10:12Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2019-18661 (Fastweb FASTGate 1.0.1b devices allow partial authentication 
bypass by ...)
+       TODO: check
+CVE-2019-18660
+       RESERVED
+CVE-2019-18659 (The Wireless Emergency Alerts (WEA) protocol allows remote 
attackers t ...)
+       TODO: check
 CVE-2019-18658
        RESERVED
 CVE-2019-18657 (ClickHouse before 19.13.5.44 allows HTTP header injection via 
the url  ...)
@@ -36225,8 +36231,7 @@ CVE-2019-6471 (A race condition which may occur when 
discarding malformed packet
        NOTE: https://kb.isc.org/v1/docs/cve-2019-6471
        NOTE: 
https://gitlab.isc.org/isc-projects/bind9/commit/60c42f849d520564ed42e5ed0ba46b4b69c07712
 (master)
        NOTE: 
https://gitlab.isc.org/isc-projects/bind9/commit/3a9c7bb80d4a609b86427406d9dd783199920b5b
 (v9_11)
-CVE-2019-6470 [DHCPv6 server crashes regularly]
-       RESERVED
+CVE-2019-6470 (There had existed in one of the ISC BIND libraries a bug in a 
function ...)
        - isc-dhcp 4.4.1-2 (bug #896122)
        [stretch] - isc-dhcp <ignored> (Issue triggerable only when build 
against bind >= 9.11.3)
        [jessie] - isc-dhcp <ignored> (Issue triggerable only when build 
against bind >= 9.11.3)
@@ -102943,7 +102948,7 @@ CVE-2018-1734 (IBM Rational Collaborative Lifecycle 
Management 6.0 through 6.0.6
        NOT-FOR-US: IBM
 CVE-2018-1733 (IBM QRadar SIEM 7.2 and 7.3 fails to adequately filter 
user-controlled ...)
        NOT-FOR-US: IBM
-CVE-2018-1732 (IBM QRadar SIEM 1.14.0 discloses sensitive information to 
unauthorized ...)
+CVE-2018-1732 (IBM QRadar Advisor with Watson 1.14.0 discloses sensitive 
information  ...)
        NOT-FOR-US: IBM
 CVE-2018-1731 (IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.3 and 6.0 
through  ...)
        NOT-FOR-US: IBM
@@ -249400,8 +249405,7 @@ CVE-2013-4169 (GNOME Display Manager (gdm) before 
2.21.1 allows local users to c
        - gdm <removed> (unimportant)
        - gdm3 <not-affected> (Only affected older gdm < 2.21.1)
        NOTE: In Debian /tmp/.X11-unix is created by  /etc/init.d/x11-common
-CVE-2013-4168 [start and end time fields not filtered]
-       RESERVED
+CVE-2013-4168 (Cross-site scripting (XSS) vulnerability in SmokePing 2.6.9 in 
the sta ...)
        {DLA-348-1}
        - smokeping 2.6.8-2 (low)
        [squeeze] - smokeping <no-dsa> (Minor issue)
@@ -381098,8 +381102,7 @@ CVE-2005-XXXX [mailutils: sql injection vulnerability 
in sql authentication modu
        - mailutils 1:0.6.1-2
 CVE-2005-XXXX [maradns: More frequent rekeying to mitigate possible AES 
attacks]
        - maradns 1.0.27-1
-CVE-2005-2352 [Temp file races in gs-gpl addons scripts]
-       RESERVED
+CVE-2005-2352 (I race condition in Temp files was found in gs-gpl before 8.56 
addons  ...)
        - gs-gpl 8.56.dfsg.1-1 (bug #291373; unimportant)
 CVE-2005-XXXX [Possible SQL injection in freeradius]
        - freeradius 1.0.2-4



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bd7b1855d0d0395aa6c84bb6a627e58cba0b4043

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bd7b1855d0d0395aa6c84bb6a627e58cba0b4043
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to