Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b9287cbd by security tracker role at 2019-11-11T20:10:32Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,49 @@
+CVE-2019-18872
+ RESERVED
+CVE-2019-18871
+ RESERVED
+CVE-2019-18870
+ RESERVED
+CVE-2019-18869
+ RESERVED
+CVE-2019-18868
+ RESERVED
+CVE-2019-18867
+ RESERVED
+CVE-2019-18866
+ RESERVED
+CVE-2019-18865
+ RESERVED
+CVE-2019-18864
+ RESERVED
+CVE-2019-18863
+ RESERVED
+CVE-2019-18862 (maidag in GNU Mailutils before 3.8 is installed setuid and
allows loca ...)
+ TODO: check
+CVE-2019-18861
+ RESERVED
+CVE-2019-18860
+ RESERVED
+CVE-2019-18859
+ RESERVED
+CVE-2019-18858
+ RESERVED
+CVE-2019-18857 (darylldoyle svg-sanitizer before 0.12.0 mishandles script and
data val ...)
+ TODO: check
+CVE-2019-18856 (A Denial Of Service vulnerability exists in the SVG Sanitizer
module t ...)
+ TODO: check
+CVE-2019-18855 (A Denial Of Service vulnerability exists in the safe-svg (aka
Safe SVG ...)
+ TODO: check
+CVE-2019-18854 (A Denial Of Service vulnerability exists in the safe-svg (aka
Safe SVG ...)
+ TODO: check
+CVE-2019-18853 (ImageMagick before 7.0.9-0 allows remote attackers to cause a
denial o ...)
+ TODO: check
+CVE-2019-18852 (Certain D-Link devices have a hardcoded Alphanetworks user
account wit ...)
+ TODO: check
+CVE-2019-18851
+ RESERVED
+CVE-2019-18850
+ RESERVED
CVE-2019-18849 (In tnef before 1.4.18, an attacker may be able to write to the
victim' ...)
- tnef <unfixed>
NOTE: https://github.com/verdammelt/tnef/pull/40
@@ -22195,10 +22241,12 @@ CVE-2019-12387 (In Twisted before 19.2.1, twisted.web
did not validate or saniti
[jessie] - twisted <no-dsa> (Minor issue)
NOTE:
https://github.com/twisted/twisted/commit/6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2
CVE-2019-12386 (An issue was discovered in Ampache through 3.9.1. A stored XSS
exists ...)
+ {DLA-1988-1}
- ampache <removed>
NOTE: https://github.com/ampache/ampache/issues/1872
NOTE: according to the github issue, it is not really fixed yet
CVE-2019-12385 (An issue was discovered in Ampache through 3.9.1. The search
engine is ...)
+ {DLA-1988-1}
- ampache <removed>
NOTE: https://github.com/ampache/ampache/issues/1872
NOTE: according to the github issue, it is not really fixed yet
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b9287cbd12828a8da08d6f810d35066598599886
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b9287cbd12828a8da08d6f810d35066598599886
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
