Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0f499464 by security tracker role at 2019-11-28T20:10:32Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2019-19383
+ RESERVED
+CVE-2019-19382
+ RESERVED
+CVE-2019-19381
+ RESERVED
+CVE-2019-19380
+ RESERVED
+CVE-2019-19379 (In app/Controller/TagsController.php in MISP 2.4.118, users
can bypass ...)
+ TODO: check
+CVE-2019-19378
+ RESERVED
+CVE-2019-19377
+ RESERVED
+CVE-2019-19376 (In Octopus Deploy before 2019.10.6, an authenticated user with
TeamEdi ...)
+ TODO: check
+CVE-2019-19375 (In Octopus Deploy before 2019.10.7, in a configuration where
SSL offlo ...)
+ TODO: check
+CVE-2019-19374
+ RESERVED
+CVE-2019-19373
+ RESERVED
+CVE-2019-19372 (A downloadFile.php download_file path traversal vulnerability
in rConf ...)
+ TODO: check
CVE-2019-19371
RESERVED
CVE-2019-19370
@@ -32995,7 +33019,7 @@ CVE-2019-9435 (In Bluetooth, there is a possible out of
bounds read due to a mis
CVE-2019-9434 (In Bluetooth, there is a possible out of bounds read due to a
missing ...)
NOT-FOR-US: Android
CVE-2019-9433 (In libvpx, there is a possible information disclosure due to
improper ...)
- {DLA-2012-1}
+ {DSA-4578-1 DLA-2012-1}
- libvpx 1.8.1-2
NOTE:
https://github.com/webmproject/libvpx/commit/52add5896661d186dec284ed646a4b33b607d2c7
CVE-2019-9432 (In Bluetooth, there is a possible out of bounds read due to
improper i ...)
@@ -33222,6 +33246,7 @@ CVE-2019-9327 (In Bluetooth, there is a possible out of
bounds read due to a mis
CVE-2019-9326 (In Bluetooth, there is a possible out of bounds read due to a
missing ...)
NOT-FOR-US: Android
CVE-2019-9325 (In libvpx, there is a possible out of bounds read due to a
missing bou ...)
+ {DSA-4578-1}
- libvpx 1.8.1-2
[jessie] - libvpx <not-affected> (Vunerable code introduced in 1.4.0)
NOTE:
https://github.com/webmproject/libvpx/commit/0681cff1ad36b3ef8ec242f59b5a6c4234ccfb88
@@ -33413,7 +33438,7 @@ CVE-2019-9234 (In wpa_supplicant_8, there is a possible
out of bounds read due t
CVE-2019-9233 (In wpa_supplicant_8, there is a possible out of bounds read due
to an ...)
NOT-FOR-US: Android
CVE-2019-9232 (In libvpx, there is a possible out of bounds read due to a
missing bou ...)
- {DLA-2012-1}
+ {DSA-4578-1 DLA-2012-1}
- libvpx 1.8.1-2
NOTE:
https://github.com/webmproject/libvpx/commit/46e17f0cb4a80b36755c84b8bf15731d3386c08f
CVE-2019-9231 (An issue was discovered on AudioCodes Mediant 500L-MSBR,
500-MBSR, M80 ...)
@@ -53188,7 +53213,7 @@ CVE-2018-20021 (LibVNC before commit
c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c co
{DSA-4383-1 DLA-1979-1 DLA-1617-1}
- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
- italc <removed>
- - veyon 4.1.4+repack1-1
+ - veyon 4.1.4+repack1-1
NOTE: https://github.com/LibVNC/libvncserver/issues/251
NOTE:
https://github.com/LibVNC/libvncserver/commit/c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c
NOTE:
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-031-libvnc-infinite-loop/
@@ -53196,7 +53221,7 @@ CVE-2018-20020 (LibVNC before commit
7b1ef0ffc4815cab9a96c7278394152bdc89dc4d co
{DSA-4383-1 DLA-1979-1 DLA-1617-1}
- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
- italc <removed>
- - veyon 4.1.4+repack1-1
+ - veyon 4.1.4+repack1-1
NOTE: https://github.com/LibVNC/libvncserver/issues/250
NOTE:
https://github.com/LibVNC/libvncserver/commit/09f2f3fb6a5a163e453e5c2979054670c39694bc
NOTE:
https://github.com/LibVNC/libvncserver/commit/7b1ef0ffc4815cab9a96c7278394152bdc89dc4d
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0f499464e8a114430e50ee76fe2b12a64be4254e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0f499464e8a114430e50ee76fe2b12a64be4254e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
