Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f5a785ed by security tracker role at 2019-12-08T08:10:25Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2019-19642 (On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and
BIOS 02 ...)
+ TODO: check
+CVE-2019-19641
+ RESERVED
+CVE-2019-19640
+ RESERVED
+CVE-2019-19639
+ RESERVED
+CVE-2019-19638 (An issue was discovered in libsixel 1.8.2. There is a
heap-based buffe ...)
+ TODO: check
+CVE-2019-19637 (An issue was discovered in libsixel 1.8.2. There is an integer
overflo ...)
+ TODO: check
+CVE-2019-19636 (An issue was discovered in libsixel 1.8.2. There is an integer
overflo ...)
+ TODO: check
+CVE-2019-19635 (An issue was discovered in libsixel 1.8.2. There is a
heap-based buffe ...)
+ TODO: check
+CVE-2019-19634
+ RESERVED
+CVE-2019-19633
+ RESERVED
+CVE-2019-19632
+ RESERVED
+CVE-2019-19631
+ RESERVED
+CVE-2019-19630 (HTMLDOC 1.9.7 allows a stack-based buffer overflow in the
hd_strlcpy() ...)
+ TODO: check
CVE-2019-19629
RESERVED
CVE-2019-19628
@@ -26,6 +52,7 @@ CVE-2019-19619 (domain/section/markdown/markdown.go in
Documize before 3.5.1 mis
CVE-2019-19618
RESERVED
CVE-2019-19617 (phpMyAdmin before 4.9.2 does not escape certain Git
information, relat ...)
+ {DLA-2024-1}
- phpmyadmin 4:4.9.2+dfsg1-1
NOTE:
https://github.com/phpmyadmin/phpmyadmin/commit/1119de642b136d20e810bb20f545069a01dd7cc9
CVE-2019-19616 (An Insecure Direct Object Reference (IDOR) vulnerability in
the Xtivia ...)
@@ -1845,16 +1872,13 @@ CVE-2019-19451 (When GNOME Dia before 2019-11-27 is
launched with a filename arg
NOTE: Negligible security impact, hang in end user tool
CVE-2019-19450
RESERVED
-CVE-2019-19449
- RESERVED
+CVE-2019-19449 (In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem
image c ...)
- linux <unfixed>
NOTE: https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19449
-CVE-2019-19448
- RESERVED
+CVE-2019-19448 (In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted
btrfs filesy ...)
- linux <unfixed>
NOTE: https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19448
-CVE-2019-19447
- RESERVED
+CVE-2019-19447 (In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem
image, ...)
- linux <unfixed>
NOTE: https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19447
CVE-2019-19446
@@ -45440,6 +45464,7 @@ CVE-2019-5546
CVE-2019-5545
RESERVED
CVE-2019-5544 (OpenSLP as used in ESXi and the Horizon DaaS appliances has a
heap ove ...)
+ {DLA-2025-1}
- openslp-dfsg <removed>
NOTE: https://www.openwall.com/lists/oss-security/2019/12/06/1
CVE-2019-5543
@@ -104977,7 +105002,7 @@ CVE-2017-17835 (In Apache Airflow 1.8.2 and earlier,
a CSRF vulnerability allowe
CVE-2017-17834
REJECTED
CVE-2017-17833 (OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a
heap-relat ...)
- {DLA-1364-1}
+ {DLA-2025-1 DLA-1364-1}
- openslp-dfsg <removed> (low)
NOTE:
https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/
CVE-2017-17832 (ServersCheck Monitoring Software before 14.2.3 is prone to a
cross-sit ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f5a785ed013d485e6551e85da704e5dc76fc6998
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f5a785ed013d485e6551e85da704e5dc76fc6998
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
