Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
060786a8 by security tracker role at 2019-12-18T20:10:21Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,211 @@
+CVE-2020-3919
+ RESERVED
+CVE-2020-3918
+ RESERVED
+CVE-2020-3917
+ RESERVED
+CVE-2020-3916
+ RESERVED
+CVE-2020-3915
+ RESERVED
+CVE-2020-3914
+ RESERVED
+CVE-2020-3913
+ RESERVED
+CVE-2020-3912
+ RESERVED
+CVE-2020-3911
+ RESERVED
+CVE-2020-3910
+ RESERVED
+CVE-2020-3909
+ RESERVED
+CVE-2020-3908
+ RESERVED
+CVE-2020-3907
+ RESERVED
+CVE-2020-3906
+ RESERVED
+CVE-2020-3905
+ RESERVED
+CVE-2020-3904
+ RESERVED
+CVE-2020-3903
+ RESERVED
+CVE-2020-3902
+ RESERVED
+CVE-2020-3901
+ RESERVED
+CVE-2020-3900
+ RESERVED
+CVE-2020-3899
+ RESERVED
+CVE-2020-3898
+ RESERVED
+CVE-2020-3897
+ RESERVED
+CVE-2020-3896
+ RESERVED
+CVE-2020-3895
+ RESERVED
+CVE-2020-3894
+ RESERVED
+CVE-2020-3893
+ RESERVED
+CVE-2020-3892
+ RESERVED
+CVE-2020-3891
+ RESERVED
+CVE-2020-3890
+ RESERVED
+CVE-2020-3889
+ RESERVED
+CVE-2020-3888
+ RESERVED
+CVE-2020-3887
+ RESERVED
+CVE-2020-3886
+ RESERVED
+CVE-2020-3885
+ RESERVED
+CVE-2020-3884
+ RESERVED
+CVE-2020-3883
+ RESERVED
+CVE-2020-3882
+ RESERVED
+CVE-2020-3881
+ RESERVED
+CVE-2020-3880
+ RESERVED
+CVE-2020-3879
+ RESERVED
+CVE-2020-3878
+ RESERVED
+CVE-2020-3877
+ RESERVED
+CVE-2020-3876
+ RESERVED
+CVE-2020-3875
+ RESERVED
+CVE-2020-3874
+ RESERVED
+CVE-2020-3873
+ RESERVED
+CVE-2020-3872
+ RESERVED
+CVE-2020-3871
+ RESERVED
+CVE-2020-3870
+ RESERVED
+CVE-2020-3869
+ RESERVED
+CVE-2020-3868
+ RESERVED
+CVE-2020-3867
+ RESERVED
+CVE-2020-3866
+ RESERVED
+CVE-2020-3865
+ RESERVED
+CVE-2020-3864
+ RESERVED
+CVE-2020-3863
+ RESERVED
+CVE-2020-3862
+ RESERVED
+CVE-2020-3861
+ RESERVED
+CVE-2020-3860
+ RESERVED
+CVE-2020-3859
+ RESERVED
+CVE-2020-3858
+ RESERVED
+CVE-2020-3857
+ RESERVED
+CVE-2020-3856
+ RESERVED
+CVE-2020-3855
+ RESERVED
+CVE-2020-3854
+ RESERVED
+CVE-2020-3853
+ RESERVED
+CVE-2020-3852
+ RESERVED
+CVE-2020-3851
+ RESERVED
+CVE-2020-3850
+ RESERVED
+CVE-2020-3849
+ RESERVED
+CVE-2020-3848
+ RESERVED
+CVE-2020-3847
+ RESERVED
+CVE-2020-3846
+ RESERVED
+CVE-2020-3845
+ RESERVED
+CVE-2020-3844
+ RESERVED
+CVE-2020-3843
+ RESERVED
+CVE-2020-3842
+ RESERVED
+CVE-2020-3841
+ RESERVED
+CVE-2020-3840
+ RESERVED
+CVE-2020-3839
+ RESERVED
+CVE-2020-3838
+ RESERVED
+CVE-2020-3837
+ RESERVED
+CVE-2020-3836
+ RESERVED
+CVE-2020-3835
+ RESERVED
+CVE-2020-3834
+ RESERVED
+CVE-2020-3833
+ RESERVED
+CVE-2020-3832
+ RESERVED
+CVE-2020-3831
+ RESERVED
+CVE-2020-3830
+ RESERVED
+CVE-2020-3829
+ RESERVED
+CVE-2020-3828
+ RESERVED
+CVE-2020-3827
+ RESERVED
+CVE-2020-3826
+ RESERVED
+CVE-2020-3825
+ RESERVED
+CVE-2019-19890 (An issue was discovered on Humax Wireless Voice Gateway
HGB10R-2 20160 ...)
+ TODO: check
+CVE-2019-19889 (An issue was discovered on Humax Wireless Voice Gateway
HGB10R-2 20160 ...)
+ TODO: check
+CVE-2019-19888 (jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a
divide-by-zer ...)
+ TODO: check
+CVE-2019-19887 (bitstr_tell at bitstr.c in ffjpeg through 2019-08-21 has a
NULL pointe ...)
+ TODO: check
+CVE-2019-19886
+ RESERVED
+CVE-2019-19885
+ RESERVED
+CVE-2019-19884
+ RESERVED
+CVE-2019-19883
+ RESERVED
+CVE-2019-19882 (shadow 4.8, in certain circumstances affecting at least
Gentoo, Arch L ...)
+ TODO: check
CVE-2019-19881
RESERVED
CVE-2019-19880 (exprListAppendList in window.c in SQLite 3.30.1 allows
attackers to tr ...)
@@ -504,7 +712,8 @@ CVE-2019-19846 (In Joomla! before 3.9.14, the lack of
validation of configuratio
NOT-FOR-US: Joomla!
CVE-2019-19845 (In Joomla! before 3.9.14, a missing access check in framework
files co ...)
NOT-FOR-US: Joomla!
-CVE-2019-19844 [Potential account hijack via password reset form]
+CVE-2019-19844 (Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1
allows a ...)
+ {DLA-2042-1}
- python-django <unfixed> (bug #946937)
NOTE:
https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
NOTE:
https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70
(master)
@@ -535,14 +744,14 @@ CVE-2019-XXXX [several vulnerabilities fixed in WordPress
5.3.1]
- wordpress <unfixed> (bug #946905)
NOTE:
https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
TODO: asked maintainer to request CVEs with more insight
-CVE-2019-19833
- RESERVED
-CVE-2019-19832
- RESERVED
+CVE-2019-19833 (In Tautulli 2.1.9, CSRF in the /shutdown URI allows an
attacker to shu ...)
+ TODO: check
+CVE-2019-19832 (Xerox AltaLink C8035 printers allow CSRF. A request to add
users is ma ...)
+ TODO: check
CVE-2019-19831
RESERVED
-CVE-2019-19829
- RESERVED
+CVE-2019-19829 (A cross-site scripting (XSS) vulnerability exists in
SolarWinds Serv-U ...)
+ TODO: check
CVE-2019-19828
RESERVED
CVE-2019-19827
@@ -584,6 +793,8 @@ CVE-2019-19810
CVE-2019-19809
RESERVED
CVE-2019-3467 [kadm5.acl should set proper rights for users]
+ RESERVED
+ {DLA-2041-1}
- debian-edu-config 2.11.10 (bug #946797)
CVE-2019-19808
RESERVED
@@ -1752,8 +1963,8 @@ CVE-2019-19744
RESERVED
CVE-2019-19743 (On D-Link DIR-615 devices, a normal user is able to create a
root(admi ...)
NOT-FOR-US: D-Link
-CVE-2019-19742
- RESERVED
+CVE-2019-19742 (On D-Link DIR-615 devices, the User Account Configuration page
is vuln ...)
+ TODO: check
CVE-2019-19741
RESERVED
CVE-2019-19740 (Octeth Oempro 4.7 allows SQL injection. The parameter
CampaignID in Ca ...)
@@ -3118,12 +3329,12 @@ CVE-2019-19692
RESERVED
CVE-2019-19691
RESERVED
-CVE-2019-19690
- RESERVED
-CVE-2019-19689
- RESERVED
-CVE-2019-19688
- RESERVED
+CVE-2019-19690 (Trend Micro Mobile Security for Android (Consumer) versions
10.3.1 and ...)
+ TODO: check
+CVE-2019-19689 (Trend Micro HouseCall for Home Networks (versions below
5.3.0.1063) co ...)
+ TODO: check
+CVE-2019-19688 (A privilege escalation vulnerability in Trend Micro HouseCall
for Home ...)
+ TODO: check
CVE-2019-19687 (OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data
Leakage in th ...)
- keystone 2:16.0.0-5 (bug #946614)
[buster] - keystone <not-affected> (Vulnerable code introduced later)
@@ -5900,8 +6111,8 @@ CVE-2019-19237
RESERVED
CVE-2019-19236
RESERVED
-CVE-2019-19235
- RESERVED
+CVE-2019-19235 (AsLdrSrv.exe in ASUS ATK Package before V1.0.0061 (for Windows
10 note ...)
+ TODO: check
CVE-2019-19234
RESERVED
CVE-2019-19233
@@ -15303,8 +15514,8 @@ CVE-2019-16784
RESERVED
CVE-2019-16783
RESERVED
-CVE-2019-16782
- RESERVED
+CVE-2019-16782 (There's a possible information leak / session hijack
vulnerability in ...)
+ TODO: check
CVE-2019-16781
RESERVED
CVE-2019-16780
@@ -30399,8 +30610,8 @@ CVE-2019-11994
RESERVED
CVE-2019-11993
RESERVED
-CVE-2019-11992
- RESERVED
+CVE-2019-11992 (A security vulnerability in HPE OneView for VMware vCenter 9.5
could b ...)
+ TODO: check
CVE-2019-11991 (HPE has identified a vulnerability in HPE 3PAR Service
Processor (SP) ...)
NOT-FOR-US: HPE 3PAR Service Processor
CVE-2019-11990 (Security vulnerabilities in HPE UIoT versions 1.6, 1.5, 1.4.2,
1.4.1, ...)
@@ -32211,10 +32422,10 @@ CVE-2019-11402 (In Gradle Enterprise before 2018.5.3,
Build Cache Nodes did not
NOT-FOR-US: Gradle Enterprise
CVE-2019-11401 (A issue was discovered in SiteServer CMS 6.9.0. It allows
remote attac ...)
NOT-FOR-US: SiteServer CMS
-CVE-2019-11400
- RESERVED
-CVE-2019-11399
- RESERVED
+CVE-2019-11400 (An issue was discovered on TRENDnet TEW-651BR 2.04B1,
TEW-652BRP 3.04b ...)
+ TODO: check
+CVE-2019-11399 (An issue was discovered on TRENDnet TEW-651BR 2.04B1,
TEW-652BRP 3.04b ...)
+ TODO: check
CVE-2019-11398 (Multiple cross-site scripting (XSS) vulnerabilities in UliCMS
2019.2 a ...)
NOT-FOR-US: UliCMS
CVE-2019-11397 (GetFile.aspx in Rapid4 RapidFlows Enterprise Application
Builder 4.5M. ...)
@@ -40277,8 +40488,8 @@ CVE-2019-8851
RESERVED
CVE-2019-8850
RESERVED
-CVE-2019-8849
- RESERVED
+CVE-2019-8849 (The issue was addressed by signaling that an executable stack
is not r ...)
+ TODO: check
CVE-2019-8848
RESERVED
CVE-2019-8847
@@ -40329,36 +40540,31 @@ CVE-2019-8825
RESERVED
CVE-2019-8824
RESERVED
-CVE-2019-8823
- RESERVED
+CVE-2019-8823 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4558-1}
- webkit2gtk 2.26.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
-CVE-2019-8822
- RESERVED
+CVE-2019-8822 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
-CVE-2019-8821
- RESERVED
+CVE-2019-8821 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
-CVE-2019-8820
- RESERVED
+CVE-2019-8820 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4558-1}
- webkit2gtk 2.26.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
-CVE-2019-8819
- RESERVED
+CVE-2019-8819 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4558-1}
- webkit2gtk 2.26.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
@@ -40366,45 +40572,39 @@ CVE-2019-8819
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8818
RESERVED
-CVE-2019-8817
- RESERVED
-CVE-2019-8816
- RESERVED
+CVE-2019-8817 (A validation issue was addressed with improved input
sanitization. Thi ...)
+ TODO: check
+CVE-2019-8816 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4558-1}
- webkit2gtk 2.26.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
-CVE-2019-8815
- RESERVED
+CVE-2019-8815 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4558-1}
- webkit2gtk 2.26.0-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
-CVE-2019-8814
- RESERVED
+CVE-2019-8814 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4563-1}
- webkit2gtk 2.26.2-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
-CVE-2019-8813
- RESERVED
+CVE-2019-8813 (A logic issue was addressed with improved state management.
This issue ...)
{DSA-4558-1}
- webkit2gtk 2.26.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
-CVE-2019-8812
- RESERVED
+CVE-2019-8812 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4563-1}
- webkit2gtk 2.26.2-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
-CVE-2019-8811
- RESERVED
+CVE-2019-8811 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4558-1}
- webkit2gtk 2.26.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
@@ -40414,95 +40614,92 @@ CVE-2019-8810
RESERVED
CVE-2019-8809
RESERVED
-CVE-2019-8808
- RESERVED
+CVE-2019-8808 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4558-1}
- webkit2gtk 2.26.0-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
-CVE-2019-8807
- RESERVED
-CVE-2019-8806
- RESERVED
-CVE-2019-8805
- RESERVED
-CVE-2019-8804
- RESERVED
-CVE-2019-8803
- RESERVED
-CVE-2019-8802
- RESERVED
-CVE-2019-8801
- RESERVED
-CVE-2019-8800
- RESERVED
+CVE-2019-8807 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
+CVE-2019-8806 (A memory corruption issue was addressed with improved
validation. This ...)
+ TODO: check
+CVE-2019-8805 (A validation issue existed in the entitlement verification.
This issue ...)
+ TODO: check
+CVE-2019-8804 (An inconsistency in Wi-Fi network configuration settings was
addressed ...)
+ TODO: check
+CVE-2019-8803 (An authentication issue was addressed with improved state
management. ...)
+ TODO: check
+CVE-2019-8802 (A validation issue was addressed with improved logic. This
issue is fi ...)
+ TODO: check
+CVE-2019-8801 (A dynamic library loading issue existed in iTunes setup. This
was addr ...)
+ TODO: check
+CVE-2019-8800 (A memory corruption issue was addressed with improved
validation. This ...)
+ TODO: check
CVE-2019-8799
RESERVED
-CVE-2019-8798
- RESERVED
-CVE-2019-8797
- RESERVED
+CVE-2019-8798 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
+CVE-2019-8797 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
CVE-2019-8796
RESERVED
-CVE-2019-8795
- RESERVED
-CVE-2019-8794
- RESERVED
-CVE-2019-8793
- RESERVED
-CVE-2019-8792
- RESERVED
-CVE-2019-8791
- RESERVED
+CVE-2019-8795 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
+CVE-2019-8794 (A validation issue was addressed with improved input
sanitization. Thi ...)
+ TODO: check
+CVE-2019-8793 (A consistency issue existed in deciding when to show the screen
record ...)
+ TODO: check
+CVE-2019-8792 (An injection issue was addressed with improved validation. This
issue ...)
+ TODO: check
+CVE-2019-8791 (An issue existed in the parsing of URL schemes. This issue was
address ...)
+ TODO: check
CVE-2019-8790
RESERVED
-CVE-2019-8789
- RESERVED
-CVE-2019-8788
- RESERVED
-CVE-2019-8787
- RESERVED
-CVE-2019-8786
- RESERVED
-CVE-2019-8785
- RESERVED
-CVE-2019-8784
- RESERVED
-CVE-2019-8783
- RESERVED
+CVE-2019-8789 (A validation issue existed in the handling of symlinks. This
issue was ...)
+ TODO: check
+CVE-2019-8788 (An issue existed in the parsing of URLs. This issue was
addressed with ...)
+ TODO: check
+CVE-2019-8787 (An out-of-bounds read was addressed with improved input
validation. Th ...)
+ TODO: check
+CVE-2019-8786 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
+CVE-2019-8785 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
+CVE-2019-8784 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
+CVE-2019-8783 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4558-1}
- webkit2gtk 2.26.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
-CVE-2019-8782
- RESERVED
+CVE-2019-8782 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4558-1}
- webkit2gtk 2.26.0-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
-CVE-2019-8781
- RESERVED
+CVE-2019-8781 (A memory corruption issue was addressed with improved state
management ...)
+ TODO: check
CVE-2019-8780
RESERVED
-CVE-2019-8779
- RESERVED
+CVE-2019-8779 (A logic issue applied the incorrect restrictions. This issue
was addre ...)
+ TODO: check
CVE-2019-8778
RESERVED
CVE-2019-8777
RESERVED
CVE-2019-8776
RESERVED
-CVE-2019-8775
- RESERVED
+CVE-2019-8775 (The issue was addressed by restricting options offered on a
locked dev ...)
+ TODO: check
CVE-2019-8774
RESERVED
CVE-2019-8773
RESERVED
-CVE-2019-8772
- RESERVED
+CVE-2019-8772 (An issue existed in the handling of links in encrypted PDFs.
This issu ...)
+ TODO: check
CVE-2019-8771
RESERVED
{DSA-4558-1}
@@ -40510,46 +40707,40 @@ CVE-2019-8771
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
-CVE-2019-8770
- RESERVED
-CVE-2019-8769
- RESERVED
+CVE-2019-8770 (The issue was addressed with improved permissions logic. This
issue is ...)
+ TODO: check
+CVE-2019-8769 (An issue existed in the drawing of web page elements. The issue
was ad ...)
{DSA-4558-1}
- webkit2gtk 2.26.0-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
-CVE-2019-8768
- RESERVED
+CVE-2019-8768 ("Clear History and Website Data" did not clear the history. The
issue ...)
- webkit2gtk 2.24.0-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8767
RESERVED
-CVE-2019-8766
- RESERVED
+CVE-2019-8766 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4558-1}
- webkit2gtk 2.26.0-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
-CVE-2019-8765
- RESERVED
+CVE-2019-8765 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
-CVE-2019-8764
- RESERVED
+CVE-2019-8764 (A logic issue was addressed with improved state management.
This issue ...)
{DSA-4558-1}
- webkit2gtk 2.26.0-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
-CVE-2019-8763
- RESERVED
+CVE-2019-8763 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
@@ -40559,18 +40750,18 @@ CVE-2019-8762
RESERVED
CVE-2019-8761
RESERVED
-CVE-2019-8760
- RESERVED
+CVE-2019-8760 (This issue was addressed by improving Face ID machine learning
models. ...)
+ TODO: check
CVE-2019-8759
RESERVED
-CVE-2019-8758
- RESERVED
-CVE-2019-8757
- RESERVED
+CVE-2019-8758 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
+CVE-2019-8757 (A race condition existed when reading and writing user
preferences. Th ...)
+ TODO: check
CVE-2019-8756
RESERVED
-CVE-2019-8755
- RESERVED
+CVE-2019-8755 (A logic issue was addressed with improved restrictions. This
issue is ...)
+ TODO: check
CVE-2019-8754
RESERVED
CVE-2019-8753
@@ -40579,51 +40770,48 @@ CVE-2019-8752
RESERVED
CVE-2019-8751
RESERVED
-CVE-2019-8750
- RESERVED
+CVE-2019-8750 (Multiple memory corruption issues were addressed with improved
input v ...)
+ TODO: check
CVE-2019-8749
RESERVED
-CVE-2019-8748
- RESERVED
-CVE-2019-8747
- RESERVED
+CVE-2019-8748 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
+CVE-2019-8747 (A memory corruption vulnerability was addressed with improved
locking. ...)
+ TODO: check
CVE-2019-8746
RESERVED
-CVE-2019-8745
- RESERVED
+CVE-2019-8745 (A buffer overflow was addressed with improved bounds checking.
This is ...)
+ TODO: check
CVE-2019-8744
RESERVED
-CVE-2019-8743
- RESERVED
+CVE-2019-8743 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4558-1}
- webkit2gtk 2.26.0-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
-CVE-2019-8742
- RESERVED
+CVE-2019-8742 (The issue was addressed by restricting options offered on a
locked dev ...)
+ TODO: check
CVE-2019-8741
RESERVED
CVE-2019-8740
RESERVED
-CVE-2019-8739
- RESERVED
-CVE-2019-8738
- RESERVED
+CVE-2019-8739 (A memory corruption issue was addressed with improved state
management ...)
+ TODO: check
+CVE-2019-8738 (A memory corruption issue was addressed with improved state
management ...)
+ TODO: check
CVE-2019-8737
RESERVED
CVE-2019-8736
RESERVED
-CVE-2019-8735
- RESERVED
+CVE-2019-8735 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.2-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8734
RESERVED
-CVE-2019-8733
- RESERVED
+CVE-2019-8733 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
@@ -40631,32 +40819,31 @@ CVE-2019-8733
NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8732
RESERVED
-CVE-2019-8731
- RESERVED
-CVE-2019-8730
- RESERVED
+CVE-2019-8731 (A permissions issue existed in which execute permission was
incorrectl ...)
+ TODO: check
+CVE-2019-8730 (The contents of locked notes sometimes appeared in search
results. Thi ...)
+ TODO: check
CVE-2019-8729
RESERVED
CVE-2019-8728
RESERVED
-CVE-2019-8727
- RESERVED
-CVE-2019-8726
- RESERVED
+CVE-2019-8727 (A logic issue was addressed with improved state management.
This issue ...)
+ TODO: check
+CVE-2019-8726 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
-CVE-2019-8725
- RESERVED
-CVE-2019-8724
- RESERVED
-CVE-2019-8723
- RESERVED
-CVE-2019-8722
- RESERVED
-CVE-2019-8721
- RESERVED
+CVE-2019-8725 (The issue was addressed with improved handling of service
worker lifet ...)
+ TODO: check
+CVE-2019-8724 (Multiple issues in ld64 in the Xcode toolchains were addressed
by upda ...)
+ TODO: check
+CVE-2019-8723 (Multiple issues in ld64 in the Xcode toolchains were addressed
by upda ...)
+ TODO: check
+CVE-2019-8722 (Multiple issues in ld64 in the Xcode toolchains were addressed
by upda ...)
+ TODO: check
+CVE-2019-8721 (Multiple issues in ld64 in the Xcode toolchains were addressed
by upda ...)
+ TODO: check
CVE-2019-8720
RESERVED
{DSA-4558-1}
@@ -40664,8 +40851,7 @@ CVE-2019-8720
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
-CVE-2019-8719
- RESERVED
+CVE-2019-8719 (A logic issue was addressed with improved state management.
This issue ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
@@ -40673,8 +40859,8 @@ CVE-2019-8719
NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8718
RESERVED
-CVE-2019-8717
- RESERVED
+CVE-2019-8717 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
CVE-2019-8716
RESERVED
CVE-2019-8715
@@ -40685,10 +40871,9 @@ CVE-2019-8713
RESERVED
CVE-2019-8712
RESERVED
-CVE-2019-8711
- RESERVED
-CVE-2019-8710
- RESERVED
+CVE-2019-8711 (A logic issue existed with the display of notification
previews. This ...)
+ TODO: check
+CVE-2019-8710 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4558-1}
- webkit2gtk 2.26.0-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
@@ -40698,8 +40883,7 @@ CVE-2019-8709
RESERVED
CVE-2019-8708
RESERVED
-CVE-2019-8707
- RESERVED
+CVE-2019-8707 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
@@ -40707,24 +40891,24 @@ CVE-2019-8707
NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8706
RESERVED
-CVE-2019-8705
- RESERVED
-CVE-2019-8704
- RESERVED
+CVE-2019-8705 (A memory corruption issue was addressed with improved
validation. This ...)
+ TODO: check
+CVE-2019-8704 (An authentication issue was addressed with improved state
management. ...)
+ TODO: check
CVE-2019-8703
RESERVED
CVE-2019-8702
RESERVED
-CVE-2019-8701
- RESERVED
+CVE-2019-8701 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
CVE-2019-8700
RESERVED
-CVE-2019-8699
- RESERVED
-CVE-2019-8698
- RESERVED
-CVE-2019-8697
- RESERVED
+CVE-2019-8699 (A logic issue existed in the handling of answering phone calls.
The is ...)
+ TODO: check
+CVE-2019-8698 (A validation issue existed in the entitlement verification.
This issue ...)
+ TODO: check
+CVE-2019-8697 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
CVE-2019-8696 [stack-buffer-overflow in libcups's asn1_get_packed function]
RESERVED
{DLA-1893-1}
@@ -40732,106 +40916,93 @@ CVE-2019-8696 [stack-buffer-overflow in libcups's
asn1_get_packed function]
[buster] - cups 2.2.10-6+deb10u1
[stretch] - cups 2.2.1-8+deb9u4
NOTE:
https://github.com/apple/cups/commit/f24e6cf6a39300ad0c3726a41a4aab51ad54c109
-CVE-2019-8695
- RESERVED
-CVE-2019-8694
- RESERVED
-CVE-2019-8693
- RESERVED
-CVE-2019-8692
- RESERVED
-CVE-2019-8691
- RESERVED
-CVE-2019-8690
- RESERVED
+CVE-2019-8695 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
+CVE-2019-8694 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
+CVE-2019-8693 (A validation issue was addressed with improved input
sanitization. Thi ...)
+ TODO: check
+CVE-2019-8692 (A validation issue was addressed with improved input
sanitization. Thi ...)
+ TODO: check
+CVE-2019-8691 (A validation issue was addressed with improved input
sanitization. Thi ...)
+ TODO: check
+CVE-2019-8690 (A logic issue existed in the handling of document loads. This
issue wa ...)
{DSA-4515-1}
- webkit2gtk 2.24.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8689
- RESERVED
+CVE-2019-8689 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8688
- RESERVED
+CVE-2019-8688 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8687
- RESERVED
+CVE-2019-8687 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8686
- RESERVED
+CVE-2019-8686 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.2-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8685
- RESERVED
-CVE-2019-8684
- RESERVED
+CVE-2019-8685 (Multiple memory corruption issues were addressed with improved
memory ...)
+ TODO: check
+CVE-2019-8684 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8683
- RESERVED
+CVE-2019-8683 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8682
- RESERVED
-CVE-2019-8681
- RESERVED
+CVE-2019-8682 (The issue was addressed with improved UI handling. This issue
is fixed ...)
+ TODO: check
+CVE-2019-8681 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8680
- RESERVED
+CVE-2019-8680 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8679
- RESERVED
+CVE-2019-8679 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.2-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8678
- RESERVED
+CVE-2019-8678 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8677
- RESERVED
+CVE-2019-8677 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.2-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8676
- RESERVED
+CVE-2019-8676 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
@@ -40844,38 +41015,33 @@ CVE-2019-8675 [stack-buffer-overflow in libcups's
asn1_get_type function]
[buster] - cups 2.2.10-6+deb10u1
[stretch] - cups 2.2.1-8+deb9u4
NOTE:
https://github.com/apple/cups/commit/f24e6cf6a39300ad0c3726a41a4aab51ad54c109
-CVE-2019-8674
- RESERVED
+CVE-2019-8674 (A logic issue was addressed with improved state management.
This issue ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
-CVE-2019-8673
- RESERVED
+CVE-2019-8673 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8672
- RESERVED
+CVE-2019-8672 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.2-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8671
- RESERVED
+CVE-2019-8671 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.2-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8670
- RESERVED
-CVE-2019-8669
- RESERVED
+CVE-2019-8670 (An inconsistent user interface issue was addressed with
improved state ...)
+ TODO: check
+CVE-2019-8669 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
@@ -40883,44 +41049,42 @@ CVE-2019-8669
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8668
RESERVED
-CVE-2019-8667
- RESERVED
-CVE-2019-8666
- RESERVED
+CVE-2019-8667 (An inconsistent user interface issue was addressed with
improved state ...)
+ TODO: check
+CVE-2019-8666 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8665
- RESERVED
+CVE-2019-8665 (A denial of service issue was addressed with improved
validation. This ...)
+ TODO: check
CVE-2019-8664
RESERVED
-CVE-2019-8663
- RESERVED
-CVE-2019-8662
- RESERVED
-CVE-2019-8661
- RESERVED
-CVE-2019-8660
- RESERVED
-CVE-2019-8659
- RESERVED
-CVE-2019-8658
- RESERVED
+CVE-2019-8663 (This issue was addressed with improved checks. This issue is
fixed in ...)
+ TODO: check
+CVE-2019-8662 (This issue was addressed with improved checks. This issue is
fixed in ...)
+ TODO: check
+CVE-2019-8661 (A use after free issue was addressed with improved memory
management. ...)
+ TODO: check
+CVE-2019-8660 (A memory corruption issue was addressed with improved input
validation ...)
+ TODO: check
+CVE-2019-8659 (This issue was addressed with improved checks. This issue is
fixed in ...)
+ TODO: check
+CVE-2019-8658 (A logic issue was addressed with improved state management.
This issue ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8657
- RESERVED
+CVE-2019-8657 (An out-of-bounds read was addressed with improved input
validation. Th ...)
+ TODO: check
CVE-2019-8656
RESERVED
CVE-2019-8655
RESERVED
-CVE-2019-8654
- RESERVED
+CVE-2019-8654 (An inconsistent user interface issue was addressed with
improved state ...)
+ TODO: check
CVE-2019-8653
RESERVED
CVE-2019-8652
@@ -40929,23 +41093,21 @@ CVE-2019-8651
RESERVED
CVE-2019-8650
RESERVED
-CVE-2019-8649
- RESERVED
+CVE-2019-8649 (A logic issue existed in the handling of synchronous page
loads. This ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
-CVE-2019-8648
- RESERVED
-CVE-2019-8647
- RESERVED
-CVE-2019-8646
- RESERVED
+CVE-2019-8648 (A memory corruption issue was addressed with improved input
validation ...)
+ TODO: check
+CVE-2019-8647 (A use after free issue was addressed with improved memory
management. ...)
+ TODO: check
+CVE-2019-8646 (An out-of-bounds read was addressed with improved input
validation. Th ...)
+ TODO: check
CVE-2019-8645
RESERVED
-CVE-2019-8644
- RESERVED
+CVE-2019-8644 (Multiple memory corruption issues were addressed with improved
memory ...)
{DSA-4515-1}
- webkit2gtk 2.24.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
@@ -40955,194 +41117,175 @@ CVE-2019-8643
RESERVED
CVE-2019-8642
RESERVED
-CVE-2019-8641
- RESERVED
+CVE-2019-8641 (An out-of-bounds read was addressed with improved input
validation. Th ...)
+ TODO: check
CVE-2019-8640
RESERVED
CVE-2019-8639
RESERVED
CVE-2019-8638
RESERVED
-CVE-2019-8637
- RESERVED
+CVE-2019-8637 (An input validation issue was addressed with improved input
validation ...)
+ TODO: check
CVE-2019-8636
RESERVED
-CVE-2019-8635
- RESERVED
-CVE-2019-8634
- RESERVED
+CVE-2019-8635 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
+CVE-2019-8634 (An authentication issue was addressed with improved state
management. ...)
+ TODO: check
CVE-2019-8633
RESERVED
-CVE-2019-8632
- RESERVED
+CVE-2019-8632 (Some analytics data was sent using HTTP rather than HTTPS. This
was ad ...)
+ TODO: check
CVE-2019-8631
RESERVED
-CVE-2019-8630
- RESERVED
-CVE-2019-8629
- RESERVED
-CVE-2019-8628
- RESERVED
+CVE-2019-8630 (The issue was addressed with improved UI handling. This issue
is fixed ...)
+ TODO: check
+CVE-2019-8629 (A memory initialization issue was addressed with improved
memory handl ...)
+ TODO: check
+CVE-2019-8628 (Multiple memory corruption issues were addressed with improved
memory ...)
+ TODO: check
CVE-2019-8627
RESERVED
-CVE-2019-8626
- RESERVED
-CVE-2019-8625
- RESERVED
+CVE-2019-8626 (An input validation issue was addressed with improved input
validation ...)
+ TODO: check
+CVE-2019-8625 (A logic issue was addressed with improved state management.
This issue ...)
{DSA-4558-1}
- webkit2gtk 2.26.0-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
-CVE-2019-8624
- RESERVED
-CVE-2019-8623
- RESERVED
+CVE-2019-8624 (An out-of-bounds read was addressed with improved input
validation. Th ...)
+ TODO: check
+CVE-2019-8623 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
-CVE-2019-8622
- RESERVED
+CVE-2019-8622 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8621
RESERVED
-CVE-2019-8620
- RESERVED
-CVE-2019-8619
- RESERVED
+CVE-2019-8620 (A user privacy issue was addressed by removing the broadcast
MAC addre ...)
+ TODO: check
+CVE-2019-8619 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8618
RESERVED
-CVE-2019-8617
- RESERVED
-CVE-2019-8616
- RESERVED
-CVE-2019-8615
- RESERVED
+CVE-2019-8617 (An access issue was addressed with additional sandbox
restrictions. Th ...)
+ TODO: check
+CVE-2019-8616 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
+CVE-2019-8615 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.2-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
CVE-2019-8614
RESERVED
-CVE-2019-8613
- RESERVED
+CVE-2019-8613 (A use after free issue was addressed with improved memory
management. ...)
+ TODO: check
CVE-2019-8612
RESERVED
-CVE-2019-8611
- RESERVED
+CVE-2019-8611 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
-CVE-2019-8610
- RESERVED
+CVE-2019-8610 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
-CVE-2019-8609
- RESERVED
+CVE-2019-8609 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
-CVE-2019-8608
- RESERVED
+CVE-2019-8608 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
-CVE-2019-8607
- RESERVED
+CVE-2019-8607 (An out-of-bounds read was addressed with improved input
validation. Th ...)
- webkit2gtk 2.24.2-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
-CVE-2019-8606
- RESERVED
-CVE-2019-8605
- RESERVED
-CVE-2019-8604
- RESERVED
-CVE-2019-8603
- RESERVED
-CVE-2019-8602
- RESERVED
-CVE-2019-8601
- RESERVED
+CVE-2019-8606 (A validation issue existed in the handling of symlinks. This
issue was ...)
+ TODO: check
+CVE-2019-8605 (A use after free issue was addressed with improved memory
management. ...)
+ TODO: check
+CVE-2019-8604 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
+CVE-2019-8603 (A validation issue was addressed with improved input
sanitization. Thi ...)
+ TODO: check
+CVE-2019-8602 (A memory corruption issue was addressed by removing the
vulnerable cod ...)
+ TODO: check
+CVE-2019-8601 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
-CVE-2019-8600
- RESERVED
-CVE-2019-8599
- RESERVED
-CVE-2019-8598
- RESERVED
-CVE-2019-8597
- RESERVED
+CVE-2019-8600 (A memory corruption issue was addressed with improved input
validation ...)
+ TODO: check
+CVE-2019-8599 (A logic issue was addressed with improved restrictions. This
issue is ...)
+ TODO: check
+CVE-2019-8598 (An input validation issue was addressed with improved input
validation ...)
+ TODO: check
+CVE-2019-8597 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
-CVE-2019-8596
- RESERVED
+CVE-2019-8596 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
-CVE-2019-8595
- RESERVED
+CVE-2019-8595 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.2-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
-CVE-2019-8594
- RESERVED
+CVE-2019-8594 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
-CVE-2019-8593
- RESERVED
+CVE-2019-8593 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
CVE-2019-8592
RESERVED
-CVE-2019-8591
- RESERVED
-CVE-2019-8590
- RESERVED
-CVE-2019-8589
- RESERVED
+CVE-2019-8591 (A type confusion issue was addressed with improved memory
handling. Th ...)
+ TODO: check
+CVE-2019-8590 (A logic issue was addressed with improved restrictions. This
issue is ...)
+ TODO: check
+CVE-2019-8589 (This issue was addressed with improved checks. This issue is
fixed in ...)
+ TODO: check
CVE-2019-8588
RESERVED
-CVE-2019-8587
- RESERVED
+CVE-2019-8587 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
-CVE-2019-8586
- RESERVED
+CVE-2019-8586 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
-CVE-2019-8585
- RESERVED
-CVE-2019-8584
- RESERVED
+CVE-2019-8585 (An out-of-bounds read was addressed with improved input
validation. Th ...)
+ TODO: check
+CVE-2019-8584 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
-CVE-2019-8583
- RESERVED
+CVE-2019-8583 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
@@ -41157,20 +41300,19 @@ CVE-2019-8579
RESERVED
CVE-2019-8578
RESERVED
-CVE-2019-8577
- RESERVED
-CVE-2019-8576
- RESERVED
+CVE-2019-8577 (An input validation issue was addressed with improved memory
handling. ...)
+ TODO: check
+CVE-2019-8576 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
+ TODO: check
CVE-2019-8575
RESERVED
-CVE-2019-8574
- RESERVED
+CVE-2019-8574 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
CVE-2019-8573
RESERVED
CVE-2019-8572
RESERVED
-CVE-2019-8571
- RESERVED
+CVE-2019-8571 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
@@ -41179,192 +41321,179 @@ CVE-2019-8570
RESERVED
CVE-2019-8569
RESERVED
-CVE-2019-8568
- RESERVED
-CVE-2019-8567
- RESERVED
-CVE-2019-8566
- RESERVED
-CVE-2019-8565
- RESERVED
+CVE-2019-8568 (A validation issue existed in the handling of symlinks. This
issue was ...)
+ TODO: check
+CVE-2019-8567 (A user privacy issue was addressed by removing the broadcast
MAC addre ...)
+ TODO: check
+CVE-2019-8566 (An API issue existed in the handling of microphone data. This
issue wa ...)
+ TODO: check
+CVE-2019-8565 (A race condition was addressed with additional validation. This
issue ...)
+ TODO: check
CVE-2019-8564
RESERVED
-CVE-2019-8563
- RESERVED
+CVE-2019-8563 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
-CVE-2019-8562
- RESERVED
-CVE-2019-8561
- RESERVED
-CVE-2019-8560
- RESERVED
-CVE-2019-8559
- RESERVED
+CVE-2019-8562 (A memory corruption issue was addressed with improved
validation. This ...)
+ TODO: check
+CVE-2019-8561 (A logic issue was addressed with improved validation. This
issue is fi ...)
+ TODO: check
+CVE-2019-8560 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
+ TODO: check
+CVE-2019-8559 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
-CVE-2019-8558
- RESERVED
+CVE-2019-8558 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-8557
RESERVED
-CVE-2019-8556
- RESERVED
-CVE-2019-8555
- RESERVED
-CVE-2019-8554
- RESERVED
-CVE-2019-8553
- RESERVED
-CVE-2019-8552
- RESERVED
-CVE-2019-8551
- RESERVED
+CVE-2019-8556 (A use after free issue was addressed with improved memory
management. ...)
+ TODO: check
+CVE-2019-8555 (A buffer overflow was addressed with improved size validation.
This is ...)
+ TODO: check
+CVE-2019-8554 (A permissions issue existed in the handling of motion and
orientation ...)
+ TODO: check
+CVE-2019-8553 (A memory corruption issue was addressed with improved
validation. This ...)
+ TODO: check
+CVE-2019-8552 (A memory initialization issue was addressed with improved
memory handl ...)
+ TODO: check
+CVE-2019-8551 (A logic issue was addressed with improved validation. This
issue is fi ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
-CVE-2019-8550
- RESERVED
-CVE-2019-8549
- RESERVED
-CVE-2019-8548
- RESERVED
+CVE-2019-8550 (An issue existed in the pausing of FaceTime video. The issue
was resol ...)
+ TODO: check
+CVE-2019-8549 (Multiple input validation issues existed in MIG generated code.
These ...)
+ TODO: check
+CVE-2019-8548 (An issue existed where partially entered passcodes may not
clear when ...)
+ TODO: check
CVE-2019-8547
RESERVED
-CVE-2019-8546
- RESERVED
-CVE-2019-8545
- RESERVED
-CVE-2019-8544
- RESERVED
+CVE-2019-8546 (An access issue was addressed with additional sandbox
restrictions. Th ...)
+ TODO: check
+CVE-2019-8545 (A memory corruption issue was addressed with improved state
management ...)
+ TODO: check
+CVE-2019-8544 (A memory corruption issue was addressed with improved memory
handling. ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-8543
RESERVED
-CVE-2019-8542
- RESERVED
-CVE-2019-8541
- RESERVED
-CVE-2019-8540
- RESERVED
+CVE-2019-8542 (A buffer overflow was addressed with improved bounds checking.
This is ...)
+ TODO: check
+CVE-2019-8541 (A privacy issue existed in motion sensor calibration. This
issue was a ...)
+ TODO: check
+CVE-2019-8540 (A memory initialization issue was addressed with improved
memory handl ...)
+ TODO: check
CVE-2019-8539
RESERVED
CVE-2019-8538
RESERVED
-CVE-2019-8537
- RESERVED
-CVE-2019-8536
- RESERVED
+CVE-2019-8537 (An access issue was addressed with improved memory management.
This is ...)
+ TODO: check
+CVE-2019-8536 (A memory corruption issue was addressed with improved memory
handling. ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
-CVE-2019-8535
- RESERVED
+CVE-2019-8535 (A memory corruption issue was addressed with improved state
management ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-8534
RESERVED
-CVE-2019-8533
- RESERVED
+CVE-2019-8533 (A lock handling issue was addressed with improved lock
handling. This ...)
+ TODO: check
CVE-2019-8532
RESERVED
CVE-2019-8531
RESERVED
-CVE-2019-8530
- RESERVED
-CVE-2019-8529
- RESERVED
+CVE-2019-8530 (This issue was addressed with improved checks. This issue is
fixed in ...)
+ TODO: check
+CVE-2019-8529 (A memory corruption issue was addressed with improved input
validation ...)
+ TODO: check
CVE-2019-8528
RESERVED
-CVE-2019-8527
- RESERVED
-CVE-2019-8526
- RESERVED
+CVE-2019-8527 (A buffer overflow was addressed with improved size validation.
This is ...)
+ TODO: check
+CVE-2019-8526 (A use after free issue was addressed with improved memory
management. ...)
+ TODO: check
CVE-2019-8525
RESERVED
-CVE-2019-8524
- RESERVED
+CVE-2019-8524 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
-CVE-2019-8523
- RESERVED
+CVE-2019-8523 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
-CVE-2019-8522
- RESERVED
-CVE-2019-8521
- RESERVED
-CVE-2019-8520
- RESERVED
-CVE-2019-8519
- RESERVED
-CVE-2019-8518
- RESERVED
+CVE-2019-8522 (A logic issue was addressed with improved state management.
This issue ...)
+ TODO: check
+CVE-2019-8521 (This issue was addressed with improved checks. This issue is
fixed in ...)
+ TODO: check
+CVE-2019-8520 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
+ TODO: check
+CVE-2019-8519 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
+ TODO: check
+CVE-2019-8518 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
-CVE-2019-8517
- RESERVED
-CVE-2019-8516
- RESERVED
-CVE-2019-8515
- RESERVED
+CVE-2019-8517 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
+ TODO: check
+CVE-2019-8516 (A validation issue was addressed with improved logic. This
issue is fi ...)
+ TODO: check
+CVE-2019-8515 (A cross-origin issue existed with the fetch API. This was
addressed wi ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
-CVE-2019-8514
- RESERVED
-CVE-2019-8513
- RESERVED
-CVE-2019-8512
- RESERVED
-CVE-2019-8511
- RESERVED
-CVE-2019-8510
- RESERVED
+CVE-2019-8514 (A logic issue was addressed with improved state management.
This issue ...)
+ TODO: check
+CVE-2019-8513 (This issue was addressed with improved checks. This issue is
fixed in ...)
+ TODO: check
+CVE-2019-8512 (This issue was addressed with improved transparency. This issue
is fix ...)
+ TODO: check
+CVE-2019-8511 (A buffer overflow issue was addressed with improved memory
handling. T ...)
+ TODO: check
+CVE-2019-8510 (An out-of-bounds read issue existed that led to the disclosure
of kern ...)
+ TODO: check
CVE-2019-8509
RESERVED
-CVE-2019-8508
- RESERVED
-CVE-2019-8507
- RESERVED
-CVE-2019-8506
- RESERVED
+CVE-2019-8508 (A buffer overflow was addressed with improved bounds checking.
This is ...)
+ TODO: check
+CVE-2019-8507 (Multiple memory corruption issues were addressed with improved
input v ...)
+ TODO: check
+CVE-2019-8506 (A type confusion issue was addressed with improved memory
handling. Th ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
-CVE-2019-8505
- RESERVED
-CVE-2019-8504
- RESERVED
-CVE-2019-8503
- RESERVED
+CVE-2019-8505 (A logic issue was addressed with improved validation. This
issue is fi ...)
+ TODO: check
+CVE-2019-8504 (A memory initialization issue was addressed with improved
memory handl ...)
+ TODO: check
+CVE-2019-8503 (A logic issue was addressed with improved validation. This
issue is fi ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
-CVE-2019-8502
- RESERVED
+CVE-2019-8502 (An API issue existed in the handling of dictation requests.
This issue ...)
+ TODO: check
CVE-2019-8501
RESERVED
CVE-2019-8500
@@ -44411,34 +44540,32 @@ CVE-2019-7295 (typora through 0.9.63 has XSS, with
resultant remote command exec
NOT-FOR-US: typora
CVE-2019-7294
RESERVED
-CVE-2019-7293
- RESERVED
-CVE-2019-7292
- RESERVED
+CVE-2019-7293 (A memory corruption issue was addressed with improved memory
handling. ...)
+ TODO: check
+CVE-2019-7292 (A validation issue was addressed with improved logic. This
issue is fi ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-7291
RESERVED
-CVE-2019-7290
- RESERVED
-CVE-2019-7289
- RESERVED
+CVE-2019-7290 (An access issue was addressed with additional sandbox
restrictions. Th ...)
+ TODO: check
+CVE-2019-7289 (A parsing issue in the handling of directory paths was
addressed with ...)
+ TODO: check
CVE-2019-7288
RESERVED
-CVE-2019-7287
- RESERVED
-CVE-2019-7286
- RESERVED
-CVE-2019-7285
- RESERVED
+CVE-2019-7287 (A memory corruption issue was addressed with improved input
validation ...)
+ TODO: check
+CVE-2019-7286 (A memory corruption issue was addressed with improved input
validation ...)
+ TODO: check
+CVE-2019-7285 (A use after free issue was addressed with improved memory
management. ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
-CVE-2019-7284
- RESERVED
+CVE-2019-7284 (This issue was addressed with improved checks. This issue is
fixed in ...)
+ TODO: check
CVE-2019-7281 (Prima Systems FlexAir, Versions 2.3.38 and prior. An
unauthenticated u ...)
NOT-FOR-US: Prima Systems FlexAir
CVE-2019-7280 (Prima Systems FlexAir, Versions 2.3.38 and prior. The
session-ID is of ...)
@@ -47023,18 +47150,17 @@ CVE-2018-20699 (Docker Engine before 18.09 allows
attackers to cause a denial of
NOTE: https://github.com/docker/engine/pull/70
NOTE: https://github.com/moby/moby/pull/37967
NOTE: Negligible security impact
-CVE-2019-6239
- RESERVED
+CVE-2019-6239 (This issue was addressed with improved handling of file
metadata. This ...)
+ TODO: check
CVE-2019-6238
RESERVED
-CVE-2019-6237
- RESERVED
+CVE-2019-6237 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
-CVE-2019-6236
- RESERVED
+CVE-2019-6236 (A race condition existed during the installation of iCloud for
Windows ...)
+ TODO: check
CVE-2019-6235 (A memory corruption issue was addressed with improved
validation. This ...)
NOT-FOR-US: Apple
CVE-2019-6234 (A memory corruption issue was addressed with improved memory
handling. ...)
@@ -47043,8 +47169,8 @@ CVE-2019-6234 (A memory corruption issue was addressed
with improved memory hand
CVE-2019-6233 (A memory corruption issue was addressed with improved memory
handling. ...)
- webkit2gtk 2.22.4-1 (unimportant)
NOTE: Not covered by security support
-CVE-2019-6232
- RESERVED
+CVE-2019-6232 (A race condition existed during the installation of iTunes for
Windows ...)
+ TODO: check
CVE-2019-6231 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
NOT-FOR-US: Apple
CVE-2019-6230 (A memory initialization issue was addressed with improved
memory handl ...)
@@ -47066,8 +47192,8 @@ CVE-2019-6224 (A buffer overflow issue was addressed
with improved memory handli
NOT-FOR-US: Apple
CVE-2019-6223 (A logic issue existed in the handling of Group FaceTime calls.
The iss ...)
NOT-FOR-US: Apple
-CVE-2019-6222
- RESERVED
+CVE-2019-6222 (A consistency issue was addressed with improved state handling.
This i ...)
+ TODO: check
CVE-2019-6221 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
NOT-FOR-US: Apple
CVE-2019-6220 (An out-of-bounds read was addressed with improved input
validation. Th ...)
@@ -47100,20 +47226,19 @@ CVE-2019-6209 (An out-of-bounds read issue existed
that led to the disclosure of
NOT-FOR-US: Apple
CVE-2019-6208 (A memory initialization issue was addressed with improved
memory handl ...)
NOT-FOR-US: Apple
-CVE-2019-6207
- RESERVED
+CVE-2019-6207 (An out-of-bounds read issue existed that led to the disclosure
of kern ...)
+ TODO: check
CVE-2019-6206 (An issue existed with autofill resuming after it was canceled.
The iss ...)
NOT-FOR-US: autofill in iOS
CVE-2019-6205 (A memory corruption issue was addressed with improved lock
state check ...)
NOT-FOR-US: Apple
-CVE-2019-6204
- RESERVED
+CVE-2019-6204 (A logic issue was addressed with improved validation. This
issue is fi ...)
+ TODO: check
CVE-2019-6203
RESERVED
CVE-2019-6202 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
NOT-FOR-US: Apple
-CVE-2019-6201
- RESERVED
+CVE-2019-6201 (Multiple memory corruption issues were addressed with improved
memory ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in
jessie)
@@ -49728,8 +49853,8 @@ CVE-2019-5154 (An exploitable heap overflow
vulnerability exists in the JPEG2000
NOT-FOR-US: LEADTOOLS
CVE-2019-5153
RESERVED
-CVE-2019-5152
- RESERVED
+CVE-2019-5152 (An exploitable information disclosure vulnerability exists in
the netw ...)
+ TODO: check
CVE-2019-5151 (An exploitable SQL injection vulnerability exist in YouPHPTube
7.7. A ...)
NOT-FOR-US: YouPHPTube
CVE-2019-5150 (An exploitable SQL injection vulnerability exist in YouPHPTube
7.7. Wh ...)
@@ -50707,8 +50832,8 @@ CVE-2019-4718
RESERVED
CVE-2019-4717
RESERVED
-CVE-2019-4716
- RESERVED
+CVE-2019-4716 (IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a
configur ...)
+ TODO: check
CVE-2019-4715 (IBM Spectrum Scale 4.2 and 5.0 could allow a remote
authenticated atta ...)
NOT-FOR-US: IBM
CVE-2019-4714
@@ -50921,8 +51046,8 @@ CVE-2019-4611 (IBM Planning Analytics 2.0 is vulnerable
to cross-site scripting.
NOT-FOR-US: IBM
CVE-2019-4610
RESERVED
-CVE-2019-4609
- RESERVED
+CVE-2019-4609 (IBM API Connect 2018.4.1.7 uses weaker than expected
cryptographic alg ...)
+ TODO: check
CVE-2019-4608
RESERVED
CVE-2019-4607
@@ -51363,8 +51488,8 @@ CVE-2019-4390
RESERVED
CVE-2019-4389
RESERVED
-CVE-2019-4388
- RESERVED
+CVE-2019-4388 (HCL AppScan Source 9.0.3.13 and earlier is susceptible to
cross-site s ...)
+ TODO: check
CVE-2019-4387 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through
6.0.2.0 i ...)
NOT-FOR-US: IBM
CVE-2019-4386 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect
Server) 11.1 ...)
@@ -114765,8 +114890,8 @@ CVE-2018-1312 (In Apache httpd 2.2.0 to 2.4.29, when
generating an HTTP Digest a
{DSA-4164-1 DLA-1389-1}
- apache2 2.4.33-1
NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/7
-CVE-2018-1311
- RESERVED
+CVE-2018-1311 (The Apache Xerces-C 3.0.0 to 3.2.2 XML parser contains a
use-after-fre ...)
+ TODO: check
CVE-2018-1310 (Apache NiFi JMS Deserialization issue because of ActiveMQ
client vulne ...)
NOT-FOR-US: Apache NiFi
CVE-2018-1309 (Apache NiFi External XML Entity issue in SplitXML processor.
Malicious ...)
@@ -281182,8 +281307,7 @@ CVE-2012-2658
CVE-2012-2657
- unixodbc 2.3.6-0.1 (unimportant; bug #675058)
NOTE: Only triggerable by trusted input, not a security issue
-CVE-2012-2656 [XXE vulnerability in Restlet]
- RESERVED
+CVE-2012-2656 (An XML eXternal Entity (XXE) issue exists in Restlet 1.1.10 in
an endp ...)
- restlet <itp> (bug #596472)
CVE-2012-2655 (PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x
before 9.0. ...)
{DSA-2491-1}
@@ -282130,8 +282254,7 @@ CVE-2012-2313 (The rio_ioctl function in
drivers/net/ethernet/dlink/dl2k.c in th
- linux 3.2.19-1
- linux-2.6 <removed>
[squeeze] - linux-2.6 2.6.32-46
-CVE-2012-2312
- RESERVED
+CVE-2012-2312 (An Elevated Privileges issue exists in JBoss AS 7 Community
Release du ...)
- jbossas4 <not-affected> (Only affects JBoss 7)
CVE-2012-2311 (sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before
5.4.3, when ...)
{DSA-2465-1}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/060786a88ff447f6af007fadab77f63505502e37
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/060786a88ff447f6af007fadab77f63505502e37
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
