Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bb6e7e32 by security tracker role at 2019-12-20T08:10:13Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,20 +1,20 @@
CVE-2019-19913
- RESERVED
+ TODO: check
CVE-2019-19912
- RESERVED
+ TODO: check
CVE-2019-19911
- RESERVED
-CVE-2019-19910 (The MinervaNeue Skin in MediaWiki from 2019-11-05 to
2019-12-13 (1.35 ...)
TODO: check
-CVE-2019-19909 (An issue was discovered in Public Knowledge Project (PKP)
pkp-lib befo ...)
+CVE-2019-19910
+ TODO: check
+CVE-2019-19909
NOT-FOR-US: Public Knowledge Project (PKP) pkp-lib
CVE-2019-19908
- RESERVED
-CVE-2019-19907 (HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano
Groupware Core ...)
+ TODO: check
+CVE-2019-19907
- kopanocore <unfixed>
NOTE:
https://stash.kopano.io/projects/KC/repos/kopanocore/commits/4e02b420fff
CVE-2019-19904
- RESERVED
+ TODO: check
CVE-2019-19903 (An issue was discovered in Backdrop CMS 1.14.x before 1.14.2.
It doesn ...)
- backdrop <itp> (bug #914257)
CVE-2019-19902 (An issue was discovered in Backdrop CMS 1.13.x before 1.13.5
and 1.14. ...)
@@ -41,11 +41,11 @@ CVE-2019-19892
RESERVED
CVE-2019-19891
RESERVED
-CVE-2019-19906 (cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write
leading ...)
+CVE-2019-19906
- cyrus-sasl2 <unfixed> (bug #947043)
NOTE: https://github.com/cyrusimap/cyrus-sasl/issues/587
NOTE: https://www.openldap.org/its/index.cgi/Incoming?id=9123
-CVE-2019-19905 (NetHack before 3.6.4 is prone to a buffer overflow
vulnerability when ...)
+CVE-2019-19905
- nethack <unfixed> (low; bug #947005)
[buster] - nethack <no-dsa> (Minor issue)
[stretch] - nethack <no-dsa> (Minor issue)
@@ -918,6 +918,7 @@ CVE-2019-19785 (ATasm 1.06 has a stack-based buffer
overflow in the to_comma() f
CVE-2019-19784
RESERVED
CVE-2019-19783 (An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x
before 3.0. ...)
+ {DSA-4590-1}
- cyrus-imapd 3.0.13-1
NOTE:
https://www.cyrusimap.org/imap/download/release-notes/3.0/x/3.0.13.html#security-fixes
CVE-2019-19782 (The FTP client in AceaXe Plus 1.0 allows a buffer overflow via
a long ...)
@@ -6882,7 +6883,8 @@ CVE-2019-18957 (Microstrategy Library in MicroStrategy
before 2019 before 11.1.3
NOT-FOR-US: Microstrategy Library
CVE-2019-18956 (Divisa Proxia Suite 9 < 9.12.16, 9.11.19, 9.10.26, 9.9.8,
9.8.43 an ...)
TODO: check
-CVE-2019-18955 (The web console in Lansweeper 7.2.105.2 has XSS via the URL
path. Prod ...)
+CVE-2019-18955
+ RESERVED
TODO: check
CVE-2019-18954 (Pomelo v2.2.5 allows external control of critical state data.
A malici ...)
NOT-FOR-US: Pomelo
@@ -9882,7 +9884,8 @@ CVE-2019-18617
RESERVED
CVE-2019-18616
RESERVED
-CVE-2019-18615 (In CloudVision Portal (CVP) for all releases in the 2018.2
Train, unde ...)
+CVE-2019-18615
+ RESERVED
TODO: check
CVE-2019-18614
RESERVED
@@ -12086,7 +12089,8 @@ CVE-2019-18183
RESERVED
CVE-2019-18182
RESERVED
-CVE-2019-18181 (In CloudVision Portal all releases in the 2018.1 and 2018.2
Code train ...)
+CVE-2019-18181
+ RESERVED
TODO: check
CVE-2019-18180 (Improper Check for filenames with overly long extensions in
PostMaster ...)
- otrs2 <unfixed> (bug #945251)
@@ -13176,7 +13180,8 @@ CVE-2019-17635
RESERVED
CVE-2019-17634
RESERVED
-CVE-2019-17633 (For Eclipse Che versions 6.16 to 7.3.0, with both
authentication and T ...)
+CVE-2019-17633
+ RESERVED
TODO: check
CVE-2019-17632 (In Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022,
and 9.4. ...)
- jetty9 <unfixed>
@@ -16368,49 +16373,70 @@ CVE-2019-16467
RESERVED
CVE-2019-16466
RESERVED
-CVE-2019-16465 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16465
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16464 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16464
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16463 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16463
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16462 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16462
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16461 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16461
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16460 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16460
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16459 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16459
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16458 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16458
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16457 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16457
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16456 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16456
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16455 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16455
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16454 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16454
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16453 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16453
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16452 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16452
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16451 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16451
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16450 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16450
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16449 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16449
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16448 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16448
+ RESERVED
NOT-FOR-US: Adobe
CVE-2019-16447
RESERVED
-CVE-2019-16446 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16446
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16445 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16445
+ RESERVED
NOT-FOR-US: Adobe
-CVE-2019-16444 (Adobe Acrobat and Reader versions , 2019.021.20056 and
earlier, 2017.0 ...)
+CVE-2019-16444
+ RESERVED
NOT-FOR-US: Adobe
CVE-2019-16443
RESERVED
@@ -31150,7 +31176,8 @@ CVE-2019-11782
RESERVED
CVE-2019-11781
RESERVED
-CVE-2019-11780 (Improper access control in the computed fields system of the
framework ...)
+CVE-2019-11780
+ RESERVED
NOT-FOR-US: Odoo
CVE-2019-11779 (In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious
MQTT cli ...)
{DSA-4570-1 DLA-1972-1}
@@ -252094,7 +252121,7 @@ CVE-2014-0085 (JBoss Fuse did not enable encrypted
passwords by default in its u
NOT-FOR-US: Fuse Fabric
CVE-2014-0084 (Ruby gem openshift-origin-node before 2014-02-14 does not
contain a cr ...)
NOT-FOR-US: rubygem-openshift-origin-node
-CVE-2014-0083 (The Ruby net-ldap gem before 0.11 uses a weak salt when
generating SSH ...)
+CVE-2014-0083 (The Ruby net-ldap gem before 0.16.2 uses a weak salt when
generating S ...)
- ruby-net-ldap <not-affected> (SSHA support not present)
NOTE: SSHA support only from version v0.5.0, see #742706
CVE-2014-0082 (actionpack/lib/action_view/template/text.rb in Action View in
Ruby on ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bb6e7e32bdfd1daa1c0827ae7edec089cc558f1d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bb6e7e32bdfd1daa1c0827ae7edec089cc558f1d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
