[Git][security-tracker-team/security-tracker][master] Adding myself to triaging work in May.
Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker Commits: 8b470df2 by Ola Lundqvist at 2019-04-06T22:33:25Z Adding myself to triaging work in May. - - - - - 1 changed file: - org/lts-frontdesk.2019.txt Changes: = org/lts-frontdesk.2019.txt = @@ -28,7 +28,7 @@ From 08-04 to 14-04:Sylvain Beucler From 15-04 to 21-04:Mike Gabriel From 22-04 to 28-04:Thorsten Alteholz From 29-04 to 05-05:Markus Koschany -From 06-05 to 12-05: +From 06-05 to 12-05:Ola Lundqvist From 13-05 to 19-05:Chris Lamb From 20-05 to 26-05:Thorsten Alteholz From 27-05 to 02-06:Mike Gabriel View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8b470df2db521a266bd9071c67b3d9a89abeb957 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8b470df2db521a266bd9071c67b3d9a89abeb957 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] claim wget
Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fddc509c by Thorsten Alteholz at 2019-04-06T20:31:07Z
claim wget
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
=
@@ -92,6 +92,8 @@ sox
NOTE: 20190305: CVE-2019-835{4,5,6,7} no upstream patch yet, might take some
time.
NOTE: Check again later. - hle
--
+wget (Thorsten Alteholz)
+--
wordpress
NOTE: 20190401: remaining one issue (CVE-2019-8943). Waiting for upstream
patch (abhijith)
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fddc509cb991e7eccfdd1f553b840f5cd182cc99
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fddc509cb991e7eccfdd1f553b840f5cd182cc99
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add CVE-2019-7305/extplorer
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ff9345b0 by Salvatore Bonaccorso at 2019-04-06T19:10:11Z Add CVE-2019-7305/extplorer Thanks: Sander Bos for the heads-up on the CVE information. - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -9395,8 +9395,10 @@ CVE-2019-7307 RESERVED CVE-2019-7306 RESERVED -CVE-2019-7305 +CVE-2019-7305 [extplorer exposes /usr and /etc/extplorer over HTTP] RESERVED + - extplorer + NOTE: https://bugs.launchpad.net/ubuntu/+source/extplorer/+bug/1822013 CVE-2019-7304 [Local privilege escalation via snapd socket] RESERVED - snapd 2.37.1-1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ff9345b088ab8042a658edf3589dcc105bddf73e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ff9345b088ab8042a658edf3589dcc105bddf73e You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] 3 commits: Add Debian bug reference for CVE-2019-10871/poppler
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a28af6ff by Salvatore Bonaccorso at 2019-04-06T15:47:49Z Add Debian bug reference for CVE-2019-10871/poppler - - - - - 9b824778 by Salvatore Bonaccorso at 2019-04-06T15:53:35Z Add Debian bug reference for CVE-2019-10872/poppler - - - - - d0b0b22c by Salvatore Bonaccorso at 2019-04-06T15:58:31Z Add Debian bug reference for CVE-2019-10873/poppler - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -73,14 +73,14 @@ CVE-2019-10875 (A URL spoofing vulnerability was found in all international vers CVE-2019-10874 (Cross Site Request Forgery (CSRF) in the bolt/upload File Upload featu ...) NOT-FOR-US: Bolt CMS CVE-2019-10873 (An issue was discovered in Poppler 0.74.0. There is a NULL pointer der ...) - - poppler + - poppler (bug #926532) NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/748 NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/8dbe2e6c480405dab9347075cf4be626f90f1d05 CVE-2019-10872 (An issue was discovered in Poppler 0.74.0. There is a heap-based buffe ...) - - poppler + - poppler (bug #926530) NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/750 CVE-2019-10871 (An issue was discovered in Poppler 0.74.0. There is a heap-based buffe ...) - - poppler + - poppler (bug #926529) NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/751 CVE-2019-10870 RESERVED View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b5d674443f0d1e46ca48310052d4f8566c31bfd1...d0b0b22cd98ad5e8f7ffdb8a15114de0a0904dc6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b5d674443f0d1e46ca48310052d4f8566c31bfd1...d0b0b22cd98ad5e8f7ffdb8a15114de0a0904dc6 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Remove doubled entry for CVE-2018-7726
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b5d67444 by Salvatore Bonaccorso at 2019-04-06T12:05:15Z Remove doubled entry for CVE-2018-7726 - - - - - 1 changed file: - data/next-point-update.txt Changes: = data/next-point-update.txt = @@ -121,8 +121,6 @@ CVE-2018-7726 CVE-2019- [stretch] - open-vm-tools 2:10.1.5-5055683-4+deb9u2 NOTE: For #925959 (no CVE) -CVE-2018-7726 - [stretch] - zziplib 0.13.62-3.2~deb9u1 CVE-2018-11806 [stretch] - qemu 1:2.8+dfsg-6+deb9u6 CVE-2018-12617 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b5d674443f0d1e46ca48310052d4f8566c31bfd1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b5d674443f0d1e46ca48310052d4f8566c31bfd1 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] qemu spu (in preparation)
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7533304f by Moritz Muehlenhoff at 2019-04-06T10:08:50Z
qemu spu (in preparation)
- - - - -
2 changed files:
- data/CVE/list
- data/next-point-update.txt
Changes:
=
data/CVE/list
=
@@ -3130,6 +3130,7 @@ CVE-2019-9825 (FeiFeiCMS 4.1.190209 allows remote
attackers to upload and execut
CVE-2019-9824
RESERVED
- qemu 1:3.1+dfsg-6
+ [stretch] - qemu (Minor issue, pending for stable point update)
- qemu-kvm
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2019-03/msg01871.html
NOTE: https://www.openwall.com/lists/oss-security/2019/03/18/1
@@ -10643,6 +10644,7 @@ CVE-2019-6779 (Cscms 4.1.8 allows admin.php/links/save
CSRF to add, modify, or d
CVE-2019-6778 (In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based
buffer ove ...)
{DLA-1694-1}
- qemu 1:3.1+dfsg-3 (bug #921525)
+ [stretch] - qemu (Minor issue, pending for stable point update)
- qemu-kvm
- slirp4netns 0.2.1-1
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg03132.html
@@ -17413,6 +17415,7 @@ CVE-2019-3813 (Spice, versions 0.5.2 through 0.14.1,
are vulnerable to an out-of
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1665371
CVE-2019-3812 (QEMU, through version 2.10 and through version 3.1.0, is
vulnerable to ...)
- qemu 1:3.1+dfsg-5 (bug #922635)
+ [stretch] - qemu (Minor issue, pending for stable point update)
[jessie] - qemu (vulnerable code introduced later)
- qemu-kvm
NOTE:
https://git.qemu.org/?p=qemu.git;a=commit;h=b05b267840515730dbf6753495d5b7bd8b04ad1c
@@ -28305,6 +28308,7 @@ CVE-2018-19490 (An issue was discovered in datafile.c
in Gnuplot 5.2.5. This iss
CVE-2018-19489 (v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to
cause a de ...)
{DLA-1646-1}
- qemu 1:3.1+dfsg-1 (bug #914727)
+ [stretch] - qemu (Minor issue, pending for stable point update)
- qemu-kvm
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg04489.html
NOTE:
https://git.qemu.org/?p=qemu.git;a=commit;h=1d20398694a3b67a388d955b7a945ba4aa90a8a8
(master)
@@ -28662,6 +28666,7 @@ CVE-2018-19365 (The REST API in Wowza Streaming Engine
4.7.4.01 allows traversal
CVE-2018-19364 (hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid
path while ...)
{DLA-1646-1}
- qemu 1:3.1+dfsg-1 (bug #914599)
+ [stretch] - qemu (Minor issue, pending for stable point update)
- qemu-kvm
NOTE:
https://git.qemu.org/?p=qemu.git;a=commit;h=5b76ef50f62079a2389ba28cacaf6cce68b1a0ed
NOTE:
https://git.qemu.org/?p=qemu.git;a=commit;h=5b3c77aa581ebb215125c84b0742119483571e55
@@ -30021,7 +30026,7 @@ CVE-2018-18955 (In the Linux kernel 4.15.x through
4.19.x before 4.19.2, map_wri
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1712
CVE-2018-18954 (The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu
before 3.1 al ...)
- qemu 1:3.1+dfsg-1 (low; bug #914604)
- [stretch] - qemu (Minor issue, can be backported once fixed
upstream)
+ [stretch] - qemu (Minor issue, pending for stable point update)
[jessie] - qemu (Vulnerable code not present. ppc/pnv
lpc was added in 2.7)
- qemu-kvm
NOTE:
https://git.qemu.org/?p=qemu.git;a=commit;h=d07945e78eb6b593cd17a4640c1fc9eb35e3245d
@@ -30251,7 +30256,7 @@ CVE-2018-18850 (In Octopus Deploy 2018.8.0 through
2018.9.x before 2018.9.1, an
NOT-FOR-US: Octopus Deploy
CVE-2018-18849 (In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows
out-of-boun ...)
- qemu 1:3.1+dfsg-1 (bug #912535)
- [stretch] - qemu (Minor issue, revisit for later update)
+ [stretch] - qemu (Minor issue, pending for stable point update)
[jessie] - qemu (Minor issue, revisit for later update)
- qemu-kvm
NOTE:
https://git.qemu.org/?p=qemu.git;a=commit;h=e58ccf039650065a9442de43c9816f81e88f27f6
@@ -32783,7 +32788,7 @@ CVE-2018-17959
CVE-2018-17958 (Qemu has a Buffer Overflow in rtl8139_do_receive in
hw/net/rtl8139.c b ...)
{DLA-1646-1}
- qemu 1:3.1+dfsg-1 (bug #911499)
- [stretch] - qemu (Minor issue, revisit for later update)
+ [stretch] - qemu (Minor issue, pending for stable point update)
- qemu-kvm
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03269.html
NOTE:
https://git.qemu.org/?p=qemu.git;a=commit;h=1a326646fef38782e5542280040ec3ea23e4a730
@@ -35414,6 +35419,7 @@ CVE-2018-16873 (In Go before 1.10.6 and 1.11.x before
1.11.3, the "go get" comma
CVE-2018-16872 (A flaw was found in qemu Media Transfer Protocol (MTP). The
code openi ...)
{DLA-1694-1}
- qemu 1:3.1+dfsg-2 (bug #916397)
+
[Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 65405775 by Salvatore Bonaccorso at 2019-04-06T09:31:23Z Process two NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -4090,9 +4090,9 @@ CVE-2019-9492 CVE-2019-9491 RESERVED CVE-2019-9490 (A vulnerability in Trend Micro InterScan Web Security Virtual Applianc ...) - TODO: check + NOT-FOR-US: Trend Micro InterScan Web Security Virtual Appliance CVE-2019-9489 (A directory traversal vulnerability in Trend Micro Apex One, OfficeSca ...) - TODO: check + NOT-FOR-US: Trend Micro CVE-2019-9488 RESERVED CVE-2018-20799 (In pfSense 2.4.4_1, blocking of source IP addresses on the basis of fa ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/654057753b9891bf5cefb98a273980a707e9f267 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/654057753b9891bf5cefb98a273980a707e9f267 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f32d9654 by security tracker role at 2019-04-06T08:10:17Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -1,3 +1,23 @@
+CVE-2019-10903
+ RESERVED
+CVE-2019-10902
+ RESERVED
+CVE-2019-10901
+ RESERVED
+CVE-2019-10900
+ RESERVED
+CVE-2019-10899
+ RESERVED
+CVE-2019-10898
+ RESERVED
+CVE-2019-10897
+ RESERVED
+CVE-2019-10896
+ RESERVED
+CVE-2019-10895
+ RESERVED
+CVE-2019-10894
+ RESERVED
CVE-2019-10893
RESERVED
CVE-2019-10892
@@ -4069,10 +4089,10 @@ CVE-2019-9492
RESERVED
CVE-2019-9491
RESERVED
-CVE-2019-9490
- RESERVED
-CVE-2019-9489
- RESERVED
+CVE-2019-9490 (A vulnerability in Trend Micro InterScan Web Security Virtual
Applianc ...)
+ TODO: check
+CVE-2019-9489 (A directory traversal vulnerability in Trend Micro Apex One,
OfficeSca ...)
+ TODO: check
CVE-2019-9488
RESERVED
CVE-2018-20799 (In pfSense 2.4.4_1, blocking of source IP addresses on the
basis of fa ...)
@@ -12661,6 +12681,7 @@ CVE-2019-5954
RESERVED
CVE-2019-5953 [Buffer overflow vulnerability]
RESERVED
+ {DSA-4425-1}
- wget (bug #926389)
NOTE: https://jvn.jp/en/jp/JVN25261088/
NOTE: https://lists.gnu.org/archive/html/bug-wget/2019-04/msg1.html
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f32d96547bdb233853da5f76fcec7c87536435ed
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f32d96547bdb233853da5f76fcec7c87536435ed
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add CVE-2018-12545/jetty9
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 27c2c080 by Salvatore Bonaccorso at 2019-04-06T08:01:23Z Add CVE-2018-12545/jetty9 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -46595,7 +46595,12 @@ CVE-2018-12546 (In Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) when a cli NOTE: https://mosquitto.org/blog/2019/02/version-1-5-6-released/ NOTE: https://mosquitto.org/files/cve/2018-12546 CVE-2018-12545 (In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to ...) - TODO: check + - jetty9 (Vulnerable code never present in Debian released version) + NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=538096 + NOTE: Issue is not present in 9.2.x as there is no HTTP/2 support. Fixed upstream + NOTE: in 9.4.12. Debian package moved directly to 9.4.14-1 containing the fix and + NOTE: thus never including in unstable a vulnerable version. + NOTE: Cf. https://bugs.eclipse.org/bugs/show_bug.cgi?id=538096#c7 CVE-2018-12544 (In version from 3.5.Beta1 to 3.5.3 of Eclipse Vert.x, the OpenAPI XML ...) NOT-FOR-US: Eclipse Vert.x CVE-2018-12543 (In Eclipse Mosquitto versions 1.5 to 1.5.2 inclusive, if a message is ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/27c2c080ba372e87c51f9ef71d027c96fb7da8cb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/27c2c080ba372e87c51f9ef71d027c96fb7da8cb You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10876/neutron
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 88e0 by Salvatore Bonaccorso at 2019-04-06T07:54:03Z Add Debian bug reference for CVE-2019-10876/neutron - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -45,7 +45,7 @@ CVE-2019-10877 (In Teeworlds 0.7.2, there is an integer overflow in CMap::Load() NOTE: https://github.com/teeworlds/teeworlds/commit/d25869626a8cfbdd320929ba93ce73abed1402ce NOTE: https://github.com/teeworlds/teeworlds/commit/e086f4b35b1adf7edc35b4ad332dc7ed1edc5988 CVE-2019-10876 (An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x ...) - - neutron + - neutron (bug #926502) NOTE: https://bugs.launchpad.net/ossa/+bug/1813007 NOTE: https://review.openstack.org/#/q/topic:bug/1813007 CVE-2019-10875 (A URL spoofing vulnerability was found in all international versions o ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/88e0738dfbb12dd646fe1d2b610934b87466 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/88e0738dfbb12dd646fe1d2b610934b87466 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] CVE-2019-9948 and CVE-2019-9636 adressed in unstable for python2.7
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 856f011e by Salvatore Bonaccorso at 2019-04-06T07:20:06Z CVE-2019-9948 and CVE-2019-9636 adressed in unstable for python2.7 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -2119,7 +2119,7 @@ CVE-2019-9950 CVE-2019-9949 RESERVED CVE-2019-9948 (urllib in Python 2.x through 2.7.16 supports the local_file: scheme, w ...) - - python2.7 + - python2.7 2.7.16-2 NOTE: https://bugs.python.org/issue35907 NOTE: https://github.com/python/cpython/pull/11842 CVE-2019-9947 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ur ...) @@ -3660,7 +3660,7 @@ CVE-2019-9636 (Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: - python3.6 - python3.5 - python3.4 - - python2.7 (bug #924073) + - python2.7 2.7.16-2 (bug #924073) NOTE: https://bugs.python.org/issue36216 NOTE: https://github.com/python/cpython/pull/12201 NOTE: https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization.html View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/856f011e0d2266d67b9e7ad719056e6d2c804f57 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/856f011e0d2266d67b9e7ad719056e6d2c804f57 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] CVE-2018-17937/gpsd fixed in unstable upload as 3.17-6
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
017e80f4 by Salvatore Bonaccorso at 2019-04-06T07:16:21Z
CVE-2018-17937/gpsd fixed in unstable upload as 3.17-6
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -32822,7 +32822,7 @@ CVE-2018-17938 (Zimbra Collaboration before 8.8.10 GA
allows text content spoofi
CVE-2018-17937 (gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3,
an open ...)
{DLA-1738-1}
[experimental] - gpsd 3.18.1-1
- - gpsd (low; bug #925327)
+ - gpsd 3.17-6 (low; bug #925327)
[stretch] - gpsd (Minor issue)
NOTE:
http://git.savannah.nongnu.org/cgit/gpsd.git/commit/?id=7646cbd04055a50b157312ba6b376e88bd398c19
CVE-2018-17936 (NUUO CMS All versions 3.3 and prior the application allows the
upload ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/017e80f43f652294b44589cd5bbf8a765990050f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/017e80f43f652294b44589cd5bbf8a765990050f
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
