[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Thu, 11 Jan 2018 01:10:48 -0800

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2d05deb6 by security tracker role at 2018-01-11T09:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,25 @@
+CVE-2018-5342
+       RESERVED
+CVE-2018-5341
+       RESERVED
+CVE-2018-5340
+       RESERVED
+CVE-2018-5339
+       RESERVED
+CVE-2018-5338
+       RESERVED
+CVE-2018-5337
+       RESERVED
+CVE-2018-5336
+       RESERVED
+CVE-2018-5335
+       RESERVED
+CVE-2018-5334
+       RESERVED
+CVE-2018-5333 (In the Linux kernel through 4.14.13, the rds_cmsg_atomic 
function in ...)
+       TODO: check
+CVE-2018-5332 (In the Linux kernel through 4.14.13, the 
rds_message_alloc_sgs() ...)
+       TODO: check
 CVE-2017-1000441
        REJECTED
 CVE-2017-1000439
@@ -1072,7 +1094,7 @@ CVE-2017-1000476 (ImageMagick 7.0.7-12 Q16, a CPU 
exhaustion vulnerability was f
 CVE-2017-1000473 (Linux Dash up to version v2 is vulnerable to multiple 
command ...)
        NOT-FOR-US: Linux Dash
 CVE-2017-1000472 (The ZipCommon::isValidPath() function in 
Zip/src/ZipCommon.cpp in POCO ...)
-       {DLA-1239-1}
+       {DSA-4083-1 DLA-1239-1}
        - poco 1.8.0-2
        NOTE: https://github.com/pocoproject/poco/issues/1968
 CVE-2017-1000471 (EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a 
NULL ...)
@@ -14376,34 +14398,34 @@ CVE-2018-0016
        RESERVED
 CVE-2018-0015
        RESERVED
-CVE-2018-0014
-       RESERVED
-CVE-2018-0013
-       RESERVED
-CVE-2018-0012
-       RESERVED
-CVE-2018-0011
-       RESERVED
-CVE-2018-0010
-       RESERVED
-CVE-2018-0009
-       RESERVED
-CVE-2018-0008
-       RESERVED
-CVE-2018-0007
-       RESERVED
-CVE-2018-0006
-       RESERVED
-CVE-2018-0005
-       RESERVED
-CVE-2018-0004
-       RESERVED
-CVE-2018-0003
-       RESERVED
-CVE-2018-0002
-       RESERVED
-CVE-2018-0001
-       RESERVED
+CVE-2018-0014 (Juniper Networks ScreenOS devices do not pad Ethernet packets 
with ...)
+       TODO: check
+CVE-2018-0013 (A local file inclusion vulnerability in Juniper Networks Junos 
Space ...)
+       TODO: check
+CVE-2018-0012 (Junos Space is affected by a privilege escalation vulnerability 
that ...)
+       TODO: check
+CVE-2018-0011 (A reflected cross site scripting (XSS) vulnerability in Junos 
Space ...)
+       TODO: check
+CVE-2018-0010 (A vulnerability in the Juniper Networks Junos Space Security 
Director ...)
+       TODO: check
+CVE-2018-0009 (On Juniper Networks SRX series devices, firewall rules 
configured to ...)
+       TODO: check
+CVE-2018-0008 (An unauthenticated root login may allow upon reboot when a 
commit ...)
+       TODO: check
+CVE-2018-0007 (An unauthenticated network-based attacker able to send a 
maliciously ...)
+       TODO: check
+CVE-2018-0006 (A high rate of VLAN authentication attempts sent from an 
adjacent host ...)
+       TODO: check
+CVE-2018-0005 (QFX and EX Series switches configured to drop traffic when the 
MAC ...)
+       TODO: check
+CVE-2018-0004 (A sustained sequence of different types of normal transit 
traffic can ...)
+       TODO: check
+CVE-2018-0003 (A specially crafted MPLS packet received or processed by the 
system, ...)
+       TODO: check
+CVE-2018-0002 (On SRX Series and MX Series devices with a Service PIC with any 
ALG ...)
+       TODO: check
+CVE-2018-0001 (A remote, unauthenticated attacker may be able to execute code 
by ...)
+       TODO: check
 CVE-2017-16866 (dayrui FineCms 5.2.0 before 2017.11.16 has Cross Site 
Scripting (XSS) ...)
        NOT-FOR-US: dayrui FineCms
 CVE-2017-16865
@@ -17364,18 +17386,18 @@ CVE-2017-15852
        RESERVED
 CVE-2017-15851
        RESERVED
-CVE-2017-15850
-       RESERVED
+CVE-2017-15850 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
+       TODO: check
 CVE-2017-15849 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
        TODO: check
-CVE-2017-15848
-       RESERVED
-CVE-2017-15847
-       RESERVED
+CVE-2017-15848 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
+       TODO: check
+CVE-2017-15847 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
+       TODO: check
 CVE-2017-15846
        RESERVED
-CVE-2017-15845
-       RESERVED
+CVE-2017-15845 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
+       TODO: check
 CVE-2017-15844
        RESERVED
 CVE-2017-15843
@@ -20271,8 +20293,8 @@ CVE-2017-14881
        RESERVED
 CVE-2017-14880
        RESERVED
-CVE-2017-14879
-       RESERVED
+CVE-2017-14879 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
+       TODO: check
 CVE-2017-14878
        RESERVED
 CVE-2017-14877
@@ -20283,16 +20305,16 @@ CVE-2017-14875
        RESERVED
 CVE-2017-14874
        RESERVED
-CVE-2017-14873
-       RESERVED
+CVE-2017-14873 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
+       TODO: check
 CVE-2017-14872
        RESERVED
 CVE-2017-14871
        RESERVED
-CVE-2017-14870
-       RESERVED
-CVE-2017-14869
-       RESERVED
+CVE-2017-14870 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
+       TODO: check
+CVE-2017-14869 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
+       TODO: check
 CVE-2017-14868 (Restlet Framework before 2.3.11, when using SimpleXMLProvider, 
allows ...)
        - restlet <itp> (bug #596472)
 CVE-2017-14866 (There is a heap-based buffer overflow in the Exiv2::s2Data 
function of ...)
@@ -31598,12 +31620,12 @@ CVE-2017-11083
        RESERVED
 CVE-2017-11082
        RESERVED
-CVE-2017-11081
-       RESERVED
-CVE-2017-11080
-       RESERVED
-CVE-2017-11079
-       RESERVED
+CVE-2017-11081 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
+       TODO: check
+CVE-2017-11080 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
+       TODO: check
+CVE-2017-11079 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
+       TODO: check
 CVE-2017-11078
        RESERVED
 CVE-2017-11077
@@ -31628,8 +31650,8 @@ CVE-2017-11068
        RESERVED
 CVE-2017-11067 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11066
-       RESERVED
+CVE-2017-11066 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
+       TODO: check
 CVE-2017-11065
        RESERVED
 CVE-2017-11064 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
@@ -31754,8 +31776,8 @@ CVE-2017-11005 (In Android for MSM, Firefox OS for MSM, 
QRD Android, with all An
        NOT-FOR-US: Qualcomm closed-source components for Android
 CVE-2017-11004
        RESERVED
-CVE-2017-11003
-       RESERVED
+CVE-2017-11003 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
+       TODO: check
 CVE-2017-11002 (In all Qualcomm products with Android releases from CAF using 
the ...)
        NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-11001 (In all Qualcomm products with Android releases from CAF using 
the ...)
@@ -35410,8 +35432,8 @@ CVE-2017-9714 (In Android for MSM, Firefox OS for MSM, 
QRD Android, with all And
        NOT-FOR-US: Qualcomm components for Android
 CVE-2017-9713
        RESERVED
-CVE-2017-9712
-       RESERVED
+CVE-2017-9712 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
+       TODO: check
 CVE-2017-9711
        RESERVED
 CVE-2017-9710 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
@@ -35424,8 +35446,8 @@ CVE-2017-9707
        RESERVED
 CVE-2017-9706 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9705
-       RESERVED
+CVE-2017-9705 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
+       TODO: check
 CVE-2017-9704
        RESERVED
 CVE-2017-9703 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
@@ -35460,8 +35482,8 @@ CVE-2017-9691
        NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-9690 (In android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9689
-       RESERVED
+CVE-2017-9689 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
+       TODO: check
 CVE-2017-9688
        RESERVED
 CVE-2017-9687 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
@@ -145047,6 +145069,7 @@ CVE-2014-0352
 CVE-2014-0351 (The FortiManager protocol service in Fortinet FortiOS before 
4.3.16 ...)
        NOT-FOR-US: Fortinet FortiOS
 CVE-2014-0350 (The Poco::Net::X509Certificate::verify method in the NetSSL 
library in ...)
+       {DLA-1239-1}
        - poco 1.3.6p1-5 (low; bug #746637)
        [squeeze] - poco <no-dsa> (Minor issue)
 CVE-2014-0349 (Multiple unspecified vulnerabilities in J2k-Codec allow remote 
...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2d05deb643af1b41de0e2ee457c24d0c64353501

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2d05deb643af1b41de0e2ee457c24d0c64353501
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to