[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Wed, 17 Jan 2018 13:45:49 -0800

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b940d59e by security tracker role at 2018-01-17T21:10:24+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,43 @@
+CVE-2018-5750
+       RESERVED
+CVE-2018-5749
+       RESERVED
+CVE-2018-5748
+       RESERVED
+CVE-2018-5747 (In Long Range Zip (aka lrzip) 0.631, there is a use-after-free 
in the ...)
+       TODO: check
+CVE-2018-5746
+       RESERVED
+CVE-2018-5745
+       RESERVED
+CVE-2018-5744
+       RESERVED
+CVE-2018-5743
+       RESERVED
+CVE-2018-5742
+       RESERVED
+CVE-2018-5741
+       RESERVED
+CVE-2018-5740
+       RESERVED
+CVE-2018-5739
+       RESERVED
+CVE-2018-5738
+       RESERVED
+CVE-2018-5737
+       RESERVED
+CVE-2018-5736
+       RESERVED
+CVE-2018-5735
+       RESERVED
+CVE-2018-5734
+       RESERVED
+CVE-2018-5733
+       RESERVED
+CVE-2018-5732
+       RESERVED
+CVE-2018-1000005
+       RESERVED
 CVE-2018-5731
        RESERVED
 CVE-2018-5730
@@ -1117,8 +1157,8 @@ CVE-2018-5260
        RESERVED
 CVE-2018-5259 (Discuz! DiscuzX X3.4 allows remote authenticated users to 
bypass ...)
        NOT-FOR-US: Discuz! DiscuzX
-CVE-2018-5258
-       RESERVED
+CVE-2018-5258 (The Neon app 1.6.14 iOS does not verify X.509 certificates from 
SSL ...)
+       TODO: check
 CVE-2018-5257
        RESERVED
 CVE-2018-5256
@@ -1270,8 +1310,8 @@ CVE-2018-5197
        RESERVED
 CVE-2018-5196
        RESERVED
-CVE-2018-5195
-       RESERVED
+CVE-2018-5195 (Hancom NEO versions 9.6.1.5183 and earlier have a buffer 
Overflow ...)
+       TODO: check
 CVE-2018-5194
        RESERVED
 CVE-2018-5193
@@ -13118,22 +13158,22 @@ CVE-2018-0741 (The Color Management Module 
(Icm32.dll) in Windows 7 SP1 and Wind
 CVE-2017-17089 (custom/run.cgi in Webmin before 1.870 allows remote 
authenticated ...)
        - webmin <removed>
 CVE-2017-17091 (wp-admin/user-new.php in WordPress before 4.9.1 sets the 
newbloguser ...)
-       {DLA-1216-1}
+       {DSA-4090-1 DLA-1216-1}
        - wordpress 4.9.1+dfsg-1 (bug #883314)
        NOTE: 
https://github.com/WordPress/WordPress/commit/eaf1cfdc1fe0bdffabd8d879c591b864d833326c
        NOTE: 
https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
 CVE-2017-17093 (wp-includes/general-template.php in WordPress before 4.9.1 
does not ...)
-       {DLA-1216-1}
+       {DSA-4090-1 DLA-1216-1}
        - wordpress 4.9.1+dfsg-1 (bug #883314)
        NOTE: 
https://github.com/WordPress/WordPress/commit/3713ac5ebc90fb2011e98dfd691420f43da6c09a
        NOTE: 
https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
 CVE-2017-17094 (wp-includes/feed.php in WordPress before 4.9.1 does not 
properly ...)
-       {DLA-1216-1}
+       {DSA-4090-1 DLA-1216-1}
        - wordpress 4.9.1+dfsg-1 (bug #883314)
        NOTE: 
https://github.com/WordPress/WordPress/commit/f1de7e42df29395c3314bf85bff3d1f4f90541de
        NOTE: 
https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
 CVE-2017-17092 (wp-includes/functions.php in WordPress before 4.9.1 does not 
require ...)
-       {DLA-1216-1}
+       {DSA-4090-1 DLA-1216-1}
        - wordpress 4.9.1+dfsg-1 (bug #883314)
        NOTE: 
https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509
        NOTE: 
https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
@@ -15546,8 +15586,8 @@ CVE-2018-0001 (A remote, unauthenticated attacker may 
be able to execute code by
        NOT-FOR-US: Juniper
 CVE-2017-16866 (dayrui FineCms 5.2.0 before 2017.11.16 has Cross Site 
Scripting (XSS) ...)
        NOT-FOR-US: dayrui FineCms
-CVE-2017-16865
-       RESERVED
+CVE-2017-16865 (The Trello importer in Atlassian Jira before version 7.6.1 
allows ...)
+       TODO: check
 CVE-2017-16864 (The issue search resource in Atlassian Jira before version 
7.4.2 ...)
        NOT-FOR-US: Atlassian Jira
 CVE-2017-16863
@@ -16607,7 +16647,7 @@ CVE-2017-1000132 (Mahara 1.8 before 1.8.7 and 1.9 
before 1.9.5 and 1.10 before 1
 CVE-2017-1000131 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 
16.04 before ...)
        - mahara <removed>
 CVE-2017-16510 (WordPress before 4.8.3 is affected by an issue where 
$wpdb-&gt;prepare() ...)
-       {DLA-1160-1}
+       {DSA-4090-1 DLA-1160-1}
        - wordpress 4.8.3+dfsg-1 (bug #880528)
        NOTE: https://wpvulndb.com/vulnerabilities/8941
        NOTE: 
https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b940d59e18b53c0bbb5bfc3d7ec5b244abb5d507

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b940d59e18b53c0bbb5bfc3d7ec5b244abb5d507
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to