[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Wed, 14 Feb 2018 01:11:35 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b18975bf by security tracker role at 2018-02-14T09:10:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,7 @@
+CVE-2018-6956
+       RESERVED
+CVE-2018-6955
+       RESERVED
 CVE-2018-6954 (systemd-tmpfiles in systemd through 237 mishandles symlinks 
present in ...)
        - systemd <unfixed>
        NOTE: https://github.com/systemd/systemd/issues/7986
@@ -158,8 +162,8 @@ CVE-2018-6912 (The decode_plane function in 
libavcodec/utvideodec.c in FFmpeg th
        NOTE: 
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/76cc0f0f673353cd4746cd3b83838ae335e5d9ed
 CVE-2018-6911 (The VBWinExec function in Node\AspVBObj.dll in Advantech 
WebAccess ...)
        NOT-FOR-US: Advantech WebAccess
-CVE-2018-6910
-       RESERVED
+CVE-2018-6910 (DedeCMS 5.7 allows remote attackers to discover the full path 
via a ...)
+       TODO: check
 CVE-2018-6909
        RESERVED
 CVE-2018-6908
@@ -411,6 +415,7 @@ CVE-2018-6801
 CVE-2018-6800
        RESERVED
 CVE-2018-6799 (The AcquireCacheNexus function in magick/pixel_cache.c in ...)
+       {DLA-1282-1}
        - graphicsmagick 1.3.28-1
        NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b41e2efce6d3
        NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d30ed06e9b87
@@ -4069,8 +4074,8 @@ CVE-2018-5461
        RESERVED
 CVE-2018-5460
        RESERVED
-CVE-2018-5459
-       RESERVED
+CVE-2018-5459 (An Improper Authentication issue was discovered in WAGO PFC200 
Series ...)
+       TODO: check
 CVE-2018-5458
        RESERVED
 CVE-2018-5457 (A uncontrolled search path element issue was discovered in 
Vyaire ...)
@@ -22573,8 +22578,7 @@ CVE-2017-15701 (In Apache Qpid Broker-J versions 6.1.0 
through 6.1.4 (inclusive)
        - qpid-java <itp> (bug #840131)
 CVE-2017-15700 (A flaw in the 
org.apache.sling.auth.core.AuthUtil#isRedirectValid ...)
        NOT-FOR-US: Apache Sling Authentication Service
-CVE-2017-15699
-       RESERVED
+CVE-2017-15699 (A Denial of Service vulnerability was found in Apache Qpid 
Dispatch ...)
        - qpid-dispatch <itp> (bug #737776)
        NOTE: http://www.openwall.com/lists/oss-security/2018/02/13/5
 CVE-2017-15698 (When parsing the AIA-Extension field of a client certificate, 
Apache ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b18975bf36c686ef254148318ab83edaf07cc922

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b18975bf36c686ef254148318ab83edaf07cc922
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to