[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Fri, 23 Feb 2018 01:11:29 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ec1956e3 by security tracker role at 2018-02-23T09:10:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,17 @@
+CVE-2018-7422
+       RESERVED
+CVE-2018-7421
+       RESERVED
+CVE-2018-7420
+       RESERVED
+CVE-2018-7419
+       RESERVED
+CVE-2018-7418
+       RESERVED
+CVE-2018-7417
+       RESERVED
+CVE-2018-7416
+       RESERVED
 CVE-2018-XXXX [heap-buffer-overflow in freexl.c:3912 
read_mini_biff_next_record]
        - freexl 1.0.5-1
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547892
@@ -972,14 +986,17 @@ CVE-2018-7053 (An issue was discovered in Irssi before 
1.0.7 and 1.1.x before 1.
        NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
        NOTE: Fixed by: 
https://github.com/irssi/irssi/commit/84f03e01467b90a4251987b32b2813ee976b357c
 CVE-2018-7052 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 
1.1.1. ...)
+       {DLA-1289-1}
        - irssi <unfixed> (bug #890676)
        NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
        NOTE: Fixed by: 
https://github.com/irssi/irssi/commit/5b5bfef03596d95079c728f65f523570dd7b03aa
 CVE-2018-7051 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 
1.1.1. ...)
+       {DLA-1289-1}
        - irssi <unfixed> (bug #890677)
        NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
        NOTE: Fixed by: 
https://github.com/irssi/irssi/commit/e32e9d63c67ab95ef0576154680a6c52334b97af
 CVE-2018-7050 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 
1.1.1. A ...)
+       {DLA-1289-1}
        - irssi <unfixed> (bug #890678)
        NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
        NOTE: Fixed by: 
https://github.com/irssi/irssi/commit/e91da9e4098e449dc36eaa15354aff67650e7703
@@ -2565,10 +2582,10 @@ CVE-2018-6491
        RESERVED
 CVE-2018-6490
        RESERVED
-CVE-2018-6489
-       RESERVED
-CVE-2018-6488
-       RESERVED
+CVE-2018-6489 (XML External Entity (XXE) vulnerability in Micro Focus Project 
and ...)
+       TODO: check
+CVE-2018-6488 (Arbitrary Code Execution vulnerability in Micro Focus Universal 
CMDB, ...)
+       TODO: check
 CVE-2018-6487 (Remote Disclosure of Information in Micro Focus Universal CMDB 
...)
        NOT-FOR-US: Micro Focus Universal CMDB Foundation Software
 CVE-2018-6486 (XML External Entity (XXE) vulnerability in Micro Focus Fortify 
Audit ...)
@@ -5761,7 +5778,7 @@ CVE-2018-1000028 (Linux kernel version after commit 
bdcf0a423ea1 - 4.15-rc4+, 4.
        NOTE: Introducing commit backported to 4.14.8 and 4.9.76. But Debian 
stretch
        NOTE: did never contain the vulnerable code alone without the fix.
 CVE-2018-1000027 (The Squid Software Foundation Squid HTTP Caching Proxy 
version prior ...)
-       {DLA-1267-1 DLA-1266-1}
+       {DSA-4122-1 DLA-1267-1 DLA-1266-1}
        [experimental] - squid 4.0.23-1~exp8
        - squid <removed>
        - squid3 3.5.27-1 (bug #888720)
@@ -5770,7 +5787,7 @@ CVE-2018-1000027 (The Squid Software Foundation Squid 
HTTP Caching Proxy version
        NOTE: Squid 4: 
http://www.squid-cache.org/Versions/v4/changesets/SQUID-2018_2.patch
        NOTE: http://www.squid-cache.org/Advisories/SQUID-2018_2.txt
 CVE-2018-1000024 (The Squid Software Foundation Squid HTTP Caching Proxy 
version 3.0 to ...)
-       {DLA-1266-1}
+       {DSA-4122-1 DLA-1266-1}
        [experimental] - squid 4.0.23-1~exp8
        - squid <removed>
        [wheezy] - squid <not-affected> (Not affected according to upstream 
advisory)
@@ -20503,8 +20520,8 @@ CVE-2018-0017
        RESERVED
 CVE-2018-0016
        RESERVED
-CVE-2018-0015
-       RESERVED
+CVE-2018-0015 (A malicious user with unrestricted access to the AppFormix 
application ...)
+       TODO: check
 CVE-2018-0014 (Juniper Networks ScreenOS devices do not pad Ethernet packets 
with ...)
        NOT-FOR-US: Juniper
 CVE-2018-0013 (A local file inclusion vulnerability in Juniper Networks Junos 
Space ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ec1956e33bf33b4e918f50d4c5c3a10f33cdea62

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ec1956e33bf33b4e918f50d4c5c3a10f33cdea62
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to