Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7ffc1f82 by security tracker role at 2018-04-05T08:10:18+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,53 @@
+CVE-2018-9310
+       RESERVED
+CVE-2018-9309 (An issue was discovered in zzcms 8.2. It allows SQL injection 
via the ...)
+       TODO: check
+CVE-2018-9308
+       RESERVED
+CVE-2018-9307 (dsmall v20180320 allows XSS via the pdr_sn parameter to ...)
+       TODO: check
+CVE-2018-9306 (In Exiv2 0.26, an out-of-bounds read in 
IptcData::printStructure in ...)
+       TODO: check
+CVE-2018-9305 (In Exiv2 0.26, an out-of-bounds read in 
IptcData::printStructure in ...)
+       TODO: check
+CVE-2018-9304 (In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in 
...)
+       TODO: check
+CVE-2018-9303 (In Exiv2 0.26, an assertion failure in BigTiffImage::readData 
in ...)
+       TODO: check
+CVE-2018-9302
+       RESERVED
+CVE-2018-9301
+       RESERVED
+CVE-2018-9300
+       RESERVED
+CVE-2018-9299
+       RESERVED
+CVE-2018-9298
+       RESERVED
+CVE-2018-9297
+       RESERVED
+CVE-2018-9296
+       RESERVED
+CVE-2018-9295
+       RESERVED
+CVE-2018-9294
+       RESERVED
+CVE-2018-9293
+       RESERVED
+CVE-2018-9292
+       RESERVED
+CVE-2018-9291
+       RESERVED
+CVE-2018-9290
+       RESERVED
+CVE-2018-9289
+       RESERVED
+CVE-2018-9288
+       RESERVED
+CVE-2018-9287
+       RESERVED
+CVE-2018-9286
+       RESERVED
 CVE-2018-XXXX [Persistent XSS in filename of merge request]
        - gitlab <unfixed> (bug #894869)
        NOTE: 
https://about.gitlab.com/2018/04/04/security-release-gitlab-10-dot-6-dot-3-released/
@@ -38,7 +88,7 @@ CVE-2018-9275 (In check_user_token in util.c in the Yubico 
PAM module (aka pam_y
 CVE-2017-18257 (The __get_data_block function in fs/f2fs/data.c in the Linux 
kernel ...)
        - linux 4.11.6-1
        NOTE: Fixed by: 
https://git.kernel.org/linus/b86e33075ed1909d8002745b56ecf73b833db143
-CVE-2018-1002150 [koji: Dist Repo call missing authorization check]
+CVE-2018-1002150 (Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect 
access ...)
        - koji <unfixed> (bug #894832)
        NOTE: http://www.openwall.com/lists/oss-security/2018/04/04/1
        NOTE: https://docs.pagure.org/koji/CVE-2018-1002150/
@@ -22193,8 +22243,7 @@ CVE-2018-1098 (A cross-site request forgery flaw was 
found in etcd 3.3.1 and ear
        - etcd <unfixed>
        NOTE: https://github.com/coreos/etcd/issues/9353
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1552714
-CVE-2018-1097 [Ovirt admin password exposed by foreman API]
-       RESERVED
+CVE-2018-1097 (A flaw was found in foreman before 1.16.1. The issue allows 
users with ...)
        - foreman <itp> (bug #663101)
        NOTE: https://projects.theforeman.org/issues/22546
        NOTE: https://github.com/theforeman/foreman/pull/5369
@@ -22241,10 +22290,10 @@ CVE-2018-1083 (Zsh before version 5.4.2-test-1 is 
vulnerable to a buffer overflo
        [stretch] - zsh <no-dsa> (Minor issue)
        [jessie] - zsh <no-dsa> (Minor issue)
        NOTE: 
https://sourceforge.net/p/zsh/code/ci/259ac472eac291c8c103c7a0d8a4eaf3c2942ed7
-CVE-2018-1082
-       RESERVED
-CVE-2018-1081
-       RESERVED
+CVE-2018-1082 (A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4. If a 
user ...)
+       TODO: check
+CVE-2018-1081 (A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 
3.2.7, ...)
+       TODO: check
 CVE-2018-1080 [Mishandled ACL configuration in AAclAuthz.java reverses rules 
that allow and deny access]
        RESERVED
        - dogtag-pki <unfixed> (bug #893690)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7ffc1f82203aa5f717f841fb0fa3ccbd1f757587

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7ffc1f82203aa5f717f841fb0fa3ccbd1f757587
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to