[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
38df7b00 by security tracker role at 2018-04-09T20:10:27+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,119 @@
+CVE-2018-9915
+       RESERVED
+CVE-2018-9914
+       RESERVED
+CVE-2018-9913
+       RESERVED
+CVE-2018-9912
+       RESERVED
+CVE-2018-9911
+       RESERVED
+CVE-2018-9910
+       RESERVED
+CVE-2018-9909
+       RESERVED
+CVE-2018-9908
+       RESERVED
+CVE-2018-9907
+       RESERVED
+CVE-2018-9906
+       RESERVED
+CVE-2018-9905
+       RESERVED
+CVE-2018-9904
+       RESERVED
+CVE-2018-9903
+       RESERVED
+CVE-2018-9902
+       RESERVED
+CVE-2018-9901
+       RESERVED
+CVE-2018-9900
+       RESERVED
+CVE-2018-9899
+       RESERVED
+CVE-2018-9898
+       RESERVED
+CVE-2018-9897
+       RESERVED
+CVE-2018-9896
+       RESERVED
+CVE-2018-9895
+       RESERVED
+CVE-2018-9894
+       RESERVED
+CVE-2018-9893
+       RESERVED
+CVE-2018-9892
+       RESERVED
+CVE-2018-9891
+       RESERVED
+CVE-2018-9890
+       RESERVED
+CVE-2018-9889
+       RESERVED
+CVE-2018-9888
+       RESERVED
+CVE-2018-9887
+       RESERVED
+CVE-2018-9886
+       RESERVED
+CVE-2018-9885
+       RESERVED
+CVE-2018-9884
+       RESERVED
+CVE-2018-9883
+       RESERVED
+CVE-2018-9882
+       RESERVED
+CVE-2018-9881
+       RESERVED
+CVE-2018-9880
+       RESERVED
+CVE-2018-9879
+       RESERVED
+CVE-2018-9878
+       RESERVED
+CVE-2018-9877
+       RESERVED
+CVE-2018-9876
+       RESERVED
+CVE-2018-9875
+       RESERVED
+CVE-2018-9874
+       RESERVED
+CVE-2018-9873
+       RESERVED
+CVE-2018-9872
+       RESERVED
+CVE-2018-9871
+       RESERVED
+CVE-2018-9870
+       RESERVED
+CVE-2018-9869
+       RESERVED
+CVE-2018-9868
+       RESERVED
+CVE-2018-9867
+       RESERVED
+CVE-2018-9866
+       RESERVED
+CVE-2018-9865
+       RESERVED
+CVE-2018-9864 (The WP Live Chat Support plugin before 8.0.06 for WordPress has 
stored ...)
+       TODO: check
+CVE-2018-9863
+       RESERVED
+CVE-2018-9862 (util.c in runV 1.0.0 for Docker mishandles a numeric username, 
which ...)
+       TODO: check
+CVE-2018-9861
+       RESERVED
+CVE-2018-9860
+       RESERVED
+CVE-2018-9859
+       RESERVED
+CVE-2018-1000168
+       RESERVED
 CVE-2018-9858
        RESERVED
 CVE-2018-9857 (PHP Scripts Mall Match Clone Script 1.0.4 has XSS via the 
search field ...)
@@ -1561,6 +1677,7 @@ CVE-2018-9167
 CVE-2018-9166
        RESERVED
 CVE-2018-9165 (The pushdup function in util/decompile.c in libming through 
0.4.8 does ...)
+       {DLA-1343-1}
        - ming <removed>
        NOTE: https://github.com/libming/libming/issues/121
 CVE-2018-9164
@@ -4624,6 +4741,7 @@ CVE-2018-7876 (In libming 0.4.8, a memory exhaustion 
vulnerability was found in 
        - ming <removed>
        NOTE: https://github.com/libming/libming/issues/109
 CVE-2018-7875 (There is a heap-based buffer over-read in the getString 
function of ...)
+       {DLA-1343-1}
        - ming <removed>
        NOTE: https://github.com/libming/libming/issues/112
 CVE-2018-7874 (An invalid memory address dereference was discovered in 
strlenext in ...)
@@ -4633,21 +4751,26 @@ CVE-2018-7873 (There is a heap-based buffer overflow in 
the getString function o
        - ming <removed>
        NOTE: https://github.com/libming/libming/issues/111
 CVE-2018-7872 (An invalid memory address dereference was discovered in the 
function ...)
+       {DLA-1343-1}
        - ming <removed>
        NOTE: https://github.com/libming/libming/issues/114
 CVE-2018-7871 (There is a heap-based buffer over-read in the getName function 
of ...)
+       {DLA-1343-1}
        - ming <removed>
        NOTE: https://github.com/libming/libming/issues/120
 CVE-2018-7870 (An invalid memory address dereference was discovered in 
getString in ...)
+       {DLA-1343-1}
        - ming <removed>
        NOTE: https://github.com/libming/libming/issues/117
 CVE-2018-7869 (There is a memory leak triggered in the function dcinit of ...)
        - ming <removed>
        NOTE: https://github.com/libming/libming/issues/119
 CVE-2018-7868 (There is a heap-based buffer over-read in the getName function 
of ...)
+       {DLA-1343-1}
        - ming <removed>
        NOTE: https://github.com/libming/libming/issues/113
 CVE-2018-7867 (There is a heap-based buffer overflow in the getString function 
of ...)
+       {DLA-1343-1}
        - ming <removed>
        NOTE: https://github.com/libming/libming/issues/116
 CVE-2018-7866 (A NULL pointer dereference was discovered in newVar3 in ...)
@@ -9348,6 +9471,7 @@ CVE-2018-6359 (The decompileIF function 
(util/decompile.c) in libming through 0.
        - ming <removed>
        NOTE: https://github.com/libming/libming/issues/105
 CVE-2018-6358 (The printDefineFont2 function (util/listfdb.c) in libming 
through 0.4.8 ...)
+       {DLA-1343-1}
        - ming <removed>
        NOTE: https://github.com/libming/libming/issues/104
 CVE-2018-6357 (The acx_asmw_saveorder_callback function in function.php in the 
...)
@@ -22705,8 +22829,7 @@ CVE-2018-1310
        RESERVED
 CVE-2018-1309
        RESERVED
-CVE-2018-1308 [XXE attack through Apache Solr's DIH's dataConfig request 
parameter]
-       RESERVED
+CVE-2018-1308 (This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 
7.2.1 ...)
        - lucene-solr <unfixed>
        NOTE: http://www.openwall.com/lists/oss-security/2018/04/08/3
        NOTE: https://issues.apache.org/jira/browse/SOLR-11971
@@ -23492,6 +23615,7 @@ CVE-2018-1087
        RESERVED
 CVE-2018-1086 [Debug parameter removal bypass, allowing information disclosure]
        RESERVED
+       {DSA-4169-1}
        - pcs <unfixed> (bug #895313)
        NOTE: http://www.openwall.com/lists/oss-security/2018/04/09/2
 CVE-2018-1085
@@ -25516,14 +25640,14 @@ CVE-2018-0558
        RESERVED
 CVE-2018-0557
        RESERVED
-CVE-2018-0556
-       RESERVED
-CVE-2018-0555
-       RESERVED
-CVE-2018-0554
-       RESERVED
-CVE-2018-0553
-       RESERVED
+CVE-2018-0556 (Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to 
...)
+       TODO: check
+CVE-2018-0555 (Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier 
allows an ...)
+       TODO: check
+CVE-2018-0554 (Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to 
bypass ...)
+       TODO: check
+CVE-2018-0553 (The iRemoconWiFi App for Android version 4.1.7 and earlier does 
not ...)
+       TODO: check
 CVE-2018-0552 (Untrusted search path vulnerability in The installer of 
PhishWall ...)
        NOT-FOR-US: installer of PhishWall Client (Firefox and Chrome edition 
for Windows)
 CVE-2018-0551
@@ -25538,8 +25662,8 @@ CVE-2018-0547 (Cross-site scripting vulnerability in WP 
All Import plugin prior 
        NOT-FOR-US: WP All Import plugin for WordPress
 CVE-2018-0546 (Cross-site scripting vulnerability in WP All Import plugin 
prior to ...)
        NOT-FOR-US: WP All Import plugin for WordPress
-CVE-2018-0545
-       RESERVED
+CVE-2018-0545 (LXR version 1.0.0 to 2.3.0 allows remote attackers to execute 
...)
+       TODO: check
 CVE-2018-0544 (Untrusted search path vulnerability in WinShot 1.53a and 
earlier ...)
        NOT-FOR-US: WinShot
 CVE-2018-0543 (Untrusted search path vulnerability in Jtrim 1.53c and earlier 
...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/38df7b0047b632208396601d45ea9575430a3846

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/38df7b0047b632208396601d45ea9575430a3846
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits