Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: cc74fc94 by Salvatore Bonaccorso at 2018-04-11T12:49:58+02:00 Process NFUs - - - - - 56e74fca by Salvatore Bonaccorso at 2018-04-11T12:50:34+02:00 Add CVE-2018-9918/qpdf - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -222,7 +222,8 @@ CVE-2018-9920 CVE-2018-9919 RESERVED CVE-2018-9918 (libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary ...) - TODO: check + - qpdf <unfixed> + NOTE: https://github.com/qpdf/qpdf/issues/202 CVE-2018-9917 RESERVED CVE-2018-9916 @@ -20203,7 +20204,7 @@ CVE-2018-2408 (Improper Session Management in SAP Business Objects, 4.0, from 4. CVE-2018-2407 RESERVED CVE-2018-2406 (Unquoted windows search path (directory/path traversal) vulnerability ...) - TODO: check + NOT-FOR-US: Crystal Reports Server CVE-2018-2405 (SAP Solution Manager, 7.10, 7.20, Incident Management Work Center ...) NOT-FOR-US: SAP CVE-2018-2404 (SAP Disclosure Management 10.1 allows an attacker to upload any file ...) @@ -127919,7 +127920,7 @@ CVE-2015-1959 (IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 befo CVE-2015-1958 (IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial ...) NOT-FOR-US: IBM CVE-2015-1957 (IBM WebSphere MQ 7.5.x before 7.5.0.6 and 8.0.x before 8.0.0.3 allows ...) - TODO: check + NOT-FOR-US: IBM WebSphere MQ CVE-2015-1956 (IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial ...) NOT-FOR-US: IBM CVE-2015-1955 (IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial ...) @@ -135672,7 +135673,7 @@ CVE-2015-0174 (The SNMP implementation in IBM WebSphere Application Server (WAS) CVE-2015-0173 (The HTTP connection-management functionality in Internet Pass-Thru ...) NOT-FOR-US: IBM CVE-2015-0172 (IBM Security SiteProtector System 3.0, 3.1.0 and 3.1.1 allows remote ...) - TODO: check + NOT-FOR-US: IBM Security SiteProtector System CVE-2015-0171 (Directory traversal vulnerability in IBM Security SiteProtector System ...) NOT-FOR-US: IBM CVE-2015-0170 (IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before ...) @@ -154207,7 +154208,7 @@ CVE-2014-1897 CVE-2014-1890 RESERVED CVE-2014-1889 (The Group creation process in the Buddypress plugin before 1.9.2 for ...) - TODO: check + NOT-FOR-US: Buddypress plugin for WordPress CVE-2014-1888 (Cross-site scripting (XSS) vulnerability in the BuddyPress plugin ...) NOT-FOR-US: BuddyPress plugin for WordPress CVE-2014-1880 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/d0cbe883c26c134b1fbcb12a5dcc6255c323fb4b...56e74fcaf407ccf79d7c47d278915c194c9dd3ab --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/d0cbe883c26c134b1fbcb12a5dcc6255c323fb4b...56e74fcaf407ccf79d7c47d278915c194c9dd3ab You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits