[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Thu, 23 Jan 2020 00:11:36 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6b2b6075 by security tracker role at 2020-01-23T08:10:34+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,55 @@
+CVE-2020-7920
+       RESERVED
+CVE-2020-7919
+       RESERVED
+CVE-2020-7918
+       RESERVED
+CVE-2020-7917
+       RESERVED
+CVE-2020-7916
+       RESERVED
+CVE-2020-7915 (An issue was discovered on Eaton 5P 850 devices. The Ubicacion 
SAI fie ...)
+       TODO: check
+CVE-2020-7914
+       RESERVED
+CVE-2020-7913
+       RESERVED
+CVE-2020-7912
+       RESERVED
+CVE-2020-7911
+       RESERVED
+CVE-2020-7910
+       RESERVED
+CVE-2020-7909
+       RESERVED
+CVE-2020-7908
+       RESERVED
+CVE-2020-7907
+       RESERVED
+CVE-2020-7906
+       RESERVED
+CVE-2020-7905
+       RESERVED
+CVE-2020-7904
+       RESERVED
+CVE-2019-20399 (A timing vulnerability in the Scalar::check_overflow function 
in Parit ...)
+       TODO: check
+CVE-2019-20398 (A NULL pointer dereference is present in libyang before 
v1.0-r3 in the ...)
+       TODO: check
+CVE-2019-20397 (A double-free is present in libyang before v1.0-r1 in the 
function yyp ...)
+       TODO: check
+CVE-2019-20396 (A segmentation fault is present in yyparse in libyang before 
v1.0-r1 d ...)
+       TODO: check
+CVE-2019-20395 (A stack consumption issue is present in libyang before v1.0-r1 
due to  ...)
+       TODO: check
+CVE-2019-20394 (A double-free is present in libyang before v1.0-r3 in the 
function yyp ...)
+       TODO: check
+CVE-2019-20393 (A double-free is present in libyang before v1.0-r1 in the 
function yyp ...)
+       TODO: check
+CVE-2019-20392 (An invalid memory access flaw is present in libyang before 
v1.0-r1 in  ...)
+       TODO: check
+CVE-2019-20391 (An invalid memory access flaw is present in libyang before 
v1.0-r3 in  ...)
+       TODO: check
 CVE-2020-7903
        RESERVED
 CVE-2020-7902
@@ -5634,8 +5686,8 @@ CVE-2020-5225
        RESERVED
 CVE-2020-5224
        RESERVED
-CVE-2020-5223
-       RESERVED
+CVE-2020-5223 (In PrivateBin versions 1.2.0 before 1.2.2, and 1.3.0 before 
1.3.2, a p ...)
+       TODO: check
 CVE-2020-5222
        RESERVED
 CVE-2020-5221 (In uftpd before 2.11, it is possible for an unauthenticated 
user to pe ...)
@@ -5646,10 +5698,10 @@ CVE-2020-5219
        RESERVED
 CVE-2020-5218
        RESERVED
-CVE-2020-5217
-       RESERVED
-CVE-2020-5216
-       RESERVED
+CVE-2020-5217 (In Secure Headers (RubyGem secure_headers), a directive 
injection vuln ...)
+       TODO: check
+CVE-2020-5216 (In Secure Headers (RubyGem secure_headers), a directive 
injection vuln ...)
+       TODO: check
 CVE-2020-5215
        RESERVED
 CVE-2020-5214
@@ -10126,12 +10178,12 @@ CVE-2019-19844 (Django before 1.11.27, 2.x before 
2.2.9, and 3.x before 3.0.1 al
        NOTE: 
https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2
 (1.11.x branch)
 CVE-2019-19843 (Incorrect access control in the web interface in Ruckus 
Wireless Unlea ...)
        NOT-FOR-US: Ruckus devices
-CVE-2019-19842
-       RESERVED
-CVE-2019-19841
-       RESERVED
-CVE-2019-19840
-       RESERVED
+CVE-2019-19842 (emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 
allows remot ...)
+       TODO: check
+CVE-2019-19841 (emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 
allows remot ...)
+       TODO: check
+CVE-2019-19840 (A stack-based buffer overflow in zap_parse_args in zap.c in 
zap in Ruc ...)
+       TODO: check
 CVE-2019-19839
        RESERVED
 CVE-2019-19838
@@ -302260,8 +302312,7 @@ CVE-2011-3624 (Various methods in 
WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 a
 CVE-2011-3623 (Multiple stack-based buffer overflows in VideoLAN VLC media 
player bef ...)
        - vlc 1.1.3-1
        NOTE: https://bugs.gentoo.org/show_bug.cgi?id=285370
-CVE-2011-3622
-       RESERVED
+CVE-2011-3622 (A Cross-Site Scripting (XSS) vulnerability exists in the admin 
login s ...)
        NOT-FOR-US: phorum
 CVE-2011-3621 (A reverse proxy issue exists in FluxBB before 1.4.7 when 
FORUM_BEHIND_ ...)
        NOT-FOR-US: fluxbb



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6b2b6075f572fef72ca42a8a292d2f8e87d46a63

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6b2b6075f572fef72ca42a8a292d2f8e87d46a63
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to