Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9b385c0d by security tracker role at 2020-02-29T20:10:23+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -508,6 +508,7 @@ CVE-2020-9272 (ProFTPD 1.3.7 has an out-of-bounds (OOB)
read vulnerability in mo
NOTE: Debian does not build mod_cap and does not use the embedded
libcap.
NOTE: Sourcewise fixed in 1.3.6c by updating to the lastest libcap.
CVE-2019-20479 (A flaw was found in mod_auth_openidc before version 2.4.1. An
open red ...)
+ {DLA-2130-1}
- libapache2-mod-auth-openidc 2.4.1-1
NOTE:
https://github.com/zmartzone/mod_auth_openidc/commit/02431c0adfa30f478cf2eb20ed6ea51fdf446be7
NOTE: https://github.com/zmartzone/mod_auth_openidc/pull/453
@@ -16421,7 +16422,7 @@ CVE-2020-2660 (Vulnerability in the MySQL Server
product of Oracle MySQL (compon
- mysql-5.7 <unfixed> (bug #949994)
NOTE:
https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
CVE-2020-2659 (Vulnerability in the Java SE, Java SE Embedded product of
Oracle Java ...)
- {DSA-4621-1}
+ {DSA-4621-1 DLA-2128-1}
- openjdk-8 8u242-b08-1
- openjdk-7 <removed>
CVE-2020-2658 (Vulnerability in the Oracle iSupport product of Oracle
E-Business Suit ...)
@@ -16435,7 +16436,7 @@ CVE-2020-2655 (Vulnerability in the Java SE product of
Oracle Java SE (component
- openjdk-13 13.0.2+8-1
- openjdk-11 11.0.6+10-1
CVE-2020-2654 (Vulnerability in the Java SE product of Oracle Java SE
(component: Lib ...)
- {DSA-4621-1 DSA-4605-1}
+ {DSA-4621-1 DSA-4605-1 DLA-2128-1}
- openjdk-13 13.0.2+8-1
- openjdk-11 11.0.6+10-1
- openjdk-8 8u242-b08-1
@@ -16540,7 +16541,7 @@ CVE-2020-2606 (Vulnerability in the PeopleSoft
Enterprise PeopleTools product of
CVE-2020-2605 (Vulnerability in the Oracle Solaris product of Oracle Systems
(compone ...)
NOT-FOR-US: Oracle
CVE-2020-2604 (Vulnerability in the Java SE, Java SE Embedded product of
Oracle Java ...)
- {DSA-4621-1 DSA-4605-1}
+ {DSA-4621-1 DSA-4605-1 DLA-2128-1}
- openjdk-13 13.0.2+8-1
- openjdk-11 11.0.6+10-1
- openjdk-8 8u242-b08-1
@@ -16550,7 +16551,7 @@ CVE-2020-2603 (Vulnerability in the Oracle Field
Service product of Oracle E-Bus
CVE-2020-2602 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
NOT-FOR-US: Oracle
CVE-2020-2601 (Vulnerability in the Java SE, Java SE Embedded product of
Oracle Java ...)
- {DSA-4621-1 DSA-4605-1}
+ {DSA-4621-1 DSA-4605-1 DLA-2128-1}
- openjdk-13 13.0.2+8-1
- openjdk-11 11.0.6+10-1
- openjdk-8 8u242-b08-1
@@ -16570,7 +16571,7 @@ CVE-2020-2595 (Vulnerability in the Oracle GraalVM
Enterprise Edition product of
CVE-2020-2594
RESERVED
CVE-2020-2593 (Vulnerability in the Java SE, Java SE Embedded product of
Oracle Java ...)
- {DSA-4621-1 DSA-4605-1}
+ {DSA-4621-1 DSA-4605-1 DLA-2128-1}
- openjdk-13 13.0.2+8-1
- openjdk-11 11.0.6+10-1
- openjdk-8 8u242-b08-1
@@ -16580,7 +16581,7 @@ CVE-2020-2592 (Vulnerability in the Oracle AutoVue
product of Oracle Supply Chai
CVE-2020-2591 (Vulnerability in the Oracle Web Applications Desktop Integrator
produc ...)
NOT-FOR-US: Oracle
CVE-2020-2590 (Vulnerability in the Java SE, Java SE Embedded product of
Oracle Java ...)
- {DSA-4621-1 DSA-4605-1}
+ {DSA-4621-1 DSA-4605-1 DLA-2128-1}
- openjdk-13 13.0.2+8-1
- openjdk-11 11.0.6+10-1
- openjdk-8 8u242-b08-1
@@ -16603,7 +16604,7 @@ CVE-2020-2584 (Vulnerability in the MySQL Server
product of Oracle MySQL (compon
- mysql-5.7 <unfixed> (bug #949994)
NOTE:
https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
CVE-2020-2583 (Vulnerability in the Java SE, Java SE Embedded product of
Oracle Java ...)
- {DSA-4621-1 DSA-4605-1}
+ {DSA-4621-1 DSA-4605-1 DLA-2128-1}
- openjdk-13 13.0.2+8-1
- openjdk-11 11.0.6+10-1
- openjdk-8 8u242-b08-1
@@ -48561,6 +48562,7 @@ CVE-2019-10787 (im-resize through 2.3.2 allows remote
attackers to execute arbit
CVE-2019-10786 (network-manager through 1.0.2 allows remote attackers to
execute arbit ...)
NOT-FOR-US: network-manager node module
CVE-2019-10785 (dojox is vulnerable to Cross-site Scripting in all versions
before ver ...)
+ {DLA-2127-1}
- dojo 1.15.2+dfsg1-1 (bug #952771)
[buster] - dojo <no-dsa> (Minor issue)
NOTE:
https://github.com/dojo/dojox/security/advisories/GHSA-pg97-ww7h-5mjr
@@ -150730,7 +150732,7 @@ CVE-2017-11511 (The ManageEngine ServiceDesk 9.3.9328
is vulnerable to arbitrary
CVE-2017-11510 (An information leak exists in Wanscam's HW0021 network camera
that all ...)
NOT-FOR-US: Wanscam's HW0021 network camera
CVE-2017-11509 (An authenticated remote attacker can execute arbitrary code in
Firebir ...)
- {DLA-1374-1}
+ {DLA-2129-1 DLA-1374-1}
- firebird3.0 3.0.3.32900.ds4-3
[stretch] - firebird3.0 <postponed> (Minor issue, can be fixed along in
a future update)
- firebird2.5 <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b385c0d559b117963de62636bc2e29f17b9088a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b385c0d559b117963de62636bc2e29f17b9088a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
