[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Mon, 02 Mar 2020 00:11:21 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
19f313e3 by security tracker role at 2020-03-02T08:10:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,151 @@
+CVE-2020-9550
+       RESERVED
+CVE-2020-9549 (In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an 
out-of-bou ...)
+       TODO: check
+CVE-2020-9548 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the 
interact ...)
+       TODO: check
+CVE-2020-9547 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the 
interact ...)
+       TODO: check
+CVE-2020-9546 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the 
interact ...)
+       TODO: check
+CVE-2020-9545 (Pale Moon 28.8.x before 28.8.4 has a segmentation fault related 
to mod ...)
+       TODO: check
+CVE-2020-9544
+       RESERVED
+CVE-2020-9543
+       RESERVED
+CVE-2020-9542
+       RESERVED
+CVE-2020-9541
+       RESERVED
+CVE-2020-9540 (Sophos HitmanPro.Alert before build 861 allows local elevation 
of priv ...)
+       TODO: check
+CVE-2020-9539
+       RESERVED
+CVE-2020-9538
+       RESERVED
+CVE-2020-9537
+       RESERVED
+CVE-2020-9536
+       RESERVED
+CVE-2020-9535 (fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer 
overfl ...)
+       TODO: check
+CVE-2020-9534 (fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer 
overfl ...)
+       TODO: check
+CVE-2020-9533
+       RESERVED
+CVE-2020-9532
+       RESERVED
+CVE-2020-9531
+       RESERVED
+CVE-2020-9530
+       RESERVED
+CVE-2020-9529
+       RESERVED
+CVE-2020-9528
+       RESERVED
+CVE-2020-9527
+       RESERVED
+CVE-2020-9526
+       RESERVED
+CVE-2020-9525
+       RESERVED
+CVE-2020-9524
+       RESERVED
+CVE-2020-9523
+       RESERVED
+CVE-2020-9522
+       RESERVED
+CVE-2020-9521
+       RESERVED
+CVE-2020-9520
+       RESERVED
+CVE-2020-9519
+       RESERVED
+CVE-2020-9518
+       RESERVED
+CVE-2020-9517
+       RESERVED
+CVE-2020-9516
+       RESERVED
+CVE-2020-9515
+       RESERVED
+CVE-2020-9514
+       RESERVED
+CVE-2020-9513
+       RESERVED
+CVE-2020-9512
+       RESERVED
+CVE-2020-9511
+       RESERVED
+CVE-2020-9510
+       RESERVED
+CVE-2020-9509
+       RESERVED
+CVE-2020-9508
+       RESERVED
+CVE-2020-9507
+       RESERVED
+CVE-2020-9506
+       RESERVED
+CVE-2020-9505
+       RESERVED
+CVE-2020-9504
+       RESERVED
+CVE-2020-9503
+       RESERVED
+CVE-2020-9502
+       RESERVED
+CVE-2020-9501
+       RESERVED
+CVE-2020-9500
+       RESERVED
+CVE-2020-9499
+       RESERVED
+CVE-2020-9498
+       RESERVED
+CVE-2020-9497
+       RESERVED
+CVE-2020-9496
+       RESERVED
+CVE-2020-9495
+       RESERVED
+CVE-2020-9494
+       RESERVED
+CVE-2020-9493
+       RESERVED
+CVE-2020-9492
+       RESERVED
+CVE-2020-9491
+       RESERVED
+CVE-2020-9490
+       RESERVED
+CVE-2020-9489
+       RESERVED
+CVE-2020-9488
+       RESERVED
+CVE-2020-9487
+       RESERVED
+CVE-2020-9486
+       RESERVED
+CVE-2020-9485
+       RESERVED
+CVE-2020-9484
+       RESERVED
+CVE-2020-9483
+       RESERVED
+CVE-2020-9482
+       RESERVED
+CVE-2020-9481
+       RESERVED
+CVE-2020-9480
+       RESERVED
+CVE-2020-9479
+       RESERVED
+CVE-2019-20485
+       RESERVED
+CVE-2013-7487
+       RESERVED
 CVE-2020-9478
        RESERVED
 CVE-2020-9477
@@ -6084,12 +6232,10 @@ CVE-2020-6804 (A reflected XSS vulnerability exists 
within the gateway, allowing
        TODO: check
 CVE-2020-6803 (An open redirect is present on the gateway's login page, which 
could c ...)
        TODO: check
-CVE-2020-6801
-       RESERVED
+CVE-2020-6801 (Mozilla developers reported memory safety bugs present in 
Firefox 72.  ...)
        - firefox 73.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6801
-CVE-2020-6800
-       RESERVED
+CVE-2020-6800 (Mozilla developers and community members reported memory safety 
bugs p ...)
        {DSA-4625-1 DSA-4620-1 DLA-2104-1 DLA-2102-1}
        - firefox 73.0-1
        - firefox-esr 68.5.0esr-1
@@ -6097,14 +6243,12 @@ CVE-2020-6800
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6800
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6800
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6800
-CVE-2020-6799
-       RESERVED
+CVE-2020-6799 (Command line arguments could have been injected during Firefox 
invocat ...)
        - firefox <not-affected> (Only affects Windows)
        - firefox-esr <not-affected> (Only affects Windows)
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6799
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6799
-CVE-2020-6798
-       RESERVED
+CVE-2020-6798 (If a template tag was used in a select tag, the parser could be 
confus ...)
        {DSA-4625-1 DSA-4620-1 DLA-2104-1 DLA-2102-1}
        - firefox 73.0-1
        - firefox-esr 68.5.0esr-1
@@ -6112,38 +6256,32 @@ CVE-2020-6798
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6798
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6798
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6798
-CVE-2020-6797
-       RESERVED
+CVE-2020-6797 (By downloading a file with the .fileloc extension, a 
semi-privileged e ...)
        - firefox <not-affected> (Only affects Mac OSX)
        - firefox-esr <not-affected> (Only affects Mac OSX)
        - thunderbird <not-affected> (Only affects Mac OSX)
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6797
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6797
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6797
-CVE-2020-6796
-       RESERVED
+CVE-2020-6796 (A content process could have modified shared memory relating to 
crash  ...)
        {DSA-4620-1 DLA-2102-1}
        - firefox 73.0-1
        - firefox-esr 68.5.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6796
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6796
-CVE-2020-6795
-       RESERVED
+CVE-2020-6795 (When processing a message that contains multiple S/MIME 
signatures, a  ...)
        {DSA-4625-1 DLA-2104-1}
        - thunderbird 1:68.5.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6795
-CVE-2020-6794
-       RESERVED
+CVE-2020-6794 (If a user saved passwords before Thunderbird 60 and then later 
set a m ...)
        {DSA-4625-1 DLA-2104-1}
        - thunderbird 1:68.5.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6794
-CVE-2020-6793
-       RESERVED
+CVE-2020-6793 (When processing an email message with an ill-formed envelope, 
Thunderb ...)
        {DSA-4625-1 DLA-2104-1}
        - thunderbird 1:68.5.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6793
-CVE-2020-6792
-       RESERVED
+CVE-2020-6792 (When deriving an identifier for an email message, uninitialized 
memory ...)
        {DSA-4625-1 DLA-2104-1}
        - thunderbird 1:68.5.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6792
@@ -8793,8 +8931,8 @@ CVE-2020-5541
        RESERVED
 CVE-2020-5540
        RESERVED
-CVE-2020-5539
-       RESERVED
+CVE-2020-5539 (GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and 
Ver.3.0 do no ...)
+       TODO: check
 CVE-2020-5538
        RESERVED
 CVE-2020-5537
@@ -28748,8 +28886,7 @@ CVE-2019-17028
        REJECTED
 CVE-2019-17027
        REJECTED
-CVE-2019-17026
-       RESERVED
+CVE-2019-17026 (Incorrect alias information in IonMonkey JIT compiler for 
setting arra ...)
        {DSA-4603-1 DSA-4600-1 DLA-2093-1 DLA-2071-1}
        - firefox 72.0.1-1 (bug #948452)
        - firefox-esr 68.4.1esr-1
@@ -72598,6 +72735,7 @@ CVE-2018-20075
 CVE-2018-20074
        RESERVED
 CVE-2018-20073 (Use of extended attributes in downloads in Google Chrome prior 
to 72.0 ...)
+       {DSA-4395-1}
        - chromium 72.0.3626.81-1 (low)
 CVE-2018-20072
        RESERVED
@@ -249544,6 +249682,7 @@ CVE-2014-6264
 CVE-2014-6263
        RESERVED
 CVE-2014-6262 (Multiple format string vulnerabilities in the python module in 
RRDtool ...)
+       {DLA-2131-1}
        - rrdtool 1.5.4-1
        NOTE: https://github.com/oetiker/rrdtool-1.x/pull/532
        NOTE: 
https://github.com/oetiker/rrdtool-1.x/commit/64ed5314af1255ab6dded45f70b39cdeab5ae2ec
 (v1.5.0-rc1)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19f313e3093c8d43ff2d8e003fa409c1211dad72

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19f313e3093c8d43ff2d8e003fa409c1211dad72
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to