Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fb50483e by Moritz Muehlenhoff at 2020-03-19T16:10:29+01:00
twisted no-dsa
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -274,9 +274,9 @@ CVE-2020-10567 (An issue was discovered in Responsive
Filemanager through 9.14.0
CVE-2018-21036
RESERVED
CVE-2020-10566 (grub2-bhyve, as used in FreeBSD bhyve before revision 525916
2020-02-1 ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2020-10565 (grub2-bhyve, as used in FreeBSD bhyve before revision 525916
2020-02-1 ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2020-10564 (An issue was discovered in the File Upload plugin before
4.13.0 for Wo ...)
NOT-FOR-US: File Upload plugin for WordPress
CVE-2020-10563 (An issue was discovered in DEVOME GRR before 3.4.1c.
frmcontactlist.ph ...)
@@ -338,7 +338,7 @@ CVE-2020-10537
CVE-2020-10536
RESERVED
CVE-2020-10534 (In the GlobalBlocking extension before 2020-03-10 for
MediaWiki throug ...)
- TODO: check
+ NOT-FOR-US: MediaWiki extension
CVE-2020-10535 (GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows
remote at ...)
- gitlab <not-affected> (Only affects Gitlab 12.8.x)
NOTE:
https://about.gitlab.com/releases/2020/03/11/critical-security-release-gitlab-12-dot-8-dot-6-released/
@@ -1261,11 +1261,15 @@ CVE-2020-10110 (** DISPUTED ** Citrix Gateway 11.1,
12.0, and 12.1 allows Inform
CVE-2020-10109 (In Twisted Web through 19.10.0, there was an HTTP request
splitting vu ...)
{DLA-2145-1}
- twisted <unfixed> (bug #953950)
+ [buster] - twisted <no-dsa> (Minor issue)
+ [stretch] - twisted <no-dsa> (Minor issue)
NOTE: https://know.bishopfox.com/advisories/twisted-version-19.10.0#INOR
NOTE:
https://github.com/twisted/twisted/commit/4a7d22e490bb8ff836892cc99a1f54b85ccb0281
CVE-2020-10108 (In Twisted Web through 19.10.0, there was an HTTP request
splitting vu ...)
{DLA-2145-1}
- twisted <unfixed> (bug #953950)
+ [buster] - twisted <no-dsa> (Minor issue)
+ [stretch] - twisted <no-dsa> (Minor issue)
NOTE: https://know.bishopfox.com/advisories/twisted-version-19.10.0#INOR
NOTE:
https://github.com/twisted/twisted/commit/4a7d22e490bb8ff836892cc99a1f54b85ccb0281
CVE-2020-10107 (PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to
stored XS ...)
@@ -2799,7 +2803,7 @@ CVE-2020-9410
CVE-2020-9409
RESERVED
CVE-2020-9408 (The Spotfire library component of TIBCO Software Inc.'s TIBCO
Spotfire ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2020-9407 (IBL Online Weather before 4.3.5a allows attackers to obtain
sensitive ...)
NOT-FOR-US: IBL Online Weather
CVE-2020-9406 (IBL Online Weather before 4.3.5a allows unauthenticated eval
injection ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb50483e6f9c6bddfa0335eb6e51024edd5f4d37
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb50483e6f9c6bddfa0335eb6e51024edd5f4d37
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
