Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a222e639 by Moritz Muehlenhoff at 2020-03-31T11:58:10+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -219085,11 +219085,11 @@ CVE-2016-0402 (Unspecified vulnerability in the
Java SE and Java SE Embedded com
CVE-2016-0401 (Unspecified vulnerability in the Oracle BI Publisher component
in Orac ...)
NOT-FOR-US: Oracle
CVE-2015-8536 (MITRE is populating this ID because it was assigned prior to
Lenovo be ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2015-8535 (MITRE is populating this ID because it was assigned prior to
Lenovo be ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2015-8534 (MITRE is populating this ID because it was assigned prior to
Lenovo be ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2015-8540 (Integer underflow in the png_check_keyword function in
pngwutil.c in l ...)
{DSA-3443-1 DLA-375-1}
- libpng <removed> (bug #807694)
@@ -223538,13 +223538,13 @@ CVE-2015-7339 (JCE Joomla Component 2.5.0 to 2.5.2
allows arbitrary file upload
CVE-2015-7338 (SQL Injection exists in AcyMailing Joomla Component before
4.9.5 via e ...)
NOT-FOR-US: Joomla addon
CVE-2015-7336 (MITRE is populating this ID because it was assigned prior to
Lenovo be ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2015-7335 (MITRE is populating this ID because it was assigned prior to
Lenovo be ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2015-7334 (MITRE is populating this ID because it was assigned prior to
Lenovo be ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2015-7333 (MITRE is populating this ID because it was assigned prior to
Lenovo be ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2015-7332
RESERVED
CVE-2015-7331 (The mcollective-puppet-agent plugin before 1.11.1 for Puppet
allows re ...)
@@ -227897,7 +227897,7 @@ CVE-2015-5685 (The lazy_bdecode function in
BitTorrent DHT bootstrap server (boo
NOTE: Even though the CVE mentions BitTorrent DHT Bootstrap server, the
vulnerable lazy_bdecode() function is effectively also available in
libtorrent-rasterbar in all Debian releases.
NOTE: Patch on libtorrent-rasterbar that has been applied in 1.0.6:
https://github.com/arvidn/libtorrent/commit/d9945f6f50a8c967888cd9c2ebe65ffbe462056e
CVE-2015-5684 (MITRE is populating this ID because it was assigned prior to
Lenovo be ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2015-5683
RESERVED
CVE-2015-5682 (upload.php in the Powerplay Gallery plugin 3.3 for WordPress
allows re ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a222e639ebc9e2e0da4b8512b2cf1a5bd15803be
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a222e639ebc9e2e0da4b8512b2cf1a5bd15803be
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
