[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Tue, 05 May 2020 01:10:35 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
21f1689e by security tracker role at 2020-05-05T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2020-12661
+       RESERVED
+CVE-2020-12660
+       RESERVED
+CVE-2020-12659 (An issue was discovered in the Linux kernel before 5.6.7. 
xdp_umem_reg ...)
+       TODO: check
+CVE-2020-12658
+       RESERVED
+CVE-2020-12657 (An issue was discovered in the Linux kernel before 5.6.5. 
There is a u ...)
+       TODO: check
+CVE-2020-12656 (gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the 
rpcsec_g ...)
+       TODO: check
+CVE-2020-12655 (An issue was discovered in xfs_agf_verify in 
fs/xfs/libxfs/xfs_alloc.c ...)
+       TODO: check
+CVE-2020-12654 (An issue was found in Linux kernel before 5.5.4. 
mwifiex_ret_wmm_get_s ...)
+       TODO: check
+CVE-2020-12653 (An issue was found in Linux kernel before 5.5.4. The 
mwifiex_cmd_appen ...)
+       TODO: check
+CVE-2020-12652 (The __mptctl_ioctl function in drivers/message/fusion/mptctl.c 
in the  ...)
+       TODO: check
+CVE-2020-12651
+       RESERVED
+CVE-2020-12650
+       RESERVED
+CVE-2020-12649 (Gurbalib through 2020-04-30 allows lib/cmds/player/help.c 
directory tr ...)
+       TODO: check
+CVE-2020-12648
+       RESERVED
+CVE-2020-12647
+       RESERVED
+CVE-2020-12646
+       RESERVED
+CVE-2020-12645
+       RESERVED
+CVE-2020-12644
+       RESERVED
+CVE-2020-12643
+       RESERVED
 CVE-2020-12642 (An issue was discovered in service-api before 4.3.12 and 5.x 
before 5. ...)
        NOT-FOR-US: Report Portal
 CVE-2020-12641 (rcube_image.php in Roundcube Webmail before 1.4.4 allows 
attackers to  ...)
@@ -5820,8 +5858,7 @@ CVE-2020-10719
        RESERVED
 CVE-2020-10718
        RESERVED
-CVE-2020-10717 [virtiofsd: stay below fs.file-max sysctl value]
-       RESERVED
+CVE-2020-10717 (A potential DoS flaw was found in the virtio-fs shared file 
system dae ...)
        - qemu <unfixed> (bug #959746)
        [buster] - qemu <not-affected> (Vulnerable code introduced later)
        [stretch] - qemu <not-affected> (Vulnerable code introduced later)
@@ -5892,8 +5929,7 @@ CVE-2020-10701 [guest agent timeout can be set under 
read-only mode leading to D
        [jessie] - libvirt <not-affected> (Vulnerable code introduced later)
        NOTE: Introduced in: 
https://libvirt.org/git/?p=libvirt.git;a=commit;h=95f5ac9ae52455e9da47afc95fa31c9456ac27ae
 (v5.10.0-rc1)
        NOTE: Fixed by: 
https://libvirt.org/git/?p=libvirt.git;a=commit;h=4cc90c2e62df653e909ad31fd810224bf8bcf913
 (v6.2.0-rc1)
-CVE-2020-10700
-       RESERVED
+CVE-2020-10700 (A use-after-free flaw was found in the way samba AD DC LDAP 
servers, h ...)
        - samba <unfixed>
        [buster] - samba <not-affected> (Vulnerable code introduced later)
        [stretch] - samba <not-affected> (Vulnerable code introduced later)
@@ -5950,8 +5986,7 @@ CVE-2020-10687
        RESERVED
        - undertow <undetermined>
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1785049
-CVE-2020-10686
-       RESERVED
+CVE-2020-10686 (A flaw was found in Keycloak version 8.0.2 and 9.0.0, and was 
fixed in ...)
        NOT-FOR-US: Keycloak
 CVE-2020-10685 [modules which use files encrypted with vault are not properly 
cleaned up]
        RESERVED
@@ -10077,7 +10112,7 @@ CVE-2020-8897
        RESERVED
 CVE-2020-8896 (A Buffer Overflow vulnerability in the khcrypt implementation 
in Googl ...)
        TODO: check
-CVE-2020-8895 (A vulnerability in the windows installer of Google Earth Pro 
versions  ...)
+CVE-2020-8895 (Untrusted Search Path vulnerability in the windows installer of 
Google ...)
        NOT-FOR-US: windows installer of Google Earth Pro
 CVE-2020-8894 (An issue was discovered in MISP before 2.4.121. ACLs for 
discussion th ...)
        NOT-FOR-US: MISP



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21f1689e16ee09705c24fd6baef662aba1390494

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21f1689e16ee09705c24fd6baef662aba1390494
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to