Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f546f30e by security tracker role at 2020-05-09T20:10:26+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,28 @@
-CVE-2019-20794 [kernel hang in fuse]
+CVE-2020-12766 (Gnuteca 3.8 allows action=main:search:simpleSearch SQL
Injection via t ...)
+ TODO: check
+CVE-2020-12765 (Solis Miolo 2.0 allows
index.php?module=install&action=view&it ...)
+ TODO: check
+CVE-2020-12764 (Gnuteca 3.8 allows file.php?folder=/&file= Directory
Traversal. ...)
+ TODO: check
+CVE-2020-12763
+ RESERVED
+CVE-2020-12762 (json-c through 0.14 has an integer overflow and out-of-bounds
write vi ...)
+ TODO: check
+CVE-2020-12761 (modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer
overflow ( ...)
+ TODO: check
+CVE-2020-12760
+ RESERVED
+CVE-2020-12759
+ RESERVED
+CVE-2020-12758
+ RESERVED
+CVE-2020-12757
+ RESERVED
+CVE-2020-12756
+ RESERVED
+CVE-2020-12755 (fishProtocol::establishConnection in fish/fish.cpp in KDE
kio-extras t ...)
+ TODO: check
+CVE-2019-20794 (An issue was discovered in the Linux kernel 4.18 through
5.6.11 when u ...)
- linux <unfixed>
NOTE: https://sourceforge.net/p/fuse/mailman/message/36598753/
CVE-2020-12754
@@ -281,8 +305,8 @@ CVE-2020-12639 (phpList before 3.5.3 allows XSS, with
resultant privilege elevat
- phplist <itp> (bug #612288)
CVE-2020-12638
RESERVED
-CVE-2020-12637
- RESERVED
+CVE-2020-12637 (Zulip Desktop before 5.2.0 has Missing SSL Certificate
Validation beca ...)
+ TODO: check
CVE-2018-21233 (TensorFlow before 1.7.0 has an integer overflow that causes an
out-of- ...)
- tensorflow <itp> (bug #804612)
CVE-2020-12636
@@ -796,7 +820,7 @@ CVE-2020-12398
RESERVED
CVE-2020-12397
RESERVED
- {DSA-4683-1}
+ {DSA-4683-1 DLA-2206-1}
- thunderbird 1:68.8.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/#CVE-2020-12397
CVE-2020-12396
@@ -805,7 +829,7 @@ CVE-2020-12396
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-12396
CVE-2020-12395
RESERVED
- {DSA-4683-1 DSA-4678-1 DLA-2205-1}
+ {DSA-4683-1 DSA-4678-1 DLA-2206-1 DLA-2205-1}
- firefox 76.0-1
- firefox-esr 68.8.0esr-1
- thunderbird 1:68.8.0-1
@@ -826,7 +850,7 @@ CVE-2020-12393
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/#CVE-2020-12393
CVE-2020-12392
RESERVED
- {DSA-4683-1 DSA-4678-1 DLA-2205-1}
+ {DSA-4683-1 DSA-4678-1 DLA-2206-1 DLA-2205-1}
- firefox 76.0-1
- firefox-esr 68.8.0esr-1
- thunderbird 1:68.8.0-1
@@ -855,7 +879,7 @@ CVE-2020-12388
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/#CVE-2020-12388
CVE-2020-12387
RESERVED
- {DSA-4683-1 DSA-4678-1 DLA-2205-1}
+ {DSA-4683-1 DSA-4678-1 DLA-2206-1 DLA-2205-1}
- firefox 76.0-1
- firefox-esr 68.8.0esr-1
- thunderbird 1:68.8.0-1
@@ -15285,7 +15309,7 @@ CVE-2019-20377 (TopList before 2019-09-03 allows XSS
via a title. ...)
NOT-FOR-US: TopList
CVE-2020-6831
RESERVED
- {DSA-4683-1 DSA-4678-1 DLA-2205-1}
+ {DSA-4683-1 DSA-4678-1 DLA-2206-1 DLA-2205-1}
- firefox 76.0-1
- firefox-esr 68.8.0esr-1
- chromium <unfixed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f546f30ef06af343fcee0cf622fb338d131a25e6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f546f30ef06af343fcee0cf622fb338d131a25e6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
