Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 16a1d8bd by Moritz Muehlenhoff at 2020-05-19T10:49:05+02:00 new libreoffice issue NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -15,9 +15,9 @@ CVE-2020-13156 CVE-2020-13155 RESERVED CVE-2020-13154 (Zoho ManageEngine Service Plus before 11.1 build 11112 allows low-priv ...) - TODO: check + NOT-FOR-US: Zoho CVE-2020-13153 (app/View/Events/resolved_attributes.ctp in MISP before 2.4.126 has XSS ...) - TODO: check + NOT-FOR-US: MISP CVE-2020-13152 RESERVED CVE-2020-13151 @@ -25,17 +25,17 @@ CVE-2020-13151 CVE-2020-13150 RESERVED CVE-2020-13149 (Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" folder in Dr ...) - TODO: check + NOT-FOR-US: Dragon Center CVE-2020-13148 RESERVED CVE-2020-13147 RESERVED CVE-2020-13146 (Studio in Open edX Ironwood 2.5 allows CSV injection because an added ...) - TODO: check + NOT-FOR-US: Studio in Open edX Ironwood CVE-2020-13145 (Studio in Open edX Ironwood 2.5 allows users to upload SVG files via t ...) - TODO: check + NOT-FOR-US: Studio in Open edX Ironwood CVE-2020-13144 (Studio in Open edX Ironwood 2.5, when CodeJail is not used, allows a u ...) - TODO: check + NOT-FOR-US: Studio in Open edX Ironwood CVE-2020-13142 RESERVED CVE-2020-13141 @@ -119,7 +119,7 @@ CVE-2020-13112 CVE-2020-13111 (NaviServer 4.99.4 to 4.99.19 allows denial of service due to the nsd/d ...) NOT-FOR-US: NaviServer CVE-2020-13110 (The kerberos package before 1.0.0 for Node.js allows arbitrary code ex ...) - TODO: check + NOT-FOR-US: Node kerberos CVE-2020-13109 (Morita Shogi 64 through 2020-05-02 for Nintendo 64 devices allows remo ...) NOT-FOR-US: Morita Shogi CVE-2020-13108 @@ -151,7 +151,7 @@ CVE-2020-13096 CVE-2020-13095 RESERVED CVE-2020-13094 (Dolibarr before 11.0.4 allows XSS. ...) - TODO: check + - dolibarr <removed> CVE-2020-13093 (iSpyConnect.com Agent DVR before 2.7.1.0 allows directory traversal. ...) NOT-FOR-US: iSpyConnect.com Agent DVR CVE-2020-13092 (** DISPUTED ** scikit-learn (aka sklearn) through 0.23.0 can unseriali ...) @@ -756,7 +756,8 @@ CVE-2020-12803 CVE-2020-12802 RESERVED CVE-2020-12801 (If LibreOffice has an encrypted document open and crashes, that docume ...) - TODO: check + - libreoffice 1:6.4.3-1 (low) + NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801 CVE-2020-12800 RESERVED CVE-2020-12799 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16a1d8bd00723cb3bd16582ad563e556fff4bdbe -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16a1d8bd00723cb3bd16582ad563e556fff4bdbe You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits