Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 42a4a8fb by Salvatore Bonaccorso at 2020-05-25T11:26:33+02:00 Reference upstream commits for the three ticket for CVE-2019-18823 The issue(s) are fixed in 8.8.8 and 8.9.6, so filter out the changes to for the release notes and build fixes separately covered in the comparision between 8.8.7 and 8.8.8. - - - - - ca3a79aa by Salvatore Bonaccorso at 2020-05-25T11:27:58+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,9 +1,9 @@ CVE-2020-13440 (ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c. ...) - TODO: check + NOT-FOR-US: ffjpeg CVE-2020-13439 (ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_de ...) - TODO: check + NOT-FOR-US: ffjpeg CVE-2020-13438 (ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c ...) - TODO: check + NOT-FOR-US: ffjpeg CVE-2020-13437 RESERVED CVE-2020-13436 @@ -13,7 +13,7 @@ CVE-2020-13435 (SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCod CVE-2020-13434 (SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf ...) TODO: check CVE-2020-13433 (Jason2605 AdminPanel 4.0 allows SQL Injection via the editPlayer.php h ...) - TODO: check + NOT-FOR-US: Jason2605 AdminPanel CVE-2020-13432 RESERVED CVE-2020-13431 @@ -32570,7 +32570,11 @@ CVE-2019-18823 (HTCondor up to and including stable series 8.8.6 and development NOTE: https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0002.html NOTE: https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0003.html NOTE: https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0004.html - NOTE: https://github.com/htcondor/htcondor/compare/V8_8_7...V8_8_8 + NOTE: https://github.com/htcondor/htcondor/commit/95eaee86e7ad3852c17df46a1b8b193dabd1fd14 + NOTE: https://github.com/htcondor/htcondor/commit/07e33c8b14aa00e04d045d4d79c963db082a3129 + NOTE: https://github.com/htcondor/htcondor/commit/cbcb93695a932d511c1c7bd40aed1eabeff01d8d + NOTE: https://github.com/htcondor/htcondor/commit/3916209123a8ef762b7a9cd84ca0cf8b2cd99716 + NOTE: https://github.com/htcondor/htcondor/commit/5c84c6f0b3db4eda1eec42c2c708069bb9393f0b CVE-2019-18822 (A privilege escalation vulnerability in ZOOM Call Recording 6.3.1 allo ...) NOT-FOR-US: ZOOM Call Recording CVE-2019-18821 (Eximious Logo Designer 3.82 has a User Mode Write AV starting at ExiCu ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6a5cecd1e67e0ed3fbc99596f0fbe389125e94c2...ca3a79aa6d550b7165b5c030279c9cd5c52d6a40 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6a5cecd1e67e0ed3fbc99596f0fbe389125e94c2...ca3a79aa6d550b7165b5c030279c9cd5c52d6a40 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits