Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
59201973 by Salvatore Bonaccorso at 2020-06-01T10:16:59+02:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7285,7 +7285,7 @@ CVE-2020-11076 (In Puma (RubyGem) before 4.3.4 and
3.12.5, an attacker could smu
NOTE:
https://github.com/puma/puma/security/advisories/GHSA-x7jg-6pwg-fx5h
NOTE:
https://github.com/puma/puma/commit/f24d5521295a2152c286abb0a45a1e1e2bd275bd
CVE-2020-11075 (In Anchore Engine version 0.7.0, a specially crafted container
image m ...)
- TODO: check
+ NOT-FOR-US: Anchore Engine
CVE-2020-11074
RESERVED
CVE-2020-11073 (In Autoswitch Python Virtualenv before version 0.16.0, a user
who ente ...)
@@ -7323,7 +7323,7 @@ CVE-2020-11060 (In GLPI before 9.4.6, an attacker can
execute system commands by
NOTE:
https://github.com/glpi-project/glpi/commit/ad748d59c94da177a3ed25111c453902396f320c
NOTE: Only supported behind an authenticated HTTP zone
CVE-2020-11059 (In AEgir greater than or equal to 21.7.0 and less than
21.10.1, aegir ...)
- TODO: check
+ NOT-FOR-US: AEgir
CVE-2020-11058 (In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds
seek in ...)
- freerdp2 2.1.1+dfsg1-1
[buster] - freerdp2 <no-dsa> (Minor issue)
@@ -15463,7 +15463,7 @@ CVE-2020-7814
CVE-2020-7813 (Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70
and prio ...)
NOT-FOR-US: Kaoni
CVE-2020-7812 (Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70
and prio ...)
- TODO: check
+ NOT-FOR-US: Kaoni ezHTTPTrans
CVE-2020-7811
RESERVED
CVE-2020-7810
@@ -24417,27 +24417,27 @@ CVE-2020-4025
CVE-2020-4024
RESERVED
CVE-2020-4023 (The review coverage resource in Atlassian Fisheye and Crucible
before ...)
- TODO: check
+ NOT-FOR-US: Atlassian Fisheye and Crucible
CVE-2020-4022
RESERVED
CVE-2020-4021 (Affected versions are: Before 8.5.5, and from 8.6.0 before
8.8.1 of At ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2020-4020 (The file downloading functionality in the Atlassian Companion
App befo ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2020-4019 (The file editing functionality in the Atlassian Companion App
before v ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2020-4018 (The setup resources in Atlassian Fisheye and Crucible before
version 4 ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2020-4017 (The /rest/jira-ril/1.0/jira-rest/applinks resource in the
crucible-jir ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2020-4016 (The /plugins/servlet/jira-blockers/ resource in the
crucible-jira-ril ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2020-4015 (The /json/fe/activeUserFinder.do resource in Altassian Fisheye
and Cru ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2020-4014 (The /profile/deleteWatch.do resource in Atlassian Fisheye and
Crucible ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2020-4013 (The review resource in Atlassian Fisheye and Crucible before
version 4 ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2020-4012
RESERVED
CVE-2020-4011
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5920197339774079929ea836f7c3d7edf1edc8a7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5920197339774079929ea836f7c3d7edf1edc8a7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
