Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2ecefd79 by security tracker role at 2020-06-04T20:38:09+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,29 +1,85 @@
-CVE-2020-13815
+CVE-2020-13843
RESERVED
-CVE-2020-13814
+CVE-2020-13842
RESERVED
-CVE-2020-13813
+CVE-2020-13841
RESERVED
-CVE-2020-13812
+CVE-2020-13840
RESERVED
-CVE-2020-13811
+CVE-2020-13839
RESERVED
-CVE-2020-13810
+CVE-2020-13838 (An issue was discovered on Samsung mobile devices with P(9.0)
and Q(10 ...)
+ TODO: check
+CVE-2020-13837 (An issue was discovered on Samsung mobile devices with Q(10.0)
softwar ...)
+ TODO: check
+CVE-2020-13836 (An issue was discovered on Samsung mobile devices with O(8.x),
P(9.0), ...)
+ TODO: check
+CVE-2020-13835 (An issue was discovered on Samsung mobile devices with O(8.x)
(with TE ...)
+ TODO: check
+CVE-2020-13834 (An issue was discovered on Samsung mobile devices with O(8.x),
P(9.0), ...)
+ TODO: check
+CVE-2020-13833 (An issue was discovered on Samsung mobile devices with O(8.x),
P(9.0), ...)
+ TODO: check
+CVE-2020-13832 (An issue was discovered on Samsung mobile devices with Q(10.0)
(with T ...)
+ TODO: check
+CVE-2020-13831 (An issue was discovered on Samsung mobile devices with O(8.x)
and P(9. ...)
+ TODO: check
+CVE-2020-13830 (An issue was discovered on Samsung mobile devices with P(9.0)
software ...)
+ TODO: check
+CVE-2020-13829 (An issue was discovered on Samsung mobile devices with P(9.0)
and Q(10 ...)
+ TODO: check
+CVE-2020-13828
+ RESERVED
+CVE-2020-13827 (phpList before 3.5.4 allows XSS via /lists/admin/user.php and
/lists/a ...)
+ TODO: check
+CVE-2020-13826
RESERVED
-CVE-2020-13809
+CVE-2020-13825
RESERVED
-CVE-2020-13808
+CVE-2020-13824
RESERVED
-CVE-2020-13807
+CVE-2020-13823
RESERVED
-CVE-2020-13806
+CVE-2020-13822 (The Elliptic package 6.5.2 for Node.js allows ECDSA signature
malleabi ...)
+ TODO: check
+CVE-2020-13821
RESERVED
-CVE-2020-13805
+CVE-2020-13820
RESERVED
-CVE-2020-13804
+CVE-2020-13819
RESERVED
-CVE-2020-13803
+CVE-2020-13818 (In Zoho ManageEngine OpManager before 125144, when
<cachestart> ...)
+ TODO: check
+CVE-2020-13817 (ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows
remote att ...)
+ TODO: check
+CVE-2020-13816
RESERVED
+CVE-2020-13815 (An issue was discovered in Foxit Reader and PhantomPDF before
9.7.1. I ...)
+ TODO: check
+CVE-2020-13814 (An issue was discovered in Foxit Reader and PhantomPDF before
9.7.1. I ...)
+ TODO: check
+CVE-2020-13813 (An issue was discovered in Foxit Studio Photo before
3.6.6.922. It all ...)
+ TODO: check
+CVE-2020-13812 (An issue was discovered in Foxit Studio Photo before
3.6.6.922. It all ...)
+ TODO: check
+CVE-2020-13811 (An issue was discovered in Foxit Studio Photo before
3.6.6.922. It has ...)
+ TODO: check
+CVE-2020-13810 (An issue was discovered in Foxit Reader and PhantomPDF before
9.7.2. I ...)
+ TODO: check
+CVE-2020-13809 (An issue was discovered in Foxit Reader and PhantomPDF before
9.7.2. I ...)
+ TODO: check
+CVE-2020-13808 (An issue was discovered in Foxit Reader and PhantomPDF before
9.7.2. I ...)
+ TODO: check
+CVE-2020-13807 (An issue was discovered in Foxit Reader and PhantomPDF before
9.7.2. I ...)
+ TODO: check
+CVE-2020-13806 (An issue was discovered in Foxit Reader and PhantomPDF before
9.7.2. I ...)
+ TODO: check
+CVE-2020-13805 (An issue was discovered in Foxit Reader and PhantomPDF before
9.7.2. I ...)
+ TODO: check
+CVE-2020-13804 (An issue was discovered in Foxit Reader and PhantomPDF before
9.7.2. I ...)
+ TODO: check
+CVE-2020-13803 (An issue was discovered in Foxit PhantomPDF Mac and Foxit
Reader for M ...)
+ TODO: check
CVE-2020-13802
RESERVED
CVE-2020-13801
@@ -44,76 +100,76 @@ CVE-2020-13793
RESERVED
CVE-2020-13792 (PlayTube 1.8 allows disclosure of user details via
ajax.php?type=../ad ...)
TODO: check
-CVE-2019-20837
- RESERVED
-CVE-2019-20836
- RESERVED
-CVE-2019-20835
- RESERVED
-CVE-2019-20834
- RESERVED
-CVE-2019-20833
- RESERVED
-CVE-2019-20832
- RESERVED
-CVE-2019-20831
- RESERVED
-CVE-2019-20830
- RESERVED
-CVE-2019-20829
- RESERVED
-CVE-2019-20828
- RESERVED
-CVE-2019-20827
- RESERVED
-CVE-2019-20826
- RESERVED
-CVE-2019-20825
- RESERVED
-CVE-2019-20824
- RESERVED
-CVE-2019-20823
- RESERVED
-CVE-2019-20822
- RESERVED
-CVE-2019-20821
- RESERVED
-CVE-2019-20820
- RESERVED
-CVE-2019-20819
- RESERVED
-CVE-2019-20818
- RESERVED
-CVE-2019-20817
- RESERVED
-CVE-2019-20816
- RESERVED
-CVE-2019-20815
- RESERVED
-CVE-2019-20814
- RESERVED
-CVE-2019-20813
- RESERVED
-CVE-2018-21244
- RESERVED
-CVE-2018-21243
- RESERVED
-CVE-2018-21242
- RESERVED
-CVE-2018-21241
- RESERVED
-CVE-2018-21240
- RESERVED
-CVE-2018-21239
- RESERVED
-CVE-2018-21238
- RESERVED
-CVE-2018-21237
- RESERVED
-CVE-2018-21236
- RESERVED
-CVE-2018-21235
- RESERVED
+CVE-2019-20837 (An issue was discovered in Foxit Reader and PhantomPDF before
9.5. It ...)
+ TODO: check
+CVE-2019-20836 (An issue was discovered in Foxit Reader and PhantomPDF before
9.5. It ...)
+ TODO: check
+CVE-2019-20835 (An issue was discovered in Foxit Reader and PhantomPDF before
9.5. It ...)
+ TODO: check
+CVE-2019-20834 (An issue was discovered in Foxit PhantomPDF before 8.3.10. It
allows s ...)
+ TODO: check
+CVE-2019-20833 (An issue was discovered in Foxit PhantomPDF before 8.3.10. It
has mish ...)
+ TODO: check
+CVE-2019-20832 (An issue was discovered in Foxit PhantomPDF before 8.3.10. It
has homo ...)
+ TODO: check
+CVE-2019-20831 (An issue was discovered in the 3D Plugin Beta for Foxit Reader
and Pha ...)
+ TODO: check
+CVE-2019-20830 (An issue was discovered in Foxit Reader and PhantomPDF before
9.6. It ...)
+ TODO: check
+CVE-2019-20829 (An issue was discovered in Foxit Reader and PhantomPDF before
9.6. It ...)
+ TODO: check
+CVE-2019-20828 (An issue was discovered in Foxit Reader and PhantomPDF before
9.6. It ...)
+ TODO: check
+CVE-2019-20827 (An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit
Reader f ...)
+ TODO: check
+CVE-2019-20826 (An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit
Reader f ...)
+ TODO: check
+CVE-2019-20825 (An issue was discovered in Foxit PhantomPDF before 8.3.11. It
has an o ...)
+ TODO: check
+CVE-2019-20824 (An issue was discovered in Foxit PhantomPDF before 8.3.11. It
has a NU ...)
+ TODO: check
+CVE-2019-20823 (An issue was discovered in Foxit PhantomPDF before 8.3.11. It
has a bu ...)
+ TODO: check
+CVE-2019-20822 (An issue was discovered in the 3D Plugin Beta for Foxit Reader
and Pha ...)
+ TODO: check
+CVE-2019-20821 (An issue was discovered in Foxit PhantomPDF Mac before 3.4. It
has a N ...)
+ TODO: check
+CVE-2019-20820 (An issue was discovered in Foxit Reader and PhantomPDF before
9.7. It ...)
+ TODO: check
+CVE-2019-20819 (An issue was discovered in Foxit Reader and PhantomPDF before
9.7. It ...)
+ TODO: check
+CVE-2019-20818 (An issue was discovered in Foxit Reader and PhantomPDF before
9.7. It ...)
+ TODO: check
+CVE-2019-20817 (An issue was discovered in Foxit Reader and PhantomPDF before
9.7. It ...)
+ TODO: check
+CVE-2019-20816 (An issue was discovered in Foxit PhantomPDF before 8.3.12. It
has a NU ...)
+ TODO: check
+CVE-2019-20815 (An issue was discovered in Foxit PhantomPDF before 8.3.12. It
allows s ...)
+ TODO: check
+CVE-2019-20814 (An issue was discovered in Foxit PhantomPDF before 8.3.12. It
allows m ...)
+ TODO: check
+CVE-2019-20813 (An issue was discovered in Foxit PhantomPDF before 8.3.12. It
has a NU ...)
+ TODO: check
+CVE-2018-21244 (An issue was discovered in Foxit PhantomPDF before 8.3.6. It
allows ar ...)
+ TODO: check
+CVE-2018-21243 (An issue was discovered in Foxit PhantomPDF before 8.3.6. It
has COM o ...)
+ TODO: check
+CVE-2018-21242 (An issue was discovered in Foxit PhantomPDF before 8.3.6. It
allows Re ...)
+ TODO: check
+CVE-2018-21241 (An issue was discovered in Foxit PhantomPDF before 8.3.6. It
has an un ...)
+ TODO: check
+CVE-2018-21240 (An issue was discovered in Foxit Reader and PhantomPDF before
9.2. It ...)
+ TODO: check
+CVE-2018-21239 (An issue was discovered in Foxit Reader and PhantomPDF before
9.2. It ...)
+ TODO: check
+CVE-2018-21238 (An issue was discovered in Foxit PhantomPDF before 8.3.7. It
allows me ...)
+ TODO: check
+CVE-2018-21237 (An issue was discovered in Foxit PhantomPDF before 8.3.7. It
allows NT ...)
+ TODO: check
+CVE-2018-21236 (An issue was discovered in Foxit Reader before 2.4.4. It has a
NULL po ...)
+ TODO: check
+CVE-2018-21235 (An issue was discovered in Foxit E-mail advertising system
before Sept ...)
+ TODO: check
CVE-2020-XXXX [Cross-Site Scripting (XSS) vulnerability via malicious XML
messages]
- roundcube 1.4.5+dfsg.1-1 (bug #962124)
NOTE: 1.4.x:
https://github.com/roundcube/roundcubemail/commit/ccaccae6653031b809b4347a60021951e19a0e43
@@ -122,16 +178,14 @@ CVE-2020-XXXX [Cross-Site Scripting (XSS) vulnerability
in template object 'user
- roundcube 1.4.5+dfsg.1-1 (bug #962123)
NOTE: 1.4.x:
https://github.com/roundcube/roundcubemail/commit/4beec65d40c5e5b1f2bace935c110baf05e10ae5
NOTE: 1.3.x:
https://github.com/roundcube/roundcubemail/commit/37e2bc745723ef6322f0f785aefd0b9313a40f19
-CVE-2020-13800 [ati-vga: infinite recursion in ati_mm_read/write calls may
lead to DoS]
- RESERVED
+CVE-2020-13800 (ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS
users to tri ...)
- qemu <unfixed>
[buster] - qemu <not-affected> (Vulnerable code introduced later)
[stretch] - qemu <not-affected> (Vulnerable code introduced later)
[jessie] - qemu <not-affected> (Vulnerable code introduced later)
NOTE: https://www.openwall.com/lists/oss-security/2020/06/04/2
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00833.html
-CVE-2020-13791 [ati-vga: OOB access while reading PCI configuration may lead
to DoS]
- RESERVED
+CVE-2020-13791 (hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an
out-of- ...)
- qemu <unfixed>
[buster] - qemu <not-affected> (Vulnerable code introduced later)
[stretch] - qemu <not-affected> (Vulnerable code introduced later)
@@ -197,8 +251,7 @@ CVE-2020-13767
RESERVED
CVE-2020-13766
RESERVED
-CVE-2020-13765 [loader: OOB access while loading registered ROM may lead to
code execution]
- RESERVED
+CVE-2020-13765 (rom_copy() in hw/core/loader.c in QEMU 4.1.0 does not validate
the rel ...)
- qemu 1:4.2-1
NOTE: https://www.openwall.com/lists/oss-security/2020/06/03/6
NOTE:
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=e423455c4f23a1a828901c78fe6d03b7dde79319
@@ -370,8 +423,8 @@ CVE-2020-13694 (In QuickBox Community Edition through 2.5.5
and Pro Edition thro
NOT-FOR-US: QuickBox
CVE-2020-13693 (An unauthenticated privilege-escalation issue exists in the
bbPress pl ...)
NOT-FOR-US: bbPress plugin for WordPress
-CVE-2020-13692
- RESERVED
+CVE-2020-13692 (PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE.
...)
+ TODO: check
CVE-2020-13691
RESERVED
CVE-2020-13690
@@ -589,6 +642,7 @@ CVE-2020-13598
CVE-2020-13597 (Clusters using Calico (version 3.14.0 and below), Calico
Enterprise (v ...)
TODO: check
CVE-2020-13596 (An issue was discovered in Django 2.2 before 2.2.13 and 3.0
before 3.0 ...)
+ {DLA-2233-1}
- python-django 2:2.2.13-1
NOTE: https://www.openwall.com/lists/oss-security/2020/06/03/1
NOTE:
https://github.com/django/django/commit/2dd4d110c159d0c81dff42eaead2c378a0998735
(master)
@@ -1333,6 +1387,7 @@ CVE-2020-13256
CVE-2020-13255
RESERVED
CVE-2020-13254 (An issue was discovered in Django 2.2 before 2.2.13 and 3.0
before 3.0 ...)
+ {DLA-2233-1}
- python-django 2:2.2.13-1
NOTE: https://www.openwall.com/lists/oss-security/2020/06/03/1
NOTE:
https://github.com/django/django/commit/2c82414914ae6476be5a166be9ff49c24d0d9069
(master)
@@ -2238,8 +2293,8 @@ CVE-2020-12855
RESERVED
CVE-2020-12854
RESERVED
-CVE-2020-12853
- RESERVED
+CVE-2020-12853 (Pydio Cells 2.0.4 allows XSS. A malicious user can either
upload or cr ...)
+ TODO: check
CVE-2020-12852
RESERVED
CVE-2020-12851
@@ -6011,12 +6066,12 @@ CVE-2020-11683
RESERVED
CVE-2020-11682
RESERVED
-CVE-2020-11681
- RESERVED
-CVE-2020-11680
- RESERVED
-CVE-2020-11679
- RESERVED
+CVE-2020-11681 (Castel NextGen DVR v1.0.0 stores and displays credentials for
the asso ...)
+ TODO: check
+CVE-2020-11680 (Castel NextGen DVR v1.0.0 is vulnerable to authorization
bypass on all ...)
+ TODO: check
+CVE-2020-11679 (Castel NextGen DVR v1.0.0 is vulnerable to privilege
escalation throug ...)
+ TODO: check
CVE-2020-11678
RESERVED
CVE-2020-11677 (Cerner medico 26.00 has a Local Buffer Overflow (issue 3 of
3). ...)
@@ -6472,7 +6527,8 @@ CVE-2016-11053 (An issue was discovered on Samsung mobile
devices with software
NOT-FOR-US: Samsung mobile devices
CVE-2016-11052 (An issue was discovered on Samsung mobile devices with
L(5.0/5.1) soft ...)
NOT-FOR-US: Samsung mobile devices
-CVE-2016-11051 (An issue was discovered on Samsung mobile devices with J(4.2)
(Qualcom ...)
+CVE-2016-11051
+ REJECTED
NOT-FOR-US: Samsung mobile devices
CVE-2016-11050 (An issue was discovered on Samsung mobile devices with S3(KK),
Note2(K ...)
NOT-FOR-US: Samsung mobile devices
@@ -9059,8 +9115,7 @@ CVE-2020-10703 (A NULL pointer dereference was found in
the libvirt API responsi
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1790725
NOTE: Introduced by:
https://libvirt.org/git/?p=libvirt.git;a=commit;h=5d5c732d748d644ec14626bce448e84bdc4bd93e
(v3.10.0-rc1)
NOTE: Fixed by:
https://libvirt.org/git/?p=libvirt.git;a=commit;h=dfff16a7c261f8d28e3abe60a47165f845fa952f
(v6.0.0-rc1)
-CVE-2020-10702 [weak signature generation in Pointer Authentication support
for ARM]
- RESERVED
+CVE-2020-10702 (A flaw was found in QEMU in the implementation of the Pointer
Authenti ...)
- qemu 1:4.2-5
[buster] - qemu <not-affected> (Vulnerable code introduced later)
[stretch] - qemu <not-affected> (Vulnerable code introduced later)
@@ -11918,8 +11973,8 @@ CVE-2020-9464 (A Denial-of-Service vulnerability exists
in BECKHOFF Ethernet TCP
NOT-FOR-US: BECKHOFF Ethernet TCP/IP Bus Coupler BK9000
CVE-2020-9463 (Centreon 19.10 allows remote authenticated users to execute
arbitrary ...)
- centreon-web <itp> (bug #913903)
-CVE-2020-9462
- RESERVED
+CVE-2020-9462 (An issue was discovered in all Athom Homey and Homey Pro
devices up to ...)
+ TODO: check
CVE-2020-9461 (Octech Oempro 4.7 through 4.11 allow stored XSS by an
authenticated us ...)
NOT-FOR-US: Octech Oempro
CVE-2020-9460 (Octech Oempro 4.7 through 4.11 allow XSS by an authenticated
user. The ...)
@@ -12367,8 +12422,8 @@ CVE-2020-9294 (An improper authentication vulnerability
in FortiMail 5.4.10, 6.0
NOT-FOR-US: FortiMail Fortiguard
CVE-2020-9293
RESERVED
-CVE-2020-9292
- RESERVED
+CVE-2020-9292 (An unquoted service path vulnerability in the FortiSIEM Windows
Agent ...)
+ TODO: check
CVE-2020-9291 (An Insecure Temporary File vulnerability in FortiClient for
Windows 6. ...)
NOT-FOR-US: Fortiguard / FortiClient for Windows
CVE-2020-9290 (An Unsafe Search Path vulnerability in FortiClient for Windows
online ...)
@@ -16234,8 +16289,8 @@ CVE-2020-7663 (websocket-extensions ruby module prior
to 0.1.5 allows Denial of
TODO: check
CVE-2020-7662 (websocket-extensions npm module prior to 1.0.4 allows Denial of
Servic ...)
TODO: check
-CVE-2020-7661
- RESERVED
+CVE-2020-7661 (all versions of url-regex are vulnerable to Regular Expression
Denial ...)
+ TODO: check
CVE-2020-7660 (serialize-javascript prior to 3.1.0 allows remote attackers to
inject ...)
TODO: check
CVE-2020-7659 (reel through 0.6.1 allows Request Smuggling attacks due to
incorrect C ...)
@@ -18673,8 +18728,8 @@ CVE-2020-6642
RESERVED
CVE-2020-6641
RESERVED
-CVE-2020-6640
- RESERVED
+CVE-2020-6640 (An improper neutralization of input vulnerability in the Admin
Profile ...)
+ TODO: check
CVE-2020-6639
RESERVED
CVE-2020-6638 (Grin through 2.1.1 has Insufficient Validation. ...)
@@ -23914,8 +23969,8 @@ CVE-2020-4511
RESERVED
CVE-2020-4510
RESERVED
-CVE-2020-4509
- RESERVED
+CVE-2020-4509 (IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External
Entity In ...)
+ TODO: check
CVE-2020-4508
RESERVED
CVE-2020-4507
@@ -24546,12 +24601,12 @@ CVE-2020-4195 (IBM API Connect V2018.4.1.0 through
2018.4.1.10 could allow a rem
NOT-FOR-US: IBM
CVE-2020-4194
RESERVED
-CVE-2020-4193
- RESERVED
+CVE-2020-4193 (IBM Security Guardium 11.1 uses an inadequate account lockout
setting ...)
+ TODO: check
CVE-2020-4192
RESERVED
-CVE-2020-4191
- RESERVED
+CVE-2020-4191 (IBM Security Guardium 11.1 uses weaker than expected
cryptographic alg ...)
+ TODO: check
CVE-2020-4190 (IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded
credent ...)
NOT-FOR-US: IBM
CVE-2020-4189
@@ -24566,8 +24621,8 @@ CVE-2020-4185
RESERVED
CVE-2020-4184
RESERVED
-CVE-2020-4183
- RESERVED
+CVE-2020-4183 (IBM Security Guardium 11.1 is vulnerable to cross-site
scripting. This ...)
+ TODO: check
CVE-2020-4182 (IBM Security Guardium 11.1 is vulnerable to cross-site
scripting. This ...)
NOT-FOR-US: IBM
CVE-2020-4181
@@ -26179,11 +26234,11 @@ CVE-2020-3814
CVE-2020-3813
RESERVED
CVE-2020-3812 (qmail-verify as used in netqmail 1.06 is prone to an
information discl ...)
- {DSA-4692-1}
+ {DSA-4692-1 DLA-2234-1}
- netqmail 1.06-6.2 (bug #961060)
NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/8
CVE-2020-3811 (qmail-verify as used in netqmail 1.06 is prone to a
mail-address verif ...)
- {DSA-4692-1}
+ {DSA-4692-1 DLA-2234-1}
- netqmail 1.06-6.2 (bug #961060)
NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/8
CVE-2020-3810 (Missing input validation in the ar/tar implementations of APT
before v ...)
@@ -43452,10 +43507,10 @@ CVE-2019-16387 (** DISPUTED ** PEGA Platform 8.3.0 is
vulnerable to a direct prw
NOT-FOR-US: PEGA Platform
CVE-2019-16386 (** DISPUTED ** PEGA Platform 7.x and 8.x is vulnerable to
Information ...)
NOT-FOR-US: PEGA Platform
-CVE-2019-16385
- RESERVED
-CVE-2019-16384
- RESERVED
+CVE-2019-16385 (Cybele Thinfinity VirtualUI 2.5.17.2 allows HTTP response
splitting vi ...)
+ TODO: check
+CVE-2019-16384 (Cybele Thinfinity VirtualUI 2.5.17.2 allows ../ path traversal
that ca ...)
+ TODO: check
CVE-2019-16383 (MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2
before 10.2 ...)
NOT-FOR-US: Progress MOVEit Transfer
CVE-2019-16382 (An issue was discovered in Ivanti Workspace Control
10.3.110.0. One is ...)
@@ -44310,8 +44365,8 @@ CVE-2019-16152 (A Denial of service (DoS) vulnerability
in FortiClient for Linux
NOT-FOR-US: Fortiguard FortiClient
CVE-2019-16151
RESERVED
-CVE-2019-16150
- RESERVED
+CVE-2019-16150 (Use of a hard-coded cryptographic key to encrypt security
sensitive da ...)
+ TODO: check
CVE-2019-16149
RESERVED
CVE-2019-16168 (In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c
can cras ...)
@@ -417749,17 +417804,17 @@ CVE-2005-1478 (Format string vulnerability in dSMTP
(dsmtp.exe) in DMail 3.1a al
CVE-2005-1516 (DList (dlist.exe) in DMail 3.1a allows remote attackers to
bypass auth ...)
NOT-FOR-US: DMail
CVE-2005-1515 (Integer signedness error in the qmail_put and substdio_put
functions i ...)
- {DSA-4692-1}
+ {DSA-4692-1 DLA-2234-1}
- qmail 1.03-38
- netqmail 1.06-6.2
NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/8
CVE-2005-1514 (commands.c in qmail, when running on 64 bit platforms with a
large amo ...)
- {DSA-4692-1}
+ {DSA-4692-1 DLA-2234-1}
- qmail 1.03-38
- netqmail 1.06-6.2
NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/8
CVE-2005-1513 (Integer overflow in the stralloc_readyplus function in qmail,
when run ...)
- {DSA-4692-1}
+ {DSA-4692-1 DLA-2234-1}
- qmail 1.03-38
- netqmail 1.06-6.2
NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/8
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ecefd7902d1e5678690a18beac75b35f035cdf9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ecefd7902d1e5678690a18beac75b35f035cdf9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
