[Git][security-tracker-team/security-tracker][master] automatic update

Sat, 06 Jun 2020 13:11:19 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f16f6a15 by security tracker role at 2020-06-06T20:10:22+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,34 @@
-CVE-2020-13871 [use-after-free in resetAccumulator]
+CVE-2020-13886
+       RESERVED
+CVE-2020-13885
+       RESERVED
+CVE-2020-13884
+       RESERVED
+CVE-2020-13883 (In WSO2 API Manager 3.0.0 and earlier, WSO2 API Microgateway 
2.2.0, an ...)
+       TODO: check
+CVE-2020-13882
+       RESERVED
+CVE-2020-13881 (In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ 
shared se ...)
+       TODO: check
+CVE-2020-13880
+       RESERVED
+CVE-2020-13879
+       RESERVED
+CVE-2020-13878
+       RESERVED
+CVE-2020-13877
+       RESERVED
+CVE-2020-13876
+       RESERVED
+CVE-2020-13875
+       RESERVED
+CVE-2020-13874
+       RESERVED
+CVE-2020-13873
+       RESERVED
+CVE-2020-13872
+       RESERVED
+CVE-2020-13871 (SQLite 3.32.2 has a use-after-free in resetAccumulator in 
select.c bec ...)
        - sqlite3 3.32.2-2
        NOTE: Fixed by: https://www.sqlite.org/src/info/79eff1d0383179c4
        NOTE: https://www.sqlite.org/src/info/c8d3b9f0a750a529
@@ -293,6 +323,7 @@ CVE-2020-13779
 CVE-2020-13778
        RESERVED
 CVE-2020-13777 (GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for 
encrypting  ...)
+       {DSA-4697-1}
        - gnutls28 3.6.14-1 (bug #962289)
        [stretch] - gnutls28 <not-affected> (Vulnerable code introduced in 
3.6.4)
        [jessie] - gnutls28 <not-affected> (Vulnerable code introduced in 3.6.4)
@@ -7834,6 +7865,7 @@ CVE-2020-11082 (In Kaminari before 1.2.1, there is a 
vulnerability that would al
 CVE-2020-11081
        RESERVED
 CVE-2020-11080 (In nghttp2 before version 1.41.0, the overly large HTTP/2 
SETTINGS fra ...)
+       {DSA-4696-1}
        - nodejs 10.21.0~dfsg-1 (bug #962145)
        [stretch] - nodejs <ignored> (Nodejs in stretch not covered by security 
support)
        [jessie] - nodejs <end-of-life> (Nodejs in jessie not covered by 
security support)
@@ -15083,6 +15115,7 @@ CVE-2020-8175
        RESERVED
 CVE-2020-8174 [napi_get_value_string_*() allows various kinds of memory 
corruption]
        RESERVED
+       {DSA-4696-1}
        - nodejs 10.21.0~dfsg-1 (bug #962145)
        [stretch] - nodejs <ignored> (Nodejs in stretch not covered by security 
support)
        [jessie] - nodejs <end-of-life> (Nodejs in jessie not covered by 
security support)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f16f6a1529d41bae87c401bfb615f2f55c16e78c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f16f6a1529d41bae87c401bfb615f2f55c16e78c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to