[Git][security-tracker-team/security-tracker][master] automatic update

Sun, 07 Jun 2020 13:11:13 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9b8c95a2 by security tracker role at 2020-06-07T20:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2020-13908
+       RESERVED
+CVE-2020-13907
+       RESERVED
+CVE-2020-13906
+       RESERVED
+CVE-2020-13905
+       RESERVED
+CVE-2020-13904 (FFmpeg 4.2.3 has a use-after-free via a crafted EXTINF 
duration in an  ...)
+       TODO: check
+CVE-2020-13903
+       RESERVED
+CVE-2020-13902 (ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer 
over-re ...)
+       TODO: check
 CVE-2020-13901
        RESERVED
 CVE-2020-13900
@@ -2903,6 +2917,7 @@ CVE-2020-12689 (An issue was discovered in OpenStack 
Keystone before 15.0.1, and
        NOTE: https://bugs.launchpad.net/keystone/+bug/1872735
        NOTE: https://www.openwall.com/lists/oss-security/2020/05/06/5
 CVE-2020-12672 (GraphicsMagick through 1.3.35 has a heap-based buffer overflow 
in Read ...)
+       {DLA-2236-1}
        - graphicsmagick 1.4+really1.3.35-2 (bug #960000)
        [buster] - graphicsmagick <postponed> (Minor issue; can be fixed along 
in future DSA)
        [stretch] - graphicsmagick <postponed> (Minor issue; can be fixed along 
in future DSA)
@@ -26135,6 +26150,7 @@ CVE-2020-3899 (A memory consumption issue was addressed 
with improved memory han
        NOTE: https://webkitgtk.org/security/WSA-2020-0005.html
 CVE-2020-3898 [heap based buffer overflow in libcups's ppdFindOption() in 
ppd-mark.c]
        RESERVED
+       {DLA-2237-1}
        - cups 2.3.1-12
        [buster] - cups 2.2.10-6+deb10u3
        [stretch] - cups <no-dsa> (Minor issue)
@@ -68459,6 +68475,7 @@ CVE-2019-8843
        RESERVED
 CVE-2019-8842 [he `ippReadIO` function may under-read an extension field]
        RESERVED
+       {DLA-2237-1}
        - cups 2.3.1-12
        [buster] - cups 2.2.10-6+deb10u3
        [stretch] - cups <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b8c95a2048519d7e4a27a8f197b175d4e7e28d7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b8c95a2048519d7e4a27a8f197b175d4e7e28d7
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to