Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
452d074d by security tracker role at 2020-06-25T20:18:26+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,519 @@
+CVE-2020-15301
+ RESERVED
+CVE-2020-15300
+ RESERVED
+CVE-2020-15299
+ RESERVED
+CVE-2020-15298
+ RESERVED
+CVE-2020-15297
+ RESERVED
+CVE-2020-15296
+ RESERVED
+CVE-2020-15295
+ RESERVED
+CVE-2020-15294
+ RESERVED
+CVE-2020-15293
+ RESERVED
+CVE-2020-15292
+ RESERVED
+CVE-2020-15291
+ RESERVED
+CVE-2020-15290
+ RESERVED
+CVE-2020-15289
+ RESERVED
+CVE-2020-15288
+ RESERVED
+CVE-2020-15287
+ RESERVED
+CVE-2020-15286
+ RESERVED
+CVE-2020-15285
+ RESERVED
+CVE-2020-15284
+ RESERVED
+CVE-2020-15283
+ RESERVED
+CVE-2020-15282
+ RESERVED
+CVE-2020-15281
+ RESERVED
+CVE-2020-15280
+ RESERVED
+CVE-2020-15279
+ RESERVED
+CVE-2020-15278
+ RESERVED
+CVE-2020-15277
+ RESERVED
+CVE-2020-15276
+ RESERVED
+CVE-2020-15275
+ RESERVED
+CVE-2020-15274
+ RESERVED
+CVE-2020-15273
+ RESERVED
+CVE-2020-15272
+ RESERVED
+CVE-2020-15271
+ RESERVED
+CVE-2020-15270
+ RESERVED
+CVE-2020-15269
+ RESERVED
+CVE-2020-15268
+ RESERVED
+CVE-2020-15267
+ RESERVED
+CVE-2020-15266
+ RESERVED
+CVE-2020-15265
+ RESERVED
+CVE-2020-15264
+ RESERVED
+CVE-2020-15263
+ RESERVED
+CVE-2020-15262
+ RESERVED
+CVE-2020-15261
+ RESERVED
+CVE-2020-15260
+ RESERVED
+CVE-2020-15259
+ RESERVED
+CVE-2020-15258
+ RESERVED
+CVE-2020-15257
+ RESERVED
+CVE-2020-15256
+ RESERVED
+CVE-2020-15255
+ RESERVED
+CVE-2020-15254
+ RESERVED
+CVE-2020-15253
+ RESERVED
+CVE-2020-15252
+ RESERVED
+CVE-2020-15251
+ RESERVED
+CVE-2020-15250
+ RESERVED
+CVE-2020-15249
+ RESERVED
+CVE-2020-15248
+ RESERVED
+CVE-2020-15247
+ RESERVED
+CVE-2020-15246
+ RESERVED
+CVE-2020-15245
+ RESERVED
+CVE-2020-15244
+ RESERVED
+CVE-2020-15243
+ RESERVED
+CVE-2020-15242
+ RESERVED
+CVE-2020-15241
+ RESERVED
+CVE-2020-15240
+ RESERVED
+CVE-2020-15239
+ RESERVED
+CVE-2020-15238
+ RESERVED
+CVE-2020-15237
+ RESERVED
+CVE-2020-15236
+ RESERVED
+CVE-2020-15235
+ RESERVED
+CVE-2020-15234
+ RESERVED
+CVE-2020-15233
+ RESERVED
+CVE-2020-15232
+ RESERVED
+CVE-2020-15231
+ RESERVED
+CVE-2020-15230
+ RESERVED
+CVE-2020-15229
+ RESERVED
+CVE-2020-15228
+ RESERVED
+CVE-2020-15227
+ RESERVED
+CVE-2020-15226
+ RESERVED
+CVE-2020-15225
+ RESERVED
+CVE-2020-15224
+ RESERVED
+CVE-2020-15223
+ RESERVED
+CVE-2020-15222
+ RESERVED
+CVE-2020-15221
+ RESERVED
+CVE-2020-15220
+ RESERVED
+CVE-2020-15219
+ RESERVED
+CVE-2020-15218
+ RESERVED
+CVE-2020-15217
+ RESERVED
+CVE-2020-15216
+ RESERVED
+CVE-2020-15215
+ RESERVED
+CVE-2020-15214
+ RESERVED
+CVE-2020-15213
+ RESERVED
+CVE-2020-15212
+ RESERVED
+CVE-2020-15211
+ RESERVED
+CVE-2020-15210
+ RESERVED
+CVE-2020-15209
+ RESERVED
+CVE-2020-15208
+ RESERVED
+CVE-2020-15207
+ RESERVED
+CVE-2020-15206
+ RESERVED
+CVE-2020-15205
+ RESERVED
+CVE-2020-15204
+ RESERVED
+CVE-2020-15203
+ RESERVED
+CVE-2020-15202
+ RESERVED
+CVE-2020-15201
+ RESERVED
+CVE-2020-15200
+ RESERVED
+CVE-2020-15199
+ RESERVED
+CVE-2020-15198
+ RESERVED
+CVE-2020-15197
+ RESERVED
+CVE-2020-15196
+ RESERVED
+CVE-2020-15195
+ RESERVED
+CVE-2020-15194
+ RESERVED
+CVE-2020-15193
+ RESERVED
+CVE-2020-15192
+ RESERVED
+CVE-2020-15191
+ RESERVED
+CVE-2020-15190
+ RESERVED
+CVE-2020-15189
+ RESERVED
+CVE-2020-15188
+ RESERVED
+CVE-2020-15187
+ RESERVED
+CVE-2020-15186
+ RESERVED
+CVE-2020-15185
+ RESERVED
+CVE-2020-15184
+ RESERVED
+CVE-2020-15183
+ RESERVED
+CVE-2020-15182
+ RESERVED
+CVE-2020-15181
+ RESERVED
+CVE-2020-15180
+ RESERVED
+CVE-2020-15179
+ RESERVED
+CVE-2020-15178
+ RESERVED
+CVE-2020-15177
+ RESERVED
+CVE-2020-15176
+ RESERVED
+CVE-2020-15175
+ RESERVED
+CVE-2020-15174
+ RESERVED
+CVE-2020-15173
+ RESERVED
+CVE-2020-15172
+ RESERVED
+CVE-2020-15171
+ RESERVED
+CVE-2020-15170
+ RESERVED
+CVE-2020-15169
+ RESERVED
+CVE-2020-15168
+ RESERVED
+CVE-2020-15167
+ RESERVED
+CVE-2020-15166
+ RESERVED
+CVE-2020-15165
+ RESERVED
+CVE-2020-15164
+ RESERVED
+CVE-2020-15163
+ RESERVED
+CVE-2020-15162
+ RESERVED
+CVE-2020-15161
+ RESERVED
+CVE-2020-15160
+ RESERVED
+CVE-2020-15159
+ RESERVED
+CVE-2020-15158
+ RESERVED
+CVE-2020-15157
+ RESERVED
+CVE-2020-15156
+ RESERVED
+CVE-2020-15155
+ RESERVED
+CVE-2020-15154
+ RESERVED
+CVE-2020-15153
+ RESERVED
+CVE-2020-15152
+ RESERVED
+CVE-2020-15151
+ RESERVED
+CVE-2020-15150
+ RESERVED
+CVE-2020-15149
+ RESERVED
+CVE-2020-15148
+ RESERVED
+CVE-2020-15147
+ RESERVED
+CVE-2020-15146
+ RESERVED
+CVE-2020-15145
+ RESERVED
+CVE-2020-15144
+ RESERVED
+CVE-2020-15143
+ RESERVED
+CVE-2020-15142
+ RESERVED
+CVE-2020-15141
+ RESERVED
+CVE-2020-15140
+ RESERVED
+CVE-2020-15139
+ RESERVED
+CVE-2020-15138
+ RESERVED
+CVE-2020-15137
+ RESERVED
+CVE-2020-15136
+ RESERVED
+CVE-2020-15135
+ RESERVED
+CVE-2020-15134
+ RESERVED
+CVE-2020-15133
+ RESERVED
+CVE-2020-15132
+ RESERVED
+CVE-2020-15131
+ RESERVED
+CVE-2020-15130
+ RESERVED
+CVE-2020-15129
+ RESERVED
+CVE-2020-15128
+ RESERVED
+CVE-2020-15127
+ RESERVED
+CVE-2020-15126
+ RESERVED
+CVE-2020-15125
+ RESERVED
+CVE-2020-15124
+ RESERVED
+CVE-2020-15123
+ RESERVED
+CVE-2020-15122
+ RESERVED
+CVE-2020-15121
+ RESERVED
+CVE-2020-15120
+ RESERVED
+CVE-2020-15119
+ RESERVED
+CVE-2020-15118
+ RESERVED
+CVE-2020-15117
+ RESERVED
+CVE-2020-15116
+ RESERVED
+CVE-2020-15115
+ RESERVED
+CVE-2020-15114
+ RESERVED
+CVE-2020-15113
+ RESERVED
+CVE-2020-15112
+ RESERVED
+CVE-2020-15111
+ RESERVED
+CVE-2020-15110
+ RESERVED
+CVE-2020-15109
+ RESERVED
+CVE-2020-15108
+ RESERVED
+CVE-2020-15107
+ RESERVED
+CVE-2020-15106
+ RESERVED
+CVE-2020-15105
+ RESERVED
+CVE-2020-15104
+ RESERVED
+CVE-2020-15103
+ RESERVED
+CVE-2020-15102
+ RESERVED
+CVE-2020-15101
+ RESERVED
+CVE-2020-15100
+ RESERVED
+CVE-2020-15099
+ RESERVED
+CVE-2020-15098
+ RESERVED
+CVE-2020-15097
+ RESERVED
+CVE-2020-15096
+ RESERVED
+CVE-2020-15095
+ RESERVED
+CVE-2020-15094
+ RESERVED
+CVE-2020-15093
+ RESERVED
+CVE-2020-15092
+ RESERVED
+CVE-2020-15091
+ RESERVED
+CVE-2020-15090
+ RESERVED
+CVE-2020-15089
+ RESERVED
+CVE-2020-15088
+ RESERVED
+CVE-2020-15087
+ RESERVED
+CVE-2020-15086
+ RESERVED
+CVE-2020-15085
+ RESERVED
+CVE-2020-15084
+ RESERVED
+CVE-2020-15083
+ RESERVED
+CVE-2020-15082
+ RESERVED
+CVE-2020-15081
+ RESERVED
+CVE-2020-15080
+ RESERVED
+CVE-2020-15079
+ RESERVED
+CVE-2020-15078
+ RESERVED
+CVE-2020-15077
+ RESERVED
+CVE-2020-15076
+ RESERVED
+CVE-2020-15075
+ RESERVED
+CVE-2020-15074
+ RESERVED
+CVE-2020-15073
+ RESERVED
+CVE-2020-15072
+ RESERVED
+CVE-2020-15071
+ RESERVED
+CVE-2020-15070
+ RESERVED
+CVE-2020-15069
+ RESERVED
+CVE-2020-15068
+ RESERVED
+CVE-2020-15067
+ RESERVED
+CVE-2020-15066
+ RESERVED
+CVE-2020-15065
+ RESERVED
+CVE-2020-15064
+ RESERVED
+CVE-2020-15063
+ RESERVED
+CVE-2020-15062
+ RESERVED
+CVE-2020-15061
+ RESERVED
+CVE-2020-15060
+ RESERVED
+CVE-2020-15059
+ RESERVED
+CVE-2020-15058
+ RESERVED
+CVE-2020-15057
+ RESERVED
+CVE-2020-15056
+ RESERVED
+CVE-2020-15055
+ RESERVED
+CVE-2020-15054
+ RESERVED
+CVE-2020-15053
+ RESERVED
+CVE-2020-15052
+ RESERVED
+CVE-2020-15051
+ RESERVED
+CVE-2020-15050
+ RESERVED
+CVE-2020-15049
+ RESERVED
+CVE-2020-15048
+ RESERVED
+CVE-2020-15047 (MSA/SMTP.cpp in Trojita before 0.8 ignores
certificate-verification er ...)
+ TODO: check
+CVE-2018-21268 (The traceroute (aka node-traceroute) package through 1.0.0 for
Node.js ...)
+ TODO: check
+CVE-2018-21267
+ RESERVED
+CVE-2018-21266
+ RESERVED
CVE-2020-15046 (The web interface on Supermicro X10DRH-iT motherboards with
BIOS 2.0a ...)
NOT-FOR-US: Supermicro
CVE-2020-15045
@@ -262,7 +778,7 @@ CVE-2020-14931 (A stack-based buffer overflow in DMitry
(Deepmagic Information G
NOT-FOR-US: DMitry
CVE-2020-14930 (An issue was discovered in BT CTROMS Terminal OS Port Portal
CT-464. A ...)
NOT-FOR-US: BT CTROMS Terminal OS Port Portal CT-464
-CVE-2019-20892
+CVE-2019-20892 (net-snmp before 5.8.1.pre1 has a double free in
usm_free_usmStateRefer ...)
- net-snmp <unfixed>
NOTE: Introduced by:
https://github.com/net-snmp/net-snmp/commit/adc9b71aba9168ec64149345ea37a1acc11875c6
NOTE: https://www.openwall.com/lists/oss-security/2020/06/25/4
@@ -2199,7 +2715,8 @@ CVE-2020-14152 (In IJG JPEG (aka libjpeg) before 9d,
jpeg_mem_available() in jme
- libjpeg-turbo <unfixed> (low)
[jessie] - libjpeg-turbo <no-dsa> (Minor issue)
TODO: report to libjpeg-turbo upstream
-CVE-2020-14151 (In IJG JPEG (aka libjpeg) before 9d, read_*_pixel() in
rdtarga.c in cj ...)
+CVE-2020-14151
+ REJECTED
NOTE: Duplicate of CVE-2018-11813, should be rejected
CVE-2020-14150 (GNU Bison before 3.5.4 allows attackers to cause a denial of
service ( ...)
- bison 2:3.6.1+dfsg-1
@@ -8995,8 +9512,8 @@ CVE-2020-11738 (The Snap Creek Duplicator plugin before
1.3.28 for WordPress (an
NOT-FOR-US: Snap Creek Duplicator plugin for WordPress
CVE-2020-11737 (A cross-site scripting (XSS) vulnerability in Web Client in
Zimbra 9.0 ...)
NOT-FOR-US: Zimbra
-CVE-2020-11735
- RESERVED
+CVE-2020-11735 (The private-key operations in ecc.c in wolfSSL before 4.4.0 do
not use ...)
+ TODO: check
CVE-2020-11736 (fr-archive-libarchive.c in GNOME file-roller through 3.36.1
allows Dir ...)
{DLA-2180-1}
- file-roller 3.36.2-1 (bug #956638)
@@ -9791,8 +10308,8 @@ CVE-2020-11540
RESERVED
CVE-2020-11539 (An issue was discovered on Tata Sonata Smart SF Rush 1.12
devices. It ...)
NOT-FOR-US: Tata Sonata Smart SF Rush 1.12 devices
-CVE-2020-11538
- RESERVED
+CVE-2020-11538 (In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number
of out- ...)
+ TODO: check
CVE-2020-11537 (A SQL Injection issue was discovered in ONLYOFFICE Document
Server 5.5 ...)
NOT-FOR-US: ONLYOFFICE Document Server
CVE-2020-11536 (An issue was discovered in ONLYOFFICE Document Server 5.5.0.
An attack ...)
@@ -11189,8 +11706,8 @@ CVE-2020-10995 (PowerDNS Recursor from 4.1.0 up to and
including 4.3.0 does not
[stretch] - pdns-recursor <end-of-life> (No longer supported, see DSA
4691)
NOTE:
https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-01.html
NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/3
-CVE-2020-10994
- RESERVED
+CVE-2020-10994 (In libImaging/Jpeg2KDecode.c in Pillow before 7.0.0, there are
multipl ...)
+ TODO: check
CVE-2020-10993 (Osmand through 2.0.0 allow XXE because of
binary/BinaryMapIndexReader. ...)
NOT-FOR-US: Osmand
CVE-2020-10992 (Azkaban through 3.84.0 allows XXE, related to
validator/XmlValidatorMa ...)
@@ -13085,10 +13602,10 @@ CVE-2020-10380 (RMySQL through 0.10.19 allows SQL
Injection. ...)
[jessie] - rmysql <no-dsa> (Minor issue)
NOTE: Fixed by:
https://github.com/r-dbi/RMySQL/commit/c2467c466684b4733a7b0df4689987e1f9dcfc32
NOTE: Test:
https://github.com/r-dbi/RMySQL/commit/6137ce887c1e36b278f11656a9a9fc1cae6a5f40
-CVE-2020-10379
- RESERVED
-CVE-2020-10378
- RESERVED
+CVE-2020-10379 (In Pillow before 6.2.3 and 7.x before 7.0.1, there are two
Buffer Over ...)
+ TODO: check
+CVE-2020-10378 (In libImaging/PcxDecode.c in Pillow before 6.2.3 and 7.x
before 7.0.1, ...)
+ TODO: check
CVE-2020-10377 (A weak encryption vulnerability in Mitel MiVoice Connect
Client before ...)
NOT-FOR-US: Mitel
CVE-2020-10376 (Technicolor TC7337NET 08.89.17.23.03 devices allow remote
attackers to ...)
@@ -13550,8 +14067,8 @@ CVE-2020-10179
RESERVED
CVE-2020-10178
REJECTED
-CVE-2020-10177
- RESERVED
+CVE-2020-10177 (Pillow before 6.2.3 and 7.x before 7.0.1 has multiple
out-of-bounds re ...)
+ TODO: check
CVE-2020-10176 (ASSA ABLOY Yale WIPC-301W 2.x.2.29 through 2.x.2.43_p1 devices
allow E ...)
NOT-FOR-US: ASSA ABLOY Yale WIPC-301W
CVE-2020-10175
@@ -20150,10 +20667,10 @@ CVE-2020-7357
RESERVED
CVE-2020-7356
RESERVED
-CVE-2020-7355
- RESERVED
-CVE-2020-7354
- RESERVED
+CVE-2020-7355 (Cross-site Scripting (XSS) vulnerability in the 'notes' field
of a dis ...)
+ TODO: check
+CVE-2020-7354 (Cross-site Scripting (XSS) vulnerability in the 'host' field of
a disc ...)
+ TODO: check
CVE-2020-7353
RESERVED
CVE-2020-7352
@@ -28289,24 +28806,24 @@ CVE-2020-3973
RESERVED
CVE-2020-3972 (VMware Tools for macOS (11.x.x and prior before 11.1.1)
contains a den ...)
NOT-FOR-US: VMware
-CVE-2020-3971
- RESERVED
-CVE-2020-3970
- RESERVED
+CVE-2020-3971 (VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before
ESXi650-20 ...)
+ TODO: check
+CVE-2020-3970 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before
ESXi670-2 ...)
+ TODO: check
CVE-2020-3969 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before
ESXi670-2 ...)
NOT-FOR-US: VMware
-CVE-2020-3968
- RESERVED
-CVE-2020-3967
- RESERVED
-CVE-2020-3966
- RESERVED
-CVE-2020-3965
- RESERVED
-CVE-2020-3964
- RESERVED
-CVE-2020-3963
- RESERVED
+CVE-2020-3968 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before
ESXi670-2 ...)
+ TODO: check
+CVE-2020-3967 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before
ESXi670-2 ...)
+ TODO: check
+CVE-2020-3966 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before
ESXi670-2 ...)
+ TODO: check
+CVE-2020-3965 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before
ESXi670-2 ...)
+ TODO: check
+CVE-2020-3964 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before
ESXi670-2 ...)
+ TODO: check
+CVE-2020-3963 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before
ESXi670-2 ...)
+ TODO: check
CVE-2020-3962 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before
ESXi670-2 ...)
NOT-FOR-US: VMware
CVE-2020-3961 (VMware Horizon Client for Windows (prior to 5.4.3) contains a
privileg ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/452d074d77f78ab31dee42e343fe5bb32aa1a392
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/452d074d77f78ab31dee42e343fe5bb32aa1a392
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
