Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2b72176d by security tracker role at 2020-07-05T20:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,21 @@
+CVE-2020-15540 (We-com OpenData CMS 2.0 allows SQL Injection via the username
field on ...)
+ TODO: check
+CVE-2020-15539 (SQL injection can occur in We-com Municipality portal CMS
2.1.x via th ...)
+ TODO: check
+CVE-2020-15538 (XSS can occur in We-com Municipality portal CMS 2.1.x via the
cerca/ s ...)
+ TODO: check
+CVE-2020-15537 (An issue was discovered in the Vanguard plugin 2.1 for
WordPress. XSS ...)
+ TODO: check
+CVE-2020-15536 (An issue was discovered in the bestsoftinc Hotel Booking
System Pro pl ...)
+ TODO: check
+CVE-2020-15535 (An issue was discovered in the bestsoftinc Car Rental System
plugin th ...)
+ TODO: check
+CVE-2020-15534
+ RESERVED
+CVE-2020-15533
+ RESERVED
+CVE-2019-20895
+ RESERVED
CVE-2020-15532
RESERVED
CVE-2020-15531
@@ -145,8 +163,8 @@ CVE-2020-15468 (Persian VIP Download Script 1.0 allows SQL
Injection via the car
NOT-FOR-US: Persian VIP Download Script
CVE-2020-15467
RESERVED
-CVE-2020-15466
- RESERVED
+CVE-2020-15466 (In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into
an infin ...)
+ TODO: check
CVE-2020-15465
RESERVED
CVE-2020-15464
@@ -7524,7 +7542,7 @@ CVE-2020-12422
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/#CVE-2020-12422
CVE-2020-12421
RESERVED
- {DSA-4713-1}
+ {DSA-4718-1 DSA-4713-1}
- firefox 78.0-1
- firefox-esr 68.10.0esr-1
- thunderbird 1:68.10.0-1
@@ -7533,7 +7551,7 @@ CVE-2020-12421
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-26/#CVE-2020-12421
CVE-2020-12420
RESERVED
- {DSA-4713-1}
+ {DSA-4718-1 DSA-4713-1}
- firefox 78.0-1
- firefox-esr 68.10.0esr-1
- thunderbird 1:68.10.0-1
@@ -7542,7 +7560,7 @@ CVE-2020-12420
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-26/#CVE-2020-12420
CVE-2020-12419
RESERVED
- {DSA-4713-1}
+ {DSA-4718-1 DSA-4713-1}
- firefox 78.0-1
- firefox-esr 68.10.0esr-1
- thunderbird 1:68.10.0-1
@@ -7551,7 +7569,7 @@ CVE-2020-12419
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-26/#CVE-2020-12419
CVE-2020-12418
RESERVED
- {DSA-4713-1}
+ {DSA-4718-1 DSA-4713-1}
- firefox 78.0-1
- firefox-esr 68.10.0esr-1
- thunderbird 1:68.10.0-1
@@ -7560,7 +7578,7 @@ CVE-2020-12418
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-26/#CVE-2020-12418
CVE-2020-12417
RESERVED
- {DSA-4713-1}
+ {DSA-4718-1 DSA-4713-1}
- firefox 78.0-1
- firefox-esr 68.10.0esr-1
- thunderbird 1:68.10.0-1
@@ -22031,7 +22049,7 @@ CVE-2020-7069
CVE-2020-7068
RESERVED
CVE-2020-7067 (In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and
7.4.x below ...)
- {DLA-2188-1}
+ {DSA-4717-1 DLA-2188-1}
- php7.4 7.4.5-1 (unimportant)
- php7.3 <removed> (unimportant)
- php7.0 <removed> (unimportant)
@@ -22041,7 +22059,7 @@ CVE-2020-7067 (In PHP versions 7.2.x below 7.2.30,
7.3.x below 7.3.17 and 7.4.x
NOTE:
http://git.php.net/?p=php-src.git;a=commit;h=9d6bf8221b05f86ce5875832f0f646c4c1f218be
NOTE: This only affects builds which enable EDBDIC
CVE-2020-7066 (In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and
7.4.x below ...)
- {DLA-2188-1}
+ {DSA-4717-1 DLA-2188-1}
- php7.4 7.4.5-1
- php7.3 <removed>
- php7.0 <removed>
@@ -22058,7 +22076,7 @@ CVE-2020-7065 (In PHP versions 7.3.x below 7.3.16 and
7.4.x below 7.4.34, while
NOTE: PHP Bug: https://bugs.php.net/79371
NOTE:
http://git.php.net/?p=php-src.git;a=commit;h=1fdffd1c55d771ca22ae217784ab75fce592ad38
CVE-2020-7064 (In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x
below ...)
- {DLA-2188-1}
+ {DSA-4717-1 DLA-2188-1}
- php7.4 7.4.5-1
- php7.3 <removed>
- php7.0 <removed>
@@ -22067,7 +22085,7 @@ CVE-2020-7064 (In PHP versions 7.2.x below 7.2.9, 7.3.x
below 7.3.16 and 7.4.x b
NOTE: PHP Bug: https://bugs.php.net/79282
NOTE:
http://git.php.net/?p=php-src.git;a=commit;h=25238bdf6005b85ab844aa2b743b589dfce9f0d2
CVE-2020-7063 (In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and
7.4.x below ...)
- {DLA-2160-1}
+ {DSA-4717-1 DLA-2160-1}
- php7.4 7.4.3-1
- php7.3 7.3.15-1
[buster] - php7.3 <postponed> (Minor issue, can be fixed along in a
future DSA)
@@ -22076,7 +22094,7 @@ CVE-2020-7063 (In PHP versions 7.2.x below 7.2.28,
7.3.x below 7.3.15 and 7.4.x
NOTE: Fixed in PHP 7.4.3, 7.3.15, 7.2.28
NOTE: PHP Bug: http://bugs.php.net/79082
CVE-2020-7062 (In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and
7.4.x below ...)
- {DLA-2160-1}
+ {DSA-4717-1 DLA-2160-1}
- php7.4 7.4.3-1
- php7.3 7.3.15-1
[buster] - php7.3 <postponed> (Minor issue, can be fixed along in a
future DSA)
@@ -65478,7 +65496,7 @@ CVE-2019-11049 (In PHP versions 7.3.x below 7.3.13 and
7.4.0 on Windows, when su
NOTE: Fixed in PHP 7.4.1, 7.3.13
NOTE: PHP Bug: http://bugs.php.net/78943
CVE-2019-11048 (In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and
7.4.x below ...)
- {DLA-2261-1}
+ {DSA-4717-1 DLA-2261-1}
- php7.4 <unfixed>
- php7.3 <removed>
- php7.0 <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b72176dba35cec98925b98020aaa8d78a9a1830
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b72176dba35cec98925b98020aaa8d78a9a1830
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
