Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b23f2cbf by security tracker role at 2020-07-21T08:10:21+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2020-15862
+ RESERVED
+CVE-2020-15861
+ RESERVED
+CVE-2020-15860
+ RESERVED
+CVE-2020-15859
+ RESERVED
+CVE-2020-15858
+ RESERVED
CVE-2020-15857
RESERVED
CVE-2020-15856
@@ -138,7 +148,7 @@ CVE-2019-20910 (An issue was discovered in GNU LibreDWG
through 0.9.3. Crafted i
- libredwg <itp> (bug #595191)
CVE-2019-20909 (An issue was discovered in GNU LibreDWG through 0.9.3. There
is a NULL ...)
- libredwg <itp> (bug #595191)
-CVE-2020-15852 [XSA 329]
+CVE-2020-15852 (An issue was discovered in the Linux kernel 5.5 through 5.7.9,
as used ...)
- linux <unfixed>
[buster] - linux <not-affected> (Only affects 5.5 and later)
[stretch] - linux <not-affected> (Only affects 5.5 and later)
@@ -4726,8 +4736,7 @@ CVE-2020-13934 (An h2c direct connection to Apache Tomcat
10.0.0-M1 to 10.0.0-M6
NOTE:
https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399
(9.0.37)
CVE-2020-13933
RESERVED
-CVE-2020-13932
- RESERVED
+CVE-2020-13932 (In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially
crafted MQTT p ...)
NOT-FOR-US: Apache ActiveMQ Artemis
NOTE:
https://activemq.apache.org/security-advisories.data/CVE-2020-13932-announcement.txt
CVE-2020-13931
@@ -25624,14 +25633,14 @@ CVE-2020-6105
RESERVED
CVE-2020-6104
RESERVED
-CVE-2020-6103
- RESERVED
-CVE-2020-6102
- RESERVED
-CVE-2020-6101
- RESERVED
-CVE-2020-6100
- RESERVED
+CVE-2020-6103 (An exploitable code execution vulnerability exists in the
Shader funct ...)
+ TODO: check
+CVE-2020-6102 (An exploitable code execution vulnerability exists in the
Shader funct ...)
+ TODO: check
+CVE-2020-6101 (An exploitable code execution vulnerability exists in the
Shader funct ...)
+ TODO: check
+CVE-2020-6100 (An exploitable memory corruption vulnerability exists in AMD
atidxx64. ...)
+ TODO: check
CVE-2020-6099
RESERVED
CVE-2020-6098
@@ -30345,8 +30354,8 @@ CVE-2020-4127
RESERVED
CVE-2020-4126
RESERVED
-CVE-2020-4125
- RESERVED
+CVE-2020-4125 (Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a
malicious ...)
+ TODO: check
CVE-2020-4124
RESERVED
CVE-2020-4123
@@ -32894,8 +32903,8 @@ CVE-2020-3444
RESERVED
CVE-2020-3443
RESERVED
-CVE-2020-3442
- RESERVED
+CVE-2020-3442 (The DuoConnect client enables users to establish SSH
connections to ho ...)
+ TODO: check
CVE-2020-3441
RESERVED
CVE-2020-3440
@@ -37552,8 +37561,8 @@ CVE-2020-1778
RESERVED
CVE-2020-1777
RESERVED
-CVE-2020-1776
- RESERVED
+CVE-2020-1776 (When an agent user is renamed or set to invalid the session
belonging ...)
+ TODO: check
CVE-2020-1775 (BCC recipients in mails sent from OTRS are visible in article
detail o ...)
TODO: check
CVE-2020-1774 (When user downloads PGP or S/MIME keys/certificates, exported
file has ...)
@@ -54164,6 +54173,7 @@ CVE-2019-14869 (A flaw was found in all versions of
ghostscript 9.x before 9.50,
NOTE: from
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=7ecbfda92b4c8dbf6f6c2bf8fc82020a29219eff
NOTE: which changed the access to file permissions.
CVE-2019-14868 (In ksh version 20120801, a flaw was found in the way it
evaluates cert ...)
+ {DLA-2284-1}
- ksh 2020.0.0-2.1 (bug #948989)
[buster] - ksh <no-dsa> (Minor issue)
[jessie] - ksh <ignored> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b23f2cbf95c24f029202ad81dc24ffa65e87f681
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b23f2cbf95c24f029202ad81dc24ffa65e87f681
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
