[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Fri, 24 Jul 2020 13:11:29 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6ba2ab17 by security tracker role at 2020-07-24T20:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
-CVE-2020-15932
-       RESERVED
+CVE-2020-15932 (Overwolf before 0.149.2.30 mishandles Symbolic Links during 
updates, c ...)
+       TODO: check
 CVE-2020-15931
        RESERVED
 CVE-2020-15930
@@ -150,8 +150,8 @@ CVE-2020-15862
        RESERVED
 CVE-2020-15861
        RESERVED
-CVE-2020-15860
-       RESERVED
+CVE-2020-15860 (Parallels Remote Application Server (RAS) 17.1.1 has a 
Business Logic  ...)
+       TODO: check
 CVE-2020-15859 (QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c 
because a gues ...)
        - qemu <unfixed> (bug #965978)
        NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2020-07/msg05895.html
@@ -350,8 +350,8 @@ CVE-2020-15780 (An issue was discovered in 
drivers/acpi/acpi_configfs.c in the L
        - linux <unfixed>
        NOTE: https://www.openwall.com/lists/oss-security/2020/06/15/3
        NOTE: Fixed by: 
https://git.kernel.org/linus/75b0cea7bf307f362057cc778efe89af4c615354
-CVE-2020-15778
-       RESERVED
+CVE-2020-15778 (scp in OpenSSH through 8.3p1 allows command injection in scp.c 
remote  ...)
+       TODO: check
 CVE-2020-15777
        RESERVED
 CVE-2020-15776
@@ -1986,6 +1986,7 @@ CVE-2020-15051 (An issue was discovered in Artica Proxy 
before 4.30.000000. Stor
 CVE-2020-15050 (An issue was discovered in the Video Extension in Suprema 
BioStar 2 be ...)
        NOT-FOR-US: Suprema BioStar
 CVE-2020-15049 (An issue was discovered in http/ContentLengthInterpreter.cc in 
Squid b ...)
+       {DSA-4732-1}
        - squid 4.12-1
        - squid3 <removed>
        NOTE: 
https://github.com/squid-cache/squid/security/advisories/GHSA-qf3v-rc95-96j5
@@ -3940,8 +3941,7 @@ CVE-2020-14309
        RESERVED
 CVE-2020-14308
        RESERVED
-CVE-2020-14307
-       RESERVED
+CVE-2020-14307 (A vulnerability was found in Wildfly's Enterprise Java Beans 
(EJB) ver ...)
        - wildfly <itp> (bug #752018)
 CVE-2020-14306
        RESERVED
@@ -3970,8 +3970,8 @@ CVE-2020-14299
        RESERVED
 CVE-2020-14298 (The version of docker as released for Red Hat Enterprise Linux 
7 Extra ...)
        - docker.io <not-affected> (Red Hat specific regression)
-CVE-2020-14297
-       RESERVED
+CVE-2020-14297 (A flaw was discovered in Wildfly's EJB Client as shipped with 
Red Hat  ...)
+       TODO: check
 CVE-2020-14296
        RESERVED
 CVE-2020-14295 (A SQL injection issue in color.php in Cacti 1.2.12 allows an 
admin to  ...)
@@ -5410,7 +5410,7 @@ CVE-2020-13767
 CVE-2020-13766
        RESERVED
 CVE-2020-13765 (rom_copy() in hw/core/loader.c in QEMU 4.1.0 does not validate 
the rel ...)
-       {DLA-2262-1}
+       {DSA-4728-1 DLA-2262-1}
        - qemu 1:4.2-1
        NOTE: https://www.openwall.com/lists/oss-security/2020/06/03/6
        NOTE: 
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=e423455c4f23a1a828901c78fe6d03b7dde79319
@@ -19575,7 +19575,7 @@ CVE-2020-8610
 CVE-2020-8609
        RESERVED
 CVE-2020-8608 (In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses 
snprintf  ...)
-       {DLA-2144-1 DLA-2142-1}
+       {DSA-4733-1 DLA-2144-1 DLA-2142-1}
        - libslirp 4.2.0-1
        - qemu 1:4.1-2
        [stretch] - qemu <postponed> (Minor issue)
@@ -20232,8 +20232,8 @@ CVE-2020-8328
        RESERVED
 CVE-2020-8327 (A privilege escalation vulnerability was reported in 
LenovoBatteryGaug ...)
        NOT-FOR-US: Lenovo
-CVE-2020-8326
-       RESERVED
+CVE-2020-8326 (An unquoted service path vulnerability was reported in Lenovo 
Drivers  ...)
+       TODO: check
 CVE-2020-8325
        RESERVED
 CVE-2020-8324 (A vulnerability was reported in LenovoAppScenarioPluginSystem 
for Leno ...)
@@ -20250,8 +20250,8 @@ CVE-2020-8319 (A privilege escalation vulnerability was 
reported in Lenovo Syste
        NOT-FOR-US: Lenovo
 CVE-2020-8318 (A privilege escalation vulnerability was reported in the 
LenovoSystemU ...)
        NOT-FOR-US: Lenovo
-CVE-2020-8317
-       RESERVED
+CVE-2020-8317 (A DLL search path vulnerability was reported in Lenovo Drivers 
Managem ...)
+       TODO: check
 CVE-2020-8316 (A vulnerability was reported in Lenovo Vantage prior to version 
10.200 ...)
        NOT-FOR-US: Lenovo
 CVE-2020-8428 (fs/namei.c in the Linux kernel before 5.5 has a 
may_create_in_sticky u ...)
@@ -40182,7 +40182,6 @@ CVE-2020-1505
        RESERVED
 CVE-2020-1504
        RESERVED
-       {DSA-4732-1}
 CVE-2020-1503
        RESERVED
 CVE-2020-1502



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ba2ab176284963973578ea88a946ca46306a696

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ba2ab176284963973578ea88a946ca46306a696
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to