[Git][security-tracker-team/security-tracker][master] 2 commits: Process one NFU

Salvatore Bonaccorso Mon, 10 Aug 2020 13:23:22 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
701fd667 by Salvatore Bonaccorso at 2020-08-10T22:21:01+02:00
Process one NFU

- - - - -
1739e3e1 by Salvatore Bonaccorso at 2020-08-10T22:22:28+02:00
Add firefox issues from mfsa2020-34 (Firefox for iOS specific)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,7 +3,7 @@ CVE-2020-17478 (ECDSA/EC/Point.pm in Crypt::Perl before 0.33 
does not properly c
 CVE-2020-17477
        RESERVED
 CVE-2020-17476 (Mibew Messenger before 3.2.7 allows XSS via a crafted user 
name. ...)
-       TODO: check
+       NOT-FOR-US: Mibew Messenger
 CVE-2020-17475
        RESERVED
 CVE-2020-17474
@@ -3844,9 +3844,11 @@ CVE-2020-15664
 CVE-2020-15663
        RESERVED
 CVE-2020-15662 (A rogue webpage could override the injected WKUserScript used 
by the d ...)
-       TODO: check
+       - firefox <not-affected> (Specific to Firefox for iOS)
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-34/#CVE-2020-15662
 CVE-2020-15661 (A rogue webpage could override the injected WKUserScript used 
by the l ...)
-       TODO: check
+       - firefox <not-affected> (Specific to Firefox for iOS)
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-34/#CVE-2020-15661
 CVE-2020-15660
        RESERVED
 CVE-2020-15659 (Mozilla developers and community members reported memory 
safety bugs p ...)
@@ -3898,7 +3900,8 @@ CVE-2020-15652 (By observing the stack trace for 
JavaScript errors in web worker
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/#CVE-2020-15652
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-35/#CVE-2020-15652
 CVE-2020-15651 (A unicode RTL order character in the downloaded file name can 
be used  ...)
-       TODO: check
+       - firefox <not-affected> (Specific to Firefox for iOS)
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-34/#CVE-2020-15651
 CVE-2020-15650 (Given an installed malicious file picker application, an 
attacker was  ...)
        - firefox-esr <not-affected> (Android specific)
        - firefox <not-affected> (Android specific)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c27216a7372b2a6f6070dc924c9e0b71818ab09c...1739e3e173a17ac6624d48077233d4ed295c09cb

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c27216a7372b2a6f6070dc924c9e0b71818ab09c...1739e3e173a17ac6624d48077233d4ed295c09cb
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 2 commits: Process one NFU

Reply via email to