[Git][security-tracker-team/security-tracker][master] automatic update

Mon, 31 Aug 2020 01:10:38 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
41b7929a by security tracker role at 2020-08-31T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2020-25033 (The Blubrry subscribe-sidebar (aka Subscribe Sidebar) plugin 
1.3.1 for ...)
+       TODO: check
+CVE-2020-25032 (An issue was discovered in Flask-CORS (aka CORS Middleware for 
Flask)  ...)
+       TODO: check
+CVE-2020-25031 (checkinstall 1.6.2, when used to create a package that 
contains a syml ...)
+       TODO: check
 CVE-2020-25030
        RESERVED
 CVE-2020-25029
@@ -1642,7 +1648,7 @@ CVE-2020-24241 (In Netwide Assembler (NASM) 2.15rc10, 
there is heap use-after-fr
        NOTE: 
https://github.com/netwide-assembler/nasm/commit/6ac6ac57e3d01ea8ed4ea47706eb724b59176461
        NOTE: 
https://github.com/netwide-assembler/nasm/commit/78df8828a0a5d8e2d8ff3dced562bf1778ce2e6c
        NOTE: Crash in CLI tool, no security impact
-CVE-2020-24240 (GNU Bison 3.7 has a use after free (UAF) vulnerability. A 
local attack ...)
+CVE-2020-24240 (GNU Bison before 3.7.1 has a use-after-free in _obstack_free 
in lib/ob ...)
        - bison <unfixed> (unimportant)
        NOTE: 
https://github.com/akimd/bison/commit/be95a4fe2951374676efc9454ffee8638faaf68d 
(v3.7.1)
        NOTE: https://lists.gnu.org/r/bug-bison/2020-07/msg00051.html
@@ -1917,8 +1923,8 @@ CVE-2020-24106
        RESERVED
 CVE-2020-24105
        RESERVED
-CVE-2020-24104
-       RESERVED
+CVE-2020-24104 (XSS on the PIX-Link Repeater/Router LV-WR07 with firmware 
v28K.Router. ...)
+       TODO: check
 CVE-2020-24103
        RESERVED
 CVE-2020-24102
@@ -22505,11 +22511,13 @@ CVE-2020-14363 [Double free in libX11 locale handling 
code]
        NOTE: 
https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/acdaaadcb3d85c61fd43669fc5dddf0f8c3f911d
 CVE-2020-14362
        RESERVED
+       {DLA-2359-1}
        - xorg-server <unfixed>
        NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003058.html
        NOTE: 
https://gitlab.freedesktop.org/xorg/xserver/-/commit/2902b78535ecc6821cc027351818b28a5c7fdbdc
 CVE-2020-14361
        RESERVED
+       {DLA-2359-1}
        - xorg-server <unfixed>
        NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003058.html
        NOTE: 
https://gitlab.freedesktop.org/xorg/xserver/-/commit/144849ea27230962227e62a943b399e2ab304787
@@ -22560,16 +22568,19 @@ CVE-2020-14348
        RESERVED
        NOT-FOR-US: AMQ Online
 CVE-2020-14347 (A flaw was found in the way xserver memory was not properly 
initialize ...)
+       {DLA-2359-1}
        - xorg-server <unfixed> (bug #968986)
        NOTE: https://lists.x.org/archives/xorg-announce/2020-July/003051.html
        NOTE: 
https://gitlab.freedesktop.org/xorg/xserver/-/commit/aac28e162e5108510065ad4c323affd6deffd816
 CVE-2020-14346
        RESERVED
+       {DLA-2359-1}
        - xorg-server <unfixed>
        NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003058.html
        NOTE: 
https://gitlab.freedesktop.org/xorg/xserver/-/commit/c940cc8b6c0a2983c1ec974f1b3f019795dd4cff
 CVE-2020-14345
        RESERVED
+       {DLA-2359-1}
        - xorg-server <unfixed>
        NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003058.html
        NOTE: 
https://gitlab.freedesktop.org/xorg/xserver/-/commit/f7cd1276bbd4fe3a9700096dec33b52b8440788d
@@ -39846,8 +39857,8 @@ CVE-2020-8099 (A vulnerability in the improper handling 
of junctions in Bitdefen
        NOT-FOR-US: Bitdefender Antivirus Free
 CVE-2020-8098
        RESERVED
-CVE-2020-8097
-       RESERVED
+CVE-2020-8097 (An improper authentication vulnerability in Bitdefender 
Endpoint Secur ...)
+       TODO: check
 CVE-2020-8096 (Untrusted Search Path vulnerability in Bitdefender High-Level 
Antimalw ...)
        NOT-FOR-US: Bitdefender
 CVE-2020-8095 (A vulnerability in the improper handling of junctions before 
deletion  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41b7929a81d237d46eb93bb0762509aa8c96add5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41b7929a81d237d46eb93bb0762509aa8c96add5
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to