Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c3485f5b by Salvatore Bonaccorso at 2020-09-19T10:19:00+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31396,7 +31396,7 @@ CVE-2019-20769 (An issue was discovered in LG PC Suite
for LG G3 and earlier (ak
CVE-2020-11862
RESERVED
CVE-2020-11861 (Unauthorized escalation of local privileges vulnerability on
Micro Foc ...)
- TODO: check
+ NOT-FOR-US: Micro Focus
CVE-2020-11860
RESERVED
CVE-2020-11859
@@ -41202,7 +41202,7 @@ CVE-2020-8255
CVE-2020-8254
RESERVED
CVE-2020-8253 (Improper authentication in Citrix XenMobile Server 10.12 before
RP2, C ...)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2020-8252 (The implementation of realpath in libuv < 10.22.1, <
12.18.4, an ...)
- libuv1 1.39.0-1
NOTE:
https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/#fs-realpath-native-on-may-cause-buffer-overflow-medium-cve-2020-8252
@@ -41218,11 +41218,11 @@ CVE-2020-8249
CVE-2020-8248
RESERVED
CVE-2020-8247 (Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix
ADC and N ...)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2020-8246 (Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix
ADC and N ...)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2020-8245 (Improper Input Validation on Citrix ADC and Citrix Gateway 13.0
before ...)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2020-8244 (A buffer over-read vulnerability exists in bl <4.0.3,
<3.0.1, &l ...)
- node-bl 4.0.3-1 (bug #969309)
[buster] - node-bl <no-dsa> (Minor issue)
@@ -41334,7 +41334,7 @@ CVE-2020-8201 (Node.js < 12.18.4 and < 14.11 can
be exploited to perform H
[stretch] - nodejs <not-affected> (Only affects 12.x and later)
NOTE:
https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/#http-request-smuggling-due-to-cr-to-hyphen-conversion-high-cve-2020-8201
CVE-2020-8200 (Improper authentication in Citrix StoreFront Server <
1912.0.1000 a ...)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2020-8199 (Improper access control in Citrix ADC Gateway Linux client
versions be ...)
NOT-FOR-US: Citrix
CVE-2020-8198 (Improper input validation in Citrix ADC and Citrix Gateway
versions be ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3485f5b3902b7c4c9186ef04785384f661974cb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3485f5b3902b7c4c9186ef04785384f661974cb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
