[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Mon, 21 Sep 2020 01:10:42 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
cb911dd8 by security tracker role at 2020-09-21T08:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16841,6 +16841,7 @@ CVE-2020-17509
 CVE-2020-17508
        RESERVED
 CVE-2020-17507 (An issue was discovered in Qt through 5.12.9, and 5.13.x 
through 5.15. ...)
+       {DLA-2377-1 DLA-2376-1}
        - qtbase-opensource-src 5.14.2+dfsg-6 (bug #968444)
        [buster] - qtbase-opensource-src <no-dsa> (Minor issue)
        - qt4-x11 <removed> (bug #970308)
@@ -24810,14 +24811,14 @@ CVE-2020-14182
        RESERVED
 CVE-2020-14181 (Affected versions of Atlassian Jira Server and Data Center 
allow an un ...)
        NOT-FOR-US: Atlassian
-CVE-2020-14180
-       RESERVED
-CVE-2020-14179
-       RESERVED
+CVE-2020-14180 (Affected versions of Atlassian Jira Service Desk Server and 
Data Cente ...)
+       TODO: check
+CVE-2020-14179 (Affected versions of Atlassian Jira Server and Data Center 
allow remot ...)
+       TODO: check
 CVE-2020-14178 (Affected versions of Atlassian Jira Server and Data Center 
allow remot ...)
        NOT-FOR-US: Atlassian
-CVE-2020-14177
-       RESERVED
+CVE-2020-14177 (Affected versions of Atlassian Jira Server and Data Center 
allow remot ...)
+       TODO: check
 CVE-2020-14176
        RESERVED
 CVE-2020-14175 (Affected versions of Atlassian Confluence Server and Data 
Center allow ...)
@@ -115210,7 +115211,7 @@ CVE-2018-19875
 CVE-2018-19874
        RESERVED
 CVE-2018-19873 (An issue was discovered in Qt before 5.11.3. QBmpHandler has a 
buffer  ...)
-       {DSA-4374-1 DLA-1786-1 DLA-1627-1}
+       {DSA-4374-1 DLA-2377-1 DLA-1786-1 DLA-1627-1}
        [experimental] - qtbase-opensource-src 5.11.3+dfsg-1
        - qtbase-opensource-src 5.11.3+dfsg-2 (low)
        - qt4-x11 4:4.8.7+dfsg-18 (low; bug #923003)
@@ -115219,6 +115220,7 @@ CVE-2018-19873 (An issue was discovered in Qt before 
5.11.3. QBmpHandler has a b
        NOTE: https://codereview.qt-project.org/#/c/238749/
        NOTE: 
https://github.com/qt/qtbase/commit/621ab8ab59901cc3f9bd98be709929c9eac997a8
 CVE-2018-19872 (An issue was discovered in Qt 5.11. A malformed PPM image 
causes a div ...)
+       {DLA-2377-1 DLA-2376-1}
        - qtbase-opensource-src 5.11.2+dfsg-3 (low)
        [stretch] - qtbase-opensource-src <no-dsa> (Minor issue)
        [jessie] - qtbase-opensource-src <no-dsa> (Minor issue)
@@ -115228,7 +115230,7 @@ CVE-2018-19872 (An issue was discovered in Qt 5.11. A 
malformed PPM image causes
        NOTE: https://bugreports.qt.io/browse/QTBUG-69449
        NOTE: qt4-x11: POC doesn't crash on neither jessie nor stretch, it's 
possibly incomplete; patch applies though.
 CVE-2018-19871 (An issue was discovered in Qt before 5.11.3. There is QTgaFile 
Uncontr ...)
-       {DLA-1786-1}
+       {DLA-2377-1 DLA-1786-1}
        - qtimageformats-opensource-src 5.11.3-2 (low)
        [stretch] - qtimageformats-opensource-src <no-dsa> (Minor issue)
        [jessie] - qtimageformats-opensource-src <postponed> (Minor issue)
@@ -115239,7 +115241,7 @@ CVE-2018-19871 (An issue was discovered in Qt before 
5.11.3. There is QTgaFile U
        NOTE: qt4-x11 affected in src/plugins/imageformats/tga/qtgafile.cpp
        NOTE: 
https://github.com/qt/qtimageformats/commit/7cfe47a8fe2f987fb2a066a696fb3d9d0afe4d65
 CVE-2018-19870 (An issue was discovered in Qt before 5.11.3. A malformed GIF 
image cau ...)
-       {DSA-4374-1 DLA-1786-1 DLA-1627-1}
+       {DSA-4374-1 DLA-2377-1 DLA-1786-1 DLA-1627-1}
        [experimental] - qtbase-opensource-src 5.11.3+dfsg-1
        - qtbase-opensource-src 5.11.3+dfsg-2 (low)
        - qt4-x11 4:4.8.7+dfsg-18 (low; bug #923003)
@@ -115250,7 +115252,7 @@ CVE-2018-19870 (An issue was discovered in Qt before 
5.11.3. A malformed GIF ima
        NOTE: src/plugins/imageformats/gif/qgifhandler.cpp depending on the 
version
        NOTE: 
https://github.com/qt/qtbase/commit/2841e2b61e32f26900bde987d469c8b97ea31999
 CVE-2018-19869 (An issue was discovered in Qt before 5.11.3. A malformed SVG 
image cau ...)
-       {DLA-1786-1}
+       {DLA-2377-1 DLA-1786-1}
        [experimental] - qtsvg-opensource-src 5.11.3-1
        - qtsvg-opensource-src 5.11.3-2 (low)
        [stretch] - qtsvg-opensource-src <no-dsa> (Minor issue)
@@ -130029,7 +130031,7 @@ CVE-2018-15520 (Various Lexmark devices have a Buffer 
Overflow (issue 2 of 2). .
 CVE-2018-15519 (Various Lexmark devices have a Buffer Overflow (issue 1 of 2). 
...)
        NOT-FOR-US: Lexmark devices
 CVE-2018-15518 (QXmlStream in Qt 5.x before 5.11.3 has a double-free or 
corruption dur ...)
-       {DSA-4374-1 DLA-1786-1 DLA-1627-1}
+       {DSA-4374-1 DLA-2377-1 DLA-1786-1 DLA-1627-1}
        [experimental] - qtbase-opensource-src 5.11.3+dfsg-1
        - qtbase-opensource-src 5.11.3+dfsg-2
        - qt4-x11 4:4.8.7+dfsg-18 (low)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb911dd827d851ada819cb5483a50e5d0522886b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb911dd827d851ada819cb5483a50e5d0522886b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to