Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
33031bac by Salvatore Bonaccorso at 2020-09-25T10:12:34+02:00
Shorten slightly commit references for linus' git tree
- - - - -
f5a22e5f by Salvatore Bonaccorso at 2020-09-25T10:13:28+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,39 +1,39 @@
CVE-2020-26115 (cPanel before 90.0.10 allows self XSS via the Cron Editor
interface (S ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26114 (cPanel before 90.0.10 allows self XSS via the Cron Jobs
interface (SEC ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26113 (cPanel before 90.0.10 allows self XSS via WHM Manage API
Tokens interf ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26112 (The email quota cache in cPanel before 90.0.10 allows
overwriting of f ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26111 (cPanel before 90.0.10 allows self XSS via the WHM Edit DNS
Zone interf ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26110 (cPanel before 88.0.13 allows self XSS via DNS Zone Manager
DNSSEC inte ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26109 (cPanel before 88.0.13 allows bypass of a protection mechanism
that att ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26108 (cPanel before 88.0.13 mishandles file-extension dispatching,
leading t ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26107 (cPanel before 88.0.3, upon an upgrade, establishes predictable
PowerDN ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26106 (cPanel before 88.0.3 has weak permissions (world readable) for
the pro ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26105 (In cPanel before 88.0.3, insecure chkservd test credentials
are used o ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26104 (In cPanel before 88.0.3, an insecure SRS secret is used on a
templated ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26103 (In cPanel before 88.0.3, an insecure site password is used for
Mailman ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26102 (In cPanel before 88.0.3, an insecure auth policy API key is
used by Do ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26101 (In cPanel before 88.0.3, insecure RNDC credentials are used
for BIND o ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26100 (chsh in cPanel before 88.0.3 allows a Jailshell escape
(SEC-497). ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26099 (cPanel before 88.0.3 allows attackers to bypass the SMTP
greylisting p ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2020-26098 (cPanel before 88.0.3 mishandles the Exim filter path, leading
to remot ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2016-11086 (lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for
Ruby doe ...)
TODO: check
CVE-2020-26097
@@ -1018,7 +1018,7 @@ CVE-2020-25642
CVE-2020-25641
RESERVED
- linux <unfixed>
- NOTE:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e24969022cbd61ddc586f14824fc205661bb124
+ NOTE:
https://git.kernel.org/linus/7e24969022cbd61ddc586f14824fc205661bb124
CVE-2020-25640
RESERVED
- wildfly <itp> (bug #752018)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/193c71928e304639976c83a3e7b6ce906153fcd0...f5a22e5fd2e02255475f73df5ad637e9f78495c8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/193c71928e304639976c83a3e7b6ce906153fcd0...f5a22e5fd2e02255475f73df5ad637e9f78495c8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
