Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e1b376af by Moritz Mühlenhoff at 2020-10-14T19:44:45+02:00
ngircd, NM fixed
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -28024,7 +28024,7 @@ CVE-2020-14149 (In uftpd before 2.12, handle_CWD in
ftpcmd.c mishandled the path
NOT-FOR-US: uftpd
CVE-2020-14148 (The Server-Server protocol implementation in ngIRCd before
26~rc2 allo ...)
{DLA-2252-1}
- - ngircd <unfixed> (bug #963147)
+ - ngircd 26-1 (bug #963147)
[buster] - ngircd <no-dsa> (Minor issue)
[stretch] - ngircd <no-dsa> (Minor issue)
NOTE: https://github.com/ngircd/ngircd/issues/274
@@ -31137,7 +31137,7 @@ CVE-2020-12930
CVE-2020-12929
RESERVED
CVE-2020-12928 (A vulnerability in a dynamically loaded AMD driver in AMD
Ryzen Master ...)
- TODO: check
+ NOT-FOR-US: AMD Ryzen Master
CVE-2020-12927
RESERVED
CVE-2020-12926
@@ -38378,7 +38378,7 @@ CVE-2020-10755 (An insecure-credentials flaw was found
in all openstack-cinder v
NOTE: https://bugs.launchpad.net/cinder/+bug/1823200
NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0086
CVE-2020-10754 (It was found that nmcli, a command line interface to
NetworkManager di ...)
- - network-manager <unfixed> (unimportant)
+ - network-manager 1.26.0-1 (unimportant)
NOTE:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/448
NOTE:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/8affcc19b61fc3c516474ba075e61b82030feeb4
NOTE: Only affects builds enabling ifcfg-rh settings plugin,
source-wise only
@@ -63571,9 +63571,9 @@ CVE-2019-18993 (OpenWrt 18.06.4 allows XSS via the "New
port forward" Name field
CVE-2019-18992 (OpenWrt 18.06.4 allows XSS via these Name fields to the
cgi-bin/luci/a ...)
NOT-FOR-US: OpenWrt
CVE-2019-18991 (A partial authentication bypass vulnerability exists on
Atheros AR9132 ...)
- TODO: check
+ NOT-FOR-US: Atheros devices
CVE-2019-18990 (A partial authentication bypass vulnerability exists on
Realtek RTL881 ...)
- TODO: check
+ NOT-FOR-US: Realtek devices
CVE-2019-18989 (A partial authentication bypass vulnerability exists on
Mediatek MT762 ...)
NOT-FOR-US: Mediatek devices
CVE-2019-18988 (TeamViewer Desktop through 14.7.1965 allows a bypass of
remote-login a ...)
@@ -85096,7 +85096,7 @@ CVE-2019-13208 (WavesSysSvc in Waves MAXX Audio allows
privilege escalation beca
NOT-FOR-US: Waves MAXX Audio
CVE-2019-13207 (nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer
Overflo ...)
- nsd 4.2.4-1 (low; bug #931476)
- [buster] - nsd <no-dsa> (Minor issue)
+ [buster] - nsd <ignored> (Minor issue)
[stretch] - nsd <no-dsa> (Minor issue)
[jessie] - nsd <postponed> (Minor issue, crash on malformed
admin-controlled disk configuration)
- nsd3 <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1b376affc290601bc6b0a6a20563f741b72210a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1b376affc290601bc6b0a6a20563f741b72210a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
