[Git][security-tracker-team/security-tracker][master] automatic update

Sun, 01 Nov 2020 12:11:15 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4b436b08 by security tracker role at 2020-11-01T20:10:29+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2020-28046 (An issue was discovered in ProlinOS through 2.4.161.8859R. An 
attacker ...)
+       TODO: check
+CVE-2020-28045 (An unsigned-library issue was discovered in ProlinOS through 
2.4.161.8 ...)
+       TODO: check
+CVE-2020-28044 (An attacker with physical access to a PAX Point Of Sale device 
with Pr ...)
+       TODO: check
+CVE-2020-28043 (MISP through 2.4.133 allows SSRF in the REST client via the 
use_full_p ...)
+       TODO: check
 CVE-2020-28042 (ServiceStack before 5.9.2 mishandles JWT signature 
verification unless ...)
        TODO: check
 CVE-2020-28041 (The SIP ALG implementation on NETGEAR Nighthawk R7000 
1.0.9.64_10.2.64 ...)
@@ -5235,8 +5243,8 @@ CVE-2020-25851
        RESERVED
 CVE-2020-25850
        RESERVED
-CVE-2020-25849
-       RESERVED
+CVE-2020-25849 (MailGates and MailAudit products contain Command Injection 
flaw, which ...)
+       TODO: check
 CVE-2020-25848
        RESERVED
 CVE-2020-25847
@@ -27614,6 +27622,7 @@ CVE-2020-15252 (In XWiki before version 12.5 and 
11.10.6, any user with SCRIPT r
 CVE-2020-15251 (In the Channelmgnt plug-in for Sopel (a Python IRC bot) before 
version ...)
        NOT-FOR-US: Channelmgnt plug-in for Sopel
 CVE-2020-15250 (In JUnit4 from version 4.7 and before 4.13.1, the test rule 
TemporaryF ...)
+       {DLA-2426-1}
        - junit4 <unfixed> (bug #972231)
        NOTE: 
https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp
        NOTE: 
https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae
@@ -30084,7 +30093,7 @@ CVE-2020-14356 (A flaw null pointer dereference in the 
Linux kernel cgroupv2 sub
        [buster] - linux 4.19.146-1
        NOTE: Fixed by: 
https://git.kernel.org/linus/ad0f75e5f57ccbceec13274e1e242f2b5a6397ed
 CVE-2020-14355 (Multiple buffer overflow vulnerabilities were found in the 
QUIC image  ...)
-       {DSA-4771-1}
+       {DSA-4771-1 DLA-2428-1 DLA-2427-1}
        - spice 0.14.3-2 (bug #971750)
        - spice-gtk <unfixed> (bug #971751)
        [buster] - spice-gtk <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b436b08d0b7eb04a5a6f7cda14b42bb4099d14f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b436b08d0b7eb04a5a6f7cda14b42bb4099d14f
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to