[Git][security-tracker-team/security-tracker][master] new nomad issue

Wed, 25 Nov 2020 10:34:39 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
29e91add by Moritz Muehlenhoff at 2020-11-25T19:33:57+01:00
new nomad issue
NFUs
more imagemagick triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2680,7 +2680,7 @@ CVE-2020-28974 (A slab-out-of-bounds read in fbcon in the 
Linux kernel before 5.
 CVE-2020-28361 (Kamailio before 5.4.0, as used in Sip Express Router (SER) in 
Sippy So ...)
        TODO: check, this might be specific to Kamailio as used in the 
specified product
 CVE-2020-28360 (Insufficient RegEx in private-ip npm package v1.0.5 and below 
insuffic ...)
-       TODO: check
+       NOT-FOR-US: Node private-ip
 CVE-2020-28359
        RESERVED
 CVE-2020-28358
@@ -2704,7 +2704,8 @@ CVE-2020-28350 (A Cross Site Scripting (XSS) 
vulnerability exists in OPAC in Sok
 CVE-2020-28349 (** DISPUTED ** An inaccurate frame deduplication process in 
ChirpStack ...)
        NOT-FOR-US: ChirpStack Network Server
 CVE-2020-28348 (HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client 
Docker  ...)
-       TODO: check
+       - nomad <unfixed>
+       NOTE: https://github.com/hashicorp/nomad/issues/9303
 CVE-2020-28347 (tdpServer on TP-Link Archer A7 AC1750 devices before 201029 
allows rem ...)
        NOT-FOR-US: TP-Link
 CVE-2020-28346
@@ -5809,6 +5810,7 @@ CVE-2020-27751
 CVE-2020-27750
        RESERVED
        - imagemagick 8:6.9.11.24+dfsg-1
+       [buster] - imagemagick <ignored> (Minor issue)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/1711
        NOTE: ImageMagick: 
https://github.com/ImageMagick/ImageMagick/commit/a81ca9a1b46a96be83682af3389f0a6f3d0d389d
        NOTE: ImageMagick6: 
https://github.com/ImageMagick/ImageMagick6/commit/c7038e710ad0204d6cb37a0229fc55f6f8a8662f
@@ -10907,6 +10909,7 @@ CVE-2020-25667
 CVE-2020-25666
        RESERVED
        - imagemagick 8:6.9.11.24+dfsg-1
+       [buster] - imagemagick <ignored> (Minor issue)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/1750
        NOTE: ImageMagick: 
https://github.com/ImageMagick/ImageMagick/commit/94691f00839dbdf43edb1508af945ab19b388573
        NOTE: ImageMagick6: 
https://github.com/ImageMagick/ImageMagick6/commit/91ae12c57f3b9b23f2072462c27a8378b59f395e
@@ -12156,7 +12159,7 @@ CVE-2020-25161
 CVE-2020-25160
        RESERVED
 CVE-2020-25159 (499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to 
a stack- ...)
-       TODO: check
+       NOT-FOR-US: 499ES
 CVE-2020-25158
        RESERVED
 CVE-2020-25157 (The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL 
injection ...)
@@ -53943,7 +53946,7 @@ CVE-2020-7779
 CVE-2020-7778
        RESERVED
 CVE-2020-7777 (This affects all versions of package jsen. If an attacker can 
control  ...)
-       TODO: check
+       NOT-FOR-US: Node jsen
 CVE-2020-7776
        RESERVED
 CVE-2020-7775



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29e91addcc744a2510e01eb27edbaae37e2fb679

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29e91addcc744a2510e01eb27edbaae37e2fb679
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to