Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
809ee646 by security tracker role at 2020-12-04T08:10:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,76 @@
-CVE-2020-29534 [io_uring: don't rely on weak ->files references]
+CVE-2020-29565 (An issue was discovered in OpenStack Horizon before 15.3.2,
16.x befor ...)
+ TODO: check
+CVE-2020-29564
+ RESERVED
+CVE-2020-29563
+ RESERVED
+CVE-2020-29562 (The iconv function in the GNU C Library (aka glibc or libc6)
2.30 to 2 ...)
+ TODO: check
+CVE-2020-29561 (An issue was discovered in SonicBOOM riscv-boom 3.0.0. For LR,
it does ...)
+ TODO: check
+CVE-2020-29560
+ RESERVED
+CVE-2020-29559
+ RESERVED
+CVE-2020-29558
+ RESERVED
+CVE-2020-29557
+ RESERVED
+CVE-2020-29556
+ RESERVED
+CVE-2020-29555
+ RESERVED
+CVE-2020-29554
+ RESERVED
+CVE-2020-29553
+ RESERVED
+CVE-2020-29552
+ RESERVED
+CVE-2020-29551
+ RESERVED
+CVE-2020-29550
+ RESERVED
+CVE-2020-29549
+ RESERVED
+CVE-2020-29548
+ RESERVED
+CVE-2020-29547
+ RESERVED
+CVE-2020-29546
+ RESERVED
+CVE-2020-29545
+ RESERVED
+CVE-2020-29544
+ RESERVED
+CVE-2020-29543
+ RESERVED
+CVE-2020-29542
+ RESERVED
+CVE-2020-29541
+ RESERVED
+CVE-2020-29540
+ RESERVED
+CVE-2020-29539
+ RESERVED
+CVE-2020-29538
+ RESERVED
+CVE-2020-29537
+ RESERVED
+CVE-2020-29536
+ RESERVED
+CVE-2020-29535
+ RESERVED
+CVE-2020-29533
+ RESERVED
+CVE-2020-29532
+ RESERVED
+CVE-2020-29531
+ RESERVED
+CVE-2020-29530
+ RESERVED
+CVE-2018-21270 (Versions less than 0.0.6 of the Node.js stringstream module
are vulner ...)
+ TODO: check
+CVE-2020-29534 (An issue was discovered in the Linux kernel before 5.9.3.
io_uring tak ...)
- linux 5.9.6-1
[buster] - linux <not-affected> (Vulnerable code not present)
[stretch] - linux <not-affected> (Vulnerable code not present)
@@ -1551,8 +1623,7 @@ CVE-2020-28918
RESERVED
CVE-2020-28917 (An issue was discovered in the view_statistics (aka View
frontend stat ...)
NOT-FOR-US: TYPO3 extension
-CVE-2020-28916 [e1000e: infinite loop scenario in case of null packet
descriptor]
- RESERVED
+CVE-2020-28916 (hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an
RX desc ...)
- qemu <unfixed>
[buster] - qemu <postponed> (Fix along in future DSA)
[stretch] - qemu <postponed> (Fix along in future DLA)
@@ -8351,8 +8422,8 @@ CVE-2020-27350
RESERVED
CVE-2020-27349
RESERVED
-CVE-2020-27348
- RESERVED
+CVE-2020-27348 (In some conditions, a snap package built by snapcraft includes
the cur ...)
+ TODO: check
CVE-2020-27346
REJECTED
CVE-2020-27345
@@ -10767,8 +10838,8 @@ CVE-2020-26250 (OAuthenticator is an OAuth login
mechanism for JupyterHub. In oa
TODO: check
CVE-2020-26249
RESERVED
-CVE-2020-26248
- RESERVED
+CVE-2020-26248 (In the PrestaShop module "productcomments" before version
4.2.1, an at ...)
+ TODO: check
CVE-2020-26247
RESERVED
CVE-2020-26246 (Pimcore is an open source digital experience platform. In
Pimcore befo ...)
@@ -31902,8 +31973,7 @@ CVE-2020-16124 (Integer Overflow or Wraparound
vulnerability in the XML RPC libr
[buster] - ros-ros-comm <no-dsa> (Minor issue)
[stretch] - ros-ros-comm <no-dsa> (Minor issue)
NOTE: https://github.com/ros/ros_comm/pull/2065
-CVE-2020-16123
- RESERVED
+CVE-2020-16123 (An Ubuntu-specific patch in PulseAudio created a race
condition where ...)
- pulseaudio <not-affected> (Ubuntu-specific issue)
CVE-2020-16122 (PackageKit's apt backend mistakenly treated all local debs as
trusted. ...)
{DLA-2399-1}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/809ee6467ba9aa2f8acf27004b5be9095b2c215c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/809ee6467ba9aa2f8acf27004b5be9095b2c215c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
