Abhijith PA pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
30626475 by Abhijith PA at 2021-02-01T10:24:23+05:30
Mark remaining issues of f2fs-tools as no-dsa. Follow carnil's
advice.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -78527,22 +78527,27 @@ CVE-2020-6109 (An exploitable path traversal
vulnerability exists in the Zoom cl
CVE-2020-6108 (An exploitable code execution vulnerability exists in the
fsck_chk_orp ...)
- f2fs-tools 1.14.0-1 (bug #973380)
[buster] - f2fs-tools <no-dsa> (Minor issue)
+ [stretch] - f2fs-tools <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1050
CVE-2020-6107 (An exploitable information disclosure vulnerability exists in
the dev_ ...)
- f2fs-tools 1.14.0-1 (bug #973380)
[buster] - f2fs-tools <no-dsa> (Minor issue)
+ [stretch] - f2fs-tools <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1049
CVE-2020-6106 (An exploitable information disclosure vulnerability exists in
the init ...)
- f2fs-tools 1.14.0-1 (bug #973380)
[buster] - f2fs-tools <no-dsa> (Minor issue)
+ [stretch] - f2fs-tools <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1048
CVE-2020-6105 (An exploitable code execution vulnerability exists in the
multiple dev ...)
- f2fs-tools 1.14.0-1 (bug #973380)
[buster] - f2fs-tools <no-dsa> (Minor issue)
+ [stretch] - f2fs-tools <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1047
CVE-2020-6104 (An exploitable information disclosure vulnerability exists in
the get_ ...)
- f2fs-tools 1.14.0-1 (bug #973380)
[buster] - f2fs-tools <no-dsa> (Minor issue)
+ [stretch] - f2fs-tools <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1046
CVE-2020-6103 (An exploitable code execution vulnerability exists in the
Shader funct ...)
NOT-FOR-US: AMD Radeon DirectX 11 Driver atidxx64.dll
@@ -78665,6 +78670,7 @@ CVE-2020-6071 (An exploitable denial-of-service
vulnerability exists in the reso
CVE-2020-6070 (An exploitable code execution vulnerability exists in the file
system ...)
- f2fs-tools 1.14.0-1 (bug #970941)
[buster] - f2fs-tools <no-dsa> (Minor issue)
+ [stretch] - f2fs-tools <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-0988
CVE-2020-6069 (An exploitable out-of-bounds write vulnerability exists in the
igcore1 ...)
NOT-FOR-US: Accusoft ImageGear
=====================================
data/dla-needed.txt
=====================================
@@ -34,10 +34,6 @@ condor
--
dnsmasq (Utkarsh)
--
-f2fs-tools (Abhijith PA)
- NOTE: 20200815: About CVE-2020-6070. The fix got introduced between 1.12.0
and 1.13.0, but it is not trivial to
- NOTE: 20200815: to detect which of the patches correlates to the CVE.
Contacting upstream might be necessary. (sunweaver)
---
firefox-esr (Emilio)
--
firmware-nonfree
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/306264756a004fae1d951dee20b4e6f6a6d765a4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/306264756a004fae1d951dee20b4e6f6a6d765a4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
