Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 413e425a by Moritz Mühlenhoff at 2021-03-21T20:11:51+01:00 cimg no-dsa, various bugs filed - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -18205,7 +18205,7 @@ CVE-2020-35638 CVE-2020-35637 RESERVED CVE-2020-35636 (A code execution vulnerability exists in the Nef polygon-parsing funct ...) - - cgal <unfixed> + - cgal <unfixed> (bug #985671) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225 CVE-2020-35635 RESERVED @@ -18222,7 +18222,7 @@ CVE-2020-35630 CVE-2020-35629 RESERVED CVE-2020-35628 (A code execution vulnerability exists in the Nef polygon-parsing funct ...) - - cgal <unfixed> + - cgal <unfixed> (bug #985671) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225 CVE-2021-21433 RESERVED @@ -28075,7 +28075,7 @@ CVE-2020-28638 (ask_password in Tomb 2.0 through 2.7 returns a warning when pine CVE-2020-28637 RESERVED CVE-2020-28636 (A code execution vulnerability exists in the Nef polygon-parsing funct ...) - - cgal <unfixed> + - cgal <unfixed> (bug #985671) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225 CVE-2020-28635 RESERVED @@ -28146,7 +28146,7 @@ CVE-2020-28603 CVE-2020-28602 RESERVED CVE-2020-28601 (A code execution vulnerability exists in the Nef polygon-parsing funct ...) - - cgal <unfixed> + - cgal <unfixed> (bug #985671) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225 CVE-2020-28600 RESERVED @@ -31755,7 +31755,7 @@ CVE-2020-27840 RESERVED CVE-2020-27839 RESERVED - - ceph <unfixed> + - ceph <unfixed> (bug #985670) [buster] - ceph <no-dsa> (Minor issue) NOTE: https://tracker.ceph.com/issues/44591 NOTE: https://github.com/ceph/ceph/pull/38259 @@ -31951,7 +31951,7 @@ CVE-2020-27782 (A flaw was found in the Undertow AJP connector. Malicious reques NOTE: https://issues.redhat.com/browse/UNDERTOW-1824 NOTE: https://github.com/undertow-io/undertow/commit/fdac349cbcd1da41fe8b9d4e7ebbab6879990c2a (2.2.4.Final) CVE-2020-27781 (User credentials can be manipulated and stolen by Native CephFS consum ...) - - ceph <unfixed> + - ceph <unfixed> (bug #985670) NOTE: https://bugs.launchpad.net/manila/+bug/1904015 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1900109 NOTE: https://github.com/ceph/ceph/commit/1b8a634fdcd94dfb3ba650793fb1b6d09af65e05 (octopus) @@ -59384,7 +59384,7 @@ CVE-2020-15402 CVE-2020-15401 (IOBit Malware Fighter Pro 8.0.2.547 allows local users to gain privile ...) NOT-FOR-US: IOBit Malware Fighter Pro CVE-2020-15400 (CakePHP before 4.0.6 mishandles CSRF token generation. This might be r ...) - - cakephp <unfixed> + - cakephp <unfixed> (bug #985673) [buster] - cakephp <ignored> (Minor issue) [stretch] - cakephp <no-dsa> (Minor issue) CVE-2020-15399 @@ -189861,6 +189861,7 @@ CVE-2018-7588 (An issue was discovered in CImg v.220. A heap-based buffer over-r NOTE: https://github.com/dtschump/CImg/commit/8447076ef22322a14a0ce130837e44c5ba8095f4 CVE-2018-7587 (An issue was discovered in CImg v.220. DoS occurs when loading a craft ...) - cimg <unfixed> (low; bug #892780; bug #940951) + [bullseye] - cimg <no-dsa> (Minor issue) [buster] - cimg <no-dsa> (Minor issue) [stretch] - cimg <no-dsa> (Minor issue) [jessie] - cimg <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/413e425aaa27f24d2604ecf79d441b13800f09c1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/413e425aaa27f24d2604ecf79d441b13800f09c1 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits