Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
413e425a by Moritz Mühlenhoff at 2021-03-21T20:11:51+01:00
cimg no-dsa, various bugs filed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -18205,7 +18205,7 @@ CVE-2020-35638
CVE-2020-35637
RESERVED
CVE-2020-35636 (A code execution vulnerability exists in the Nef
polygon-parsing funct ...)
- - cgal <unfixed>
+ - cgal <unfixed> (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
CVE-2020-35635
RESERVED
@@ -18222,7 +18222,7 @@ CVE-2020-35630
CVE-2020-35629
RESERVED
CVE-2020-35628 (A code execution vulnerability exists in the Nef
polygon-parsing funct ...)
- - cgal <unfixed>
+ - cgal <unfixed> (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
CVE-2021-21433
RESERVED
@@ -28075,7 +28075,7 @@ CVE-2020-28638 (ask_password in Tomb 2.0 through 2.7
returns a warning when pine
CVE-2020-28637
RESERVED
CVE-2020-28636 (A code execution vulnerability exists in the Nef
polygon-parsing funct ...)
- - cgal <unfixed>
+ - cgal <unfixed> (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
CVE-2020-28635
RESERVED
@@ -28146,7 +28146,7 @@ CVE-2020-28603
CVE-2020-28602
RESERVED
CVE-2020-28601 (A code execution vulnerability exists in the Nef
polygon-parsing funct ...)
- - cgal <unfixed>
+ - cgal <unfixed> (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
CVE-2020-28600
RESERVED
@@ -31755,7 +31755,7 @@ CVE-2020-27840
RESERVED
CVE-2020-27839
RESERVED
- - ceph <unfixed>
+ - ceph <unfixed> (bug #985670)
[buster] - ceph <no-dsa> (Minor issue)
NOTE: https://tracker.ceph.com/issues/44591
NOTE: https://github.com/ceph/ceph/pull/38259
@@ -31951,7 +31951,7 @@ CVE-2020-27782 (A flaw was found in the Undertow AJP
connector. Malicious reques
NOTE: https://issues.redhat.com/browse/UNDERTOW-1824
NOTE:
https://github.com/undertow-io/undertow/commit/fdac349cbcd1da41fe8b9d4e7ebbab6879990c2a
(2.2.4.Final)
CVE-2020-27781 (User credentials can be manipulated and stolen by Native
CephFS consum ...)
- - ceph <unfixed>
+ - ceph <unfixed> (bug #985670)
NOTE: https://bugs.launchpad.net/manila/+bug/1904015
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1900109
NOTE:
https://github.com/ceph/ceph/commit/1b8a634fdcd94dfb3ba650793fb1b6d09af65e05
(octopus)
@@ -59384,7 +59384,7 @@ CVE-2020-15402
CVE-2020-15401 (IOBit Malware Fighter Pro 8.0.2.547 allows local users to gain
privile ...)
NOT-FOR-US: IOBit Malware Fighter Pro
CVE-2020-15400 (CakePHP before 4.0.6 mishandles CSRF token generation. This
might be r ...)
- - cakephp <unfixed>
+ - cakephp <unfixed> (bug #985673)
[buster] - cakephp <ignored> (Minor issue)
[stretch] - cakephp <no-dsa> (Minor issue)
CVE-2020-15399
@@ -189861,6 +189861,7 @@ CVE-2018-7588 (An issue was discovered in CImg v.220.
A heap-based buffer over-r
NOTE:
https://github.com/dtschump/CImg/commit/8447076ef22322a14a0ce130837e44c5ba8095f4
CVE-2018-7587 (An issue was discovered in CImg v.220. DoS occurs when loading
a craft ...)
- cimg <unfixed> (low; bug #892780; bug #940951)
+ [bullseye] - cimg <no-dsa> (Minor issue)
[buster] - cimg <no-dsa> (Minor issue)
[stretch] - cimg <no-dsa> (Minor issue)
[jessie] - cimg <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/413e425aaa27f24d2604ecf79d441b13800f09c1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/413e425aaa27f24d2604ecf79d441b13800f09c1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
