Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 1d8092b0 by Salvatore Bonaccorso at 2021-01-03T17:58:31+01:00 Track fixed versions for f2fs-tools issues via unstable Unfortuantely queries to upstream were not successful to identify the fixes. So for now track just the unstable version fixing all those trusting the maintainer. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -66866,19 +66866,19 @@ CVE-2020-6110 (An exploitable partial path traversal vulnerability exists in the CVE-2020-6109 (An exploitable path traversal vulnerability exists in the Zoom client, ...) NOT-FOR-US: Zoom CVE-2020-6108 (An exploitable code execution vulnerability exists in the fsck_chk_orp ...) - - f2fs-tools <unfixed> (bug #973380) + - f2fs-tools 1.14.0-1 (bug #973380) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1050 CVE-2020-6107 (An exploitable information disclosure vulnerability exists in the dev_ ...) - - f2fs-tools <unfixed> (bug #973380) + - f2fs-tools 1.14.0-1 (bug #973380) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1049 CVE-2020-6106 (An exploitable information disclosure vulnerability exists in the init ...) - - f2fs-tools <unfixed> (bug #973380) + - f2fs-tools 1.14.0-1 (bug #973380) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1048 CVE-2020-6105 (An exploitable code execution vulnerability exists in the multiple dev ...) - - f2fs-tools <unfixed> (bug #973380) + - f2fs-tools 1.14.0-1 (bug #973380) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1047 CVE-2020-6104 (An exploitable information disclosure vulnerability exists in the get_ ...) - - f2fs-tools <unfixed> (bug #973380) + - f2fs-tools 1.14.0-1 (bug #973380) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1046 CVE-2020-6103 (An exploitable code execution vulnerability exists in the Shader funct ...) NOT-FOR-US: AMD Radeon DirectX 11 Driver atidxx64.dll @@ -66999,7 +66999,7 @@ CVE-2020-6071 (An exploitable denial-of-service vulnerability exists in the reso NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-0994 NOTE: These were addressed on the source level in 3.0.9, but 3.0.8-4 disables the plugin CVE-2020-6070 (An exploitable code execution vulnerability exists in the file system ...) - - f2fs-tools <unfixed> (bug #970941) + - f2fs-tools 1.14.0-1 (bug #970941) [buster] - f2fs-tools <no-dsa> (Minor issue) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-0988 CVE-2020-6069 (An exploitable out-of-bounds write vulnerability exists in the igcore1 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d8092b0f9b0c71e23f472f20003c712a234ffb6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d8092b0f9b0c71e23f472f20003c712a234ffb6 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits