Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
77861d94 by Salvatore Bonaccorso at 2020-03-26T20:31:11+01:00
Slightly reorganize notes
- - - - -
c89756e7 by Salvatore Bonaccorso at 2020-03-26T21:21:53+01:00
Start tracking some new gitlab issues from 2020-03-26 release
Not all are actually clear, and some have not yet assigned CVEs and
indication for affected versions and releases. Need to look those later
up again.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -20,14 +20,24 @@ CVE-2020-10957
RESERVED
CVE-2020-10956
RESERVED
+ - gitlab <unfixed>
+ NOTE:
https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10955
RESERVED
+ - gitlab <unfixed>
+ NOTE:
https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10954
RESERVED
+ - gitlab <unfixed>
+ NOTE:
https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10953
RESERVED
+ - gitlab <unfixed>
+ NOTE:
https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10952
RESERVED
+ - gitlab <unfixed>
+ NOTE:
https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10951
RESERVED
CVE-2020-10950
@@ -2747,6 +2757,9 @@ CVE-2020-9796
RESERVED
CVE-2020-9795
RESERVED
+ - gitlab <unfixed>
+ NOTE:
https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
+ TODO: check if this is actually an issue in Nokogiri
CVE-2020-9794
RESERVED
CVE-2020-9793
@@ -110249,10 +110262,11 @@ CVE-2018-9272 (In Wireshark 2.4.0 to 2.4.5 and
2.2.0 to 2.2.13, epan/dissectors/
- wireshark 2.4.6-1 (low)
[jessie] - wireshark <no-dsa> (Minor issue)
[wheezy] - wireshark <no-dsa> (Minor issue)
- NOTE: applying patch in jessie/wheezy requires introduction of a new
memory management system (wmem)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14487
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6e3b90824a82724f445a0374e99f0b76e4cf5e8b
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
+ NOTE: Applying patch for versions 1.12 and older requires introduction
of a new
+ NOTE: memory management system (wmem).
CVE-2018-9271 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13,
epan/dissectors/packe ...)
- wireshark 2.4.6-1 (low)
[jessie] - wireshark <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/89eee75402cfe90e1172067ff4db5bff742bf95c...c89756e7c076c78cc435d0e16d251f68614447ea
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/89eee75402cfe90e1172067ff4db5bff742bf95c...c89756e7c076c78cc435d0e16d251f68614447ea
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
