summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2020-09-19 20:25:05 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2020-09-19 20:25:05 +0200
commit12558f79cceeed65814ffe99c55c02b0ab5aa6ef (patch)
treed23a23f72380df99da68a3be9d5e3228d10e0048
parent1f0f46a8bea783e2bbb0f01509ec10f1fae2781b (diff)
Sync some CVE information with kernel-sec
-rw-r--r--data/CVE/2019.list2
-rw-r--r--data/CVE/2020.list1
2 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 005d9f8..758ee66 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -36,6 +36,7 @@ CVE-2019-20909 (An issue was discovered in GNU LibreDWG through 0.9.3. There is
CVE-2019-20908 (An issue was discovered in drivers/firmware/efi/efi.c in the Linux ker ...)
- linux 5.2.6-1
[buster] - linux 4.19.132-1
+ [stretch] - linux <ignored> (securelevel included but not supported)
NOTE: https://www.openwall.com/lists/oss-security/2020/06/14/1
NOTE: Fixed by: https://git.kernel.org/linus/1957a85b0032a81e6482ca4aab883643b8dae06e
CVE-2019-20907 (In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craf ...)
@@ -2983,6 +2984,7 @@ CVE-2019-19830 (_core_/plugins/medias in SPIP 3.2.x before 3.2.7 allows remote a
[jessie] - spip <not-affected> (Vulnerable code not present)
CVE-2019-19770 (** DISPUTED ** In the Linux kernel 4.19.83, there is a use-after-free ...)
- linux 5.7.17-1
+ [stretch] - linux <not-affected> (Vulnerability introduced later)
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=205713
CVE-2019-19769 (In the Linux kernel 5.3.10, there is a use-after-free (read) in the pe ...)
- linux 5.5.13-1
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 8a88483..6d84643 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -20480,6 +20480,7 @@ CVE-2020-15779 (A Path Traversal issue was discovered in the socket.io-file pack
NOT-FOR-US: Node socket.io-file
CVE-2020-15780 (An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux k ...)
- linux 5.7.10-1
+ [stretch] - linux <ignored> (securelevel included but not supported)
NOTE: https://www.openwall.com/lists/oss-security/2020/06/15/3
NOTE: Fixed by: https://git.kernel.org/linus/75b0cea7bf307f362057cc778efe89af4c615354
CVE-2020-15778 (scp in OpenSSH through 8.3p1 allows command injection in scp.c remote ...)

© 2014-2020 Faster IT GmbH | imprint | privacy policy