diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2020-07-01 12:10:45 +0200 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2020-07-01 12:10:45 +0200 |
| commit | bce5996ab8f2bd2b6973399354cc25c0f1d4c0e0 (patch) | |
| tree | ba3e99e2b0eeedac815b5247582dbc7ebd41be79 | |
| parent | 3a5329a4db6c80b2ae83421af5aa2e39ef25b9fc (diff) | |
- "new" dnsmasq issue (CVE is for Red Hat, but they essentially found the same issue Mika Prokop did back in 2014)
- new rails issue
- NFU
- add squid to dsa-needed
| -rw-r--r-- | data/CVE/list | 6 | ||||
| -rw-r--r-- | data/dsa-needed.txt | 2 |
2 files changed, 8 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index dd71d33f2f..68294a7615 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -2732,6 +2732,8 @@ CVE-2020-14313 RESERVED CVE-2020-14312 RESERVED + - dnsmasq 2.69-1 (bug #732610) + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1851342 CVE-2020-14311 RESERVED CVE-2020-14310 @@ -2744,6 +2746,7 @@ CVE-2020-14307 RESERVED CVE-2020-14306 RESERVED + NOT-FOR-US: OpenShift CVE-2020-14305 [memory corruption in Voice over IP nf_conntrack_h323 module] RESERVED - linux 4.12.6-1 @@ -19156,6 +19159,9 @@ CVE-2020-8186 RESERVED CVE-2020-8185 RESERVED + [experimental] - rails <unfixed> + - rails <not-affected> (Introduced in rails 6.x) + NOTE: https://groups.google.com/g/rubyonrails-security/c/pAe9EV8gbM0 CVE-2020-8184 (A reliance on cookies without validation/integrity check security vuln ...) - ruby-rack <unfixed> (bug #963477) NOTE: Fixed by: https://github.com/rack/rack/commit/1f5763de6a9fe515ff84992b343d63c88104654c diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index 19e625e077..bc2188ddc2 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -51,6 +51,8 @@ rails ruby2.5/stable Utkarsh Gupta proposed to work on an update -- +squid/stable +-- squid3/oldstable -- teeworlds/stable (jmm) |