diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-07-02 21:18:25 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-07-02 21:18:25 +0200 |
commit | 46e414826c9adf405e3eb3728369663033ac82ea (patch) | |
tree | 206329f3bf52fe666150c4003f95984c6cb5acbf /data | |
parent | bf0e54145e4ec0728425e83d9d8b4e549afdd539 (diff) |
Track some update for cacti via buster-pu sync up status in CVE list
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 6 | ||||
-rw-r--r-- | data/next-point-update.txt | 8 |
2 files changed, 14 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index 9446fec9db..c48605729d 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -5509,9 +5509,13 @@ CVE-2020-13232 RESERVED CVE-2020-13231 (In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for a ...) - cacti 1.2.11+ds1-1 + [buster] - cacti <no-dsa> (Minor issue) + [stretch] - cacti <no-dsa> (Minor issue) NOTE: https://github.com/Cacti/cacti/issues/3342 CVE-2020-13230 (In Cacti before 1.2.11, disabling a user account does not immediately ...) - cacti 1.2.11+ds1-1 + [buster] - cacti <no-dsa> (Minor issue) + [stretch] - cacti <no-dsa> (Minor issue) NOTE: https://github.com/Cacti/cacti/issues/3343 CVE-2020-13229 (An issue was discovered in Sysax Multi Server 6.90. A session can be h ...) NOT-FOR-US: Sysax Multi Server @@ -21566,6 +21570,8 @@ CVE-2020-7238 (Netty 4.1.43.Final allows HTTP Request Smuggling because it misha NOTE: https://github.com/netty/netty/issues/9861#issuecomment-582307539 (same fix as CVE-2019-20445) CVE-2020-7237 (Cacti 1.2.8 allows Remote Code Execution (by privileged users) via she ...) - cacti 1.2.9+ds1-1 (bug #949997) + [buster] - cacti <no-dsa> (Minor issue) + [stretch] - cacti <no-dsa> (Minor issue) [jessie] - cacti <not-affected> (Vulnerable code introduced later) NOTE: https://github.com/Cacti/cacti/issues/3201 NOTE: https://github.com/Cacti/cacti/commit/5010719dbd160198be3e07bb994cf237e3af1308 diff --git a/data/next-point-update.txt b/data/next-point-update.txt index f29632aeb5..b718c838da 100644 --- a/data/next-point-update.txt +++ b/data/next-point-update.txt @@ -90,3 +90,11 @@ CVE-2020-5963 [buster] - nvidia-graphics-drivers-legacy-390xx 390.138-1~deb10u1 CVE-2020-5967 [buster] - nvidia-graphics-drivers-legacy-390xx 390.138-1~deb10u1 +CVE-2020-7237 + [buster] - cacti 1.2.2+ds1-2+deb10u3 +CVE-2020-7106 + [buster] - cacti 1.2.2+ds1-2+deb10u3 +CVE-2020-13230 + [buster] - cacti 1.2.2+ds1-2+deb10u3 +CVE-2020-13231 + [buster] - cacti 1.2.2+ds1-2+deb10u3 |