diff options
author | security tracker role <sectracker@soriano.debian.org> | 2020-08-01 20:10:24 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2020-08-01 20:10:24 +0000 |
commit | 83d467c7e31b19e827a6f18cc481ef7d7c3c6375 (patch) | |
tree | 81362b78d28060d3e42c4a043ce65d37e387394e /data | |
parent | a184110141dacccfedf8dad937854e7b3d45434a (diff) |
automatic update
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/data/CVE/list b/data/CVE/list index 0cb071ac28..66eb630fee 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,7 @@ +CVE-2020-16265 + RESERVED +CVE-2020-16264 + RESERVED CVE-2020-16263 RESERVED CVE-2020-16262 @@ -6625,7 +6629,7 @@ CVE-2020-13627 (Cross-site scripting (XSS) vulnerability allows remote attackers CVE-2020-13626 RESERVED CVE-2020-13625 (PHPMailer before 6.1.6 contains an output escaping bug when the name o ...) - {DLA-2244-1} + {DLA-2306-1 DLA-2244-1} - libphp-phpmailer 6.1.6-1 (bug #962827) [buster] - libphp-phpmailer <no-dsa> (Minor issue) NOTE: https://github.com/PHPMailer/PHPMailer/security/advisories/GHSA-f7hx-fqxw-rvvj @@ -17272,6 +17276,7 @@ CVE-2020-9926 RESERVED CVE-2020-9925 RESERVED + {DSA-4739-1} - webkit2gtk 2.28.4-1 [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) [jessie] - webkit2gtk <ignored> (Not covered by security support in jessie) @@ -17297,6 +17302,7 @@ CVE-2020-9916 RESERVED CVE-2020-9915 RESERVED + {DSA-4739-1} - webkit2gtk 2.28.4-1 [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) [jessie] - webkit2gtk <ignored> (Not covered by security support in jessie) @@ -17342,6 +17348,7 @@ CVE-2020-9896 RESERVED CVE-2020-9895 RESERVED + {DSA-4739-1} - webkit2gtk 2.28.4-1 [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) [jessie] - webkit2gtk <ignored> (Not covered by security support in jessie) @@ -17349,6 +17356,7 @@ CVE-2020-9895 NOTE: https://webkitgtk.org/security/WSA-2020-0007.html CVE-2020-9894 RESERVED + {DSA-4739-1} - webkit2gtk 2.28.4-1 [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) [jessie] - webkit2gtk <ignored> (Not covered by security support in jessie) @@ -17356,6 +17364,7 @@ CVE-2020-9894 NOTE: https://webkitgtk.org/security/WSA-2020-0007.html CVE-2020-9893 RESERVED + {DSA-4739-1} - webkit2gtk 2.28.4-1 [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) [jessie] - webkit2gtk <ignored> (Not covered by security support in jessie) @@ -17423,6 +17432,7 @@ CVE-2020-9863 RESERVED CVE-2020-9862 RESERVED + {DSA-4739-1} - webkit2gtk 2.28.4-1 [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) [jessie] - webkit2gtk <ignored> (Not covered by security support in jessie) @@ -19910,7 +19920,7 @@ CVE-2020-8840 (FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain x CVE-2020-8839 (Stored XSS was discovered on CHIYU BF-430 232/485 TCP/IP Converter dev ...) NOT-FOR-US: CHIYU BF-430 232/485 TCP/IP Converter devices CVE-2015-9542 (add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correct ...) - {DLA-2116-1} + {DLA-2304-1 DLA-2116-1} - libpam-radius-auth 1.4.0-3 (bug #951396) [buster] - libpam-radius-auth 1.4.0-3~deb10u1 NOTE: https://github.com/FreeRADIUS/pam_radius/commit/01173ec @@ -117073,7 +117083,7 @@ CVE-2018-1000546 (Triplea version <= 1.9.0.0.10291 contains a XML External En CVE-2018-1000545 REJECTED CVE-2018-1000544 (rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Tra ...) - {DLA-1467-1} + {DLA-2307-1 DLA-1467-1} - ruby-zip 1.2.2-1 (bug #902720) NOTE: https://github.com/rubyzip/rubyzip/issues/369 NOTE: Part of fixes: @@ -122847,7 +122857,7 @@ CVE-2018-10758 (The edit/ URI in Datenstrom Yellow 0.7.3 has CSRF via a delete a CVE-2018-10757 (CSP MySQL User Manager 2.3.1 allows SQL injection, and resultant Authe ...) NOT-FOR-US: CSP MySQL User Manager CVE-2018-10756 (Use-after-free in libtransmission/variant.c in Transmission before 3.0 ...) - {DLA-2218-1} + {DLA-2305-1 DLA-2218-1} - transmission 3.00-1 (bug #961461) [buster] - transmission 2.94-2+deb10u1 NOTE: https://github.com/transmission/transmission/commit/2123adf8e5e1c2b48791f9d22fc8c747e974180e (3.00) |