diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2020-04-29 23:14:20 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2020-04-29 23:14:20 +0200 |
commit | d36c36795673e4dff772e25ab36ffc34a738dd89 (patch) | |
tree | 6c2be1cf6df4834f32e6b66ccfa21218947616e3 /data | |
parent | d81fab9f41ee196e87ef459db533cc0a8630e8a7 (diff) |
node-mongodb spu
samba postponed
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 4 | ||||
-rw-r--r-- | data/next-point-update.txt | 4 |
2 files changed, 8 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index 52a7fec6d4..4184a71f57 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -5405,6 +5405,8 @@ CVE-2020-10705 CVE-2020-10704 RESERVED - samba <unfixed> + [buster] - samba <postponed> (Can be fixed along in future DSA) + [stretch] - samba <postponed> (Can be fixed along in future DSA) NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14334 NOTE: https://www.samba.org/samba/security/CVE-2020-10704.html CVE-2020-10703 [Potential denial of service via active pool without target path] @@ -12610,6 +12612,7 @@ CVE-2020-7611 (All versions of io.micronaut:micronaut-http-client before 1.2.11 CVE-2020-7610 (All versions of bson before 1.1.4 are vulnerable to Deserialization of ...) [experimental] - node-mongodb 3.5.5+~cs11.12.19-1 - node-mongodb 3.5.6+~cs11.12.19-1 + [buster] - node-mongodb <no-dsa> (Minor issue) NOTE: Fixed in js-bson v1.1.4 included in 3.5.5+~cs11.12.19 NOTE: https://snyk.io/vuln/SNYK-JS-BSON-561052 NOTE: https://github.com/mongodb/js-bson/commit/3809c1313a7b2a8001065f0271199df9fa3d16a8 @@ -81801,6 +81804,7 @@ CVE-2019-2392 CVE-2019-2391 (Incorrect parsing of certain JSON input may result in js-bson not corr ...) [experimental] - node-mongodb 3.5.5+~cs11.12.19-1 - node-mongodb 3.5.6+~cs11.12.19-1 + [buster] - node-mongodb <no-dsa> (Minor issue) NOTE: Fixed in js-bson v1.1.4 included in 3.5.5+~cs11.12.19 CVE-2019-2390 (An unprivileged user or program on Microsoft Windows which can create ...) NOT-FOR-US: Microsoft diff --git a/data/next-point-update.txt b/data/next-point-update.txt index 26c71522db..1ec37a39be 100644 --- a/data/next-point-update.txt +++ b/data/next-point-update.txt @@ -122,3 +122,7 @@ CVE-2020-9383 [buster] - linux 4.19.118-1 CVE-2019-19046 [buster] - linux 4.19.118-1 +CVE-2020-7610 + [buster] - node-mongodb 3.1.13+~3.1.11-2+deb10u1 +CVE-2019-2391 + [buster] - node-mongodb 3.1.13+~3.1.11-2+deb10u1 |