diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2020-07-14 18:08:51 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2020-07-14 18:08:51 +0200 |
commit | f5565e7ef2599faa3e60703e8e0263c2872f285c (patch) | |
tree | cfb5652f0df75cb41ef2abd7201c01a510e3cf26 /data | |
parent | 880a0d0a9652c9339658accd7848a4bd68adb761 (diff) |
buster triage
mark one wp issue as undetermined, no actionable information except some second hand media reports
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 5 | ||||
-rw-r--r-- | data/dsa-needed.txt | 2 |
2 files changed, 5 insertions, 2 deletions
diff --git a/data/CVE/list b/data/CVE/list index d19c4985cf..b602652318 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -12765,6 +12765,7 @@ CVE-2020-11021 (Actions Http-Client (NPM @actions/http-client) before version 1. NOT-FOR-US: Actions Http-Client CVE-2020-11020 (Faye (NPM, RubyGem) versions greater than 0.5.0 and before 1.0.4, 1.1. ...) - ruby-faye <unfixed> (bug #959392) + [buster] - ruby-faye <no-dsa> (Minor issue) NOTE: https://github.com/faye/faye/security/advisories/GHSA-qpg4-4w7w-2mq5 NOTE: https://github.com/faye/faye/commit/65d297d341b607f3cb0b5fa6021a625a991cc30e CVE-2020-11019 (In FreeRDP less than or equal to 2.0.0, when running with logger set t ...) @@ -13834,6 +13835,7 @@ CVE-2020-10731 RESERVED CVE-2020-10730 (A NULL pointer dereference, or possible use-after-free flaw was found ...) - ldb 2:2.1.4-1 + [buster] - ldb <no-dsa> (Minor issue) - samba 2:4.12.5+dfsg-1 [buster] - samba <postponed> (Minor issue, fix along in next DSA) [stretch] - ldb <not-affected> (Vulnerable code introduced later) @@ -105388,8 +105390,7 @@ CVE-2018-1000801 (okular version 18.08 and earlier contains a Directory Traversa CVE-2018-1000800 (zephyr-rtos version 1.12.0 contains a NULL base pointer reference vuln ...) NOT-FOR-US: zephyr-rtos CVE-2018-1000773 (WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation ...) - - wordpress <unfixed> - [jessie] - wordpress <postponed> (cf. CVE-2017-1000600) + - wordpress <undetermined> NOTE: This CVE exists due to an incomplete fix in 4.9 for CVE-2017-1000600. CVE-2018-1000673 REJECTED diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index 42399b4585..39e3876209 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -41,6 +41,8 @@ squid (jmm) -- teeworlds (jmm) -- +tomcat9 +-- xcftools Hugo proposed to work on this update -- |