From 7e9cbe7e5b20fddf3f39595fd724499c67cb1a1b Mon Sep 17 00:00:00 2001
From: security tracker role <sectracker@soriano.debian.org>
Date: Sat, 6 Jun 2020 20:10:22 +0000
Subject: automatic update

---
 data/CVE/list.2020 | 35 ++++++++++++++++++++++++++++++++++-
 1 file changed, 34 insertions(+), 1 deletion(-)

diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index c0bad70721..34715cdcac 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -1,4 +1,34 @@
-CVE-2020-13871 [use-after-free in resetAccumulator]
+CVE-2020-13886
+	RESERVED
+CVE-2020-13885
+	RESERVED
+CVE-2020-13884
+	RESERVED
+CVE-2020-13883 (In WSO2 API Manager 3.0.0 and earlier, WSO2 API Microgateway 2.2.0, an ...)
+	TODO: check
+CVE-2020-13882
+	RESERVED
+CVE-2020-13881 (In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared se ...)
+	TODO: check
+CVE-2020-13880
+	RESERVED
+CVE-2020-13879
+	RESERVED
+CVE-2020-13878
+	RESERVED
+CVE-2020-13877
+	RESERVED
+CVE-2020-13876
+	RESERVED
+CVE-2020-13875
+	RESERVED
+CVE-2020-13874
+	RESERVED
+CVE-2020-13873
+	RESERVED
+CVE-2020-13872
+	RESERVED
+CVE-2020-13871 (SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c bec ...)
 	- sqlite3 3.32.2-2
 	NOTE: Fixed by: https://www.sqlite.org/src/info/79eff1d0383179c4
 	NOTE: https://www.sqlite.org/src/info/c8d3b9f0a750a529
@@ -223,6 +253,7 @@ CVE-2020-13779
 CVE-2020-13778
 	RESERVED
 CVE-2020-13777 (GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting  ...)
+	{DSA-4697-1}
 	- gnutls28 3.6.14-1 (bug #962289)
 	[stretch] - gnutls28 <not-affected> (Vulnerable code introduced in 3.6.4)
 	[jessie] - gnutls28 <not-affected> (Vulnerable code introduced in 3.6.4)
@@ -6405,6 +6436,7 @@ CVE-2020-11082 (In Kaminari before 1.2.1, there is a vulnerability that would al
 CVE-2020-11081
 	RESERVED
 CVE-2020-11080 (In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS fra ...)
+	{DSA-4696-1}
 	- nodejs 10.21.0~dfsg-1 (bug #962145)
 	[stretch] - nodejs <ignored> (Nodejs in stretch not covered by security support)
 	[jessie] - nodejs <end-of-life> (Nodejs in jessie not covered by security support)
@@ -13142,6 +13174,7 @@ CVE-2020-8175
 	RESERVED
 CVE-2020-8174 [napi_get_value_string_*() allows various kinds of memory corruption]
 	RESERVED
+	{DSA-4696-1}
 	- nodejs 10.21.0~dfsg-1 (bug #962145)
 	[stretch] - nodejs <ignored> (Nodejs in stretch not covered by security support)
 	[jessie] - nodejs <end-of-life> (Nodejs in jessie not covered by security support)
-- 
cgit v1.2.3