diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2020-03-02 08:10:13 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2020-03-02 08:10:13 +0000 |
| commit | 283adbb42dd88d2d00bcffc4c3767a77eb34e89c (patch) | |
| tree | 6f1528e9926e92ce0c50e71040e65682c8b6c6d9 | |
| parent | 31274078ac173fe3d6c1ec14c800e3911a8917c4 (diff) | |
automatic update
| -rw-r--r-- | data/CVE/2013.list | 2 | ||||
| -rw-r--r-- | data/CVE/2014.list | 1 | ||||
| -rw-r--r-- | data/CVE/2018.list | 1 | ||||
| -rw-r--r-- | data/CVE/2019.list | 5 | ||||
| -rw-r--r-- | data/CVE/2020.list | 178 |
5 files changed, 163 insertions, 24 deletions
diff --git a/data/CVE/2013.list b/data/CVE/2013.list index 0f715c5ea5..ca542c4551 100644 --- a/data/CVE/2013.list +++ b/data/CVE/2013.list @@ -1,3 +1,5 @@ +CVE-2013-7487 + RESERVED CVE-2013-7486 (Cross-site scripting (XSS) vulnerability in the backend in Open-Xchang ...) NOT-FOR-US: Open-Xchange App Suite CVE-2013-7485 (Cross-site scripting (XSS) vulnerability in the backend in Open-Xchang ...) diff --git a/data/CVE/2014.list b/data/CVE/2014.list index 5f0b221a0e..9a155c969c 100644 --- a/data/CVE/2014.list +++ b/data/CVE/2014.list @@ -11130,6 +11130,7 @@ CVE-2014-6264 CVE-2014-6263 RESERVED CVE-2014-6262 (Multiple format string vulnerabilities in the python module in RRDtool ...) + {DLA-2131-1} - rrdtool 1.5.4-1 NOTE: https://github.com/oetiker/rrdtool-1.x/pull/532 NOTE: https://github.com/oetiker/rrdtool-1.x/commit/64ed5314af1255ab6dded45f70b39cdeab5ae2ec (v1.5.0-rc1) diff --git a/data/CVE/2018.list b/data/CVE/2018.list index 05574836b2..0792899b19 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -2944,6 +2944,7 @@ CVE-2018-20075 CVE-2018-20074 RESERVED CVE-2018-20073 (Use of extended attributes in downloads in Google Chrome prior to 72.0 ...) + {DSA-4395-1} - chromium 72.0.3626.81-1 (low) CVE-2018-20072 RESERVED diff --git a/data/CVE/2019.list b/data/CVE/2019.list index fdb43a890e..218caea23c 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -1,3 +1,5 @@ +CVE-2019-20485 + RESERVED CVE-2019-20484 RESERVED CVE-2019-20483 @@ -8609,8 +8611,7 @@ CVE-2019-17028 REJECTED CVE-2019-17027 REJECTED -CVE-2019-17026 - RESERVED +CVE-2019-17026 (Incorrect alias information in IonMonkey JIT compiler for setting arra ...) {DSA-4603-1 DSA-4600-1 DLA-2093-1 DLA-2071-1} - firefox 72.0.1-1 (bug #948452) - firefox-esr 68.4.1esr-1 diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 6cec65f47c..eeb67606a5 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,3 +1,147 @@ +CVE-2020-9550 + RESERVED +CVE-2020-9549 (In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bou ...) + TODO: check +CVE-2020-9548 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...) + TODO: check +CVE-2020-9547 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...) + TODO: check +CVE-2020-9546 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...) + TODO: check +CVE-2020-9545 (Pale Moon 28.8.x before 28.8.4 has a segmentation fault related to mod ...) + TODO: check +CVE-2020-9544 + RESERVED +CVE-2020-9543 + RESERVED +CVE-2020-9542 + RESERVED +CVE-2020-9541 + RESERVED +CVE-2020-9540 (Sophos HitmanPro.Alert before build 861 allows local elevation of priv ...) + TODO: check +CVE-2020-9539 + RESERVED +CVE-2020-9538 + RESERVED +CVE-2020-9537 + RESERVED +CVE-2020-9536 + RESERVED +CVE-2020-9535 (fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overfl ...) + TODO: check +CVE-2020-9534 (fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overfl ...) + TODO: check +CVE-2020-9533 + RESERVED +CVE-2020-9532 + RESERVED +CVE-2020-9531 + RESERVED +CVE-2020-9530 + RESERVED +CVE-2020-9529 + RESERVED +CVE-2020-9528 + RESERVED +CVE-2020-9527 + RESERVED +CVE-2020-9526 + RESERVED +CVE-2020-9525 + RESERVED +CVE-2020-9524 + RESERVED +CVE-2020-9523 + RESERVED +CVE-2020-9522 + RESERVED +CVE-2020-9521 + RESERVED +CVE-2020-9520 + RESERVED +CVE-2020-9519 + RESERVED +CVE-2020-9518 + RESERVED +CVE-2020-9517 + RESERVED +CVE-2020-9516 + RESERVED +CVE-2020-9515 + RESERVED +CVE-2020-9514 + RESERVED +CVE-2020-9513 + RESERVED +CVE-2020-9512 + RESERVED +CVE-2020-9511 + RESERVED +CVE-2020-9510 + RESERVED +CVE-2020-9509 + RESERVED +CVE-2020-9508 + RESERVED +CVE-2020-9507 + RESERVED +CVE-2020-9506 + RESERVED +CVE-2020-9505 + RESERVED +CVE-2020-9504 + RESERVED +CVE-2020-9503 + RESERVED +CVE-2020-9502 + RESERVED +CVE-2020-9501 + RESERVED +CVE-2020-9500 + RESERVED +CVE-2020-9499 + RESERVED +CVE-2020-9498 + RESERVED +CVE-2020-9497 + RESERVED +CVE-2020-9496 + RESERVED +CVE-2020-9495 + RESERVED +CVE-2020-9494 + RESERVED +CVE-2020-9493 + RESERVED +CVE-2020-9492 + RESERVED +CVE-2020-9491 + RESERVED +CVE-2020-9490 + RESERVED +CVE-2020-9489 + RESERVED +CVE-2020-9488 + RESERVED +CVE-2020-9487 + RESERVED +CVE-2020-9486 + RESERVED +CVE-2020-9485 + RESERVED +CVE-2020-9484 + RESERVED +CVE-2020-9483 + RESERVED +CVE-2020-9482 + RESERVED +CVE-2020-9481 + RESERVED +CVE-2020-9480 + RESERVED +CVE-2020-9479 + RESERVED CVE-2020-9478 RESERVED CVE-2020-9477 @@ -5737,12 +5881,10 @@ CVE-2020-6804 (A reflected XSS vulnerability exists within the gateway, allowing TODO: check CVE-2020-6803 (An open redirect is present on the gateway's login page, which could c ...) TODO: check -CVE-2020-6801 - RESERVED +CVE-2020-6801 (Mozilla developers reported memory safety bugs present in Firefox 72. ...) - firefox 73.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6801 -CVE-2020-6800 - RESERVED +CVE-2020-6800 (Mozilla developers and community members reported memory safety bugs p ...) {DSA-4625-1 DSA-4620-1 DLA-2104-1 DLA-2102-1} - firefox 73.0-1 - firefox-esr 68.5.0esr-1 @@ -5750,14 +5892,12 @@ CVE-2020-6800 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6800 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6800 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6800 -CVE-2020-6799 - RESERVED +CVE-2020-6799 (Command line arguments could have been injected during Firefox invocat ...) - firefox <not-affected> (Only affects Windows) - firefox-esr <not-affected> (Only affects Windows) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6799 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6799 -CVE-2020-6798 - RESERVED +CVE-2020-6798 (If a template tag was used in a select tag, the parser could be confus ...) {DSA-4625-1 DSA-4620-1 DLA-2104-1 DLA-2102-1} - firefox 73.0-1 - firefox-esr 68.5.0esr-1 @@ -5765,38 +5905,32 @@ CVE-2020-6798 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6798 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6798 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6798 -CVE-2020-6797 - RESERVED +CVE-2020-6797 (By downloading a file with the .fileloc extension, a semi-privileged e ...) - firefox <not-affected> (Only affects Mac OSX) - firefox-esr <not-affected> (Only affects Mac OSX) - thunderbird <not-affected> (Only affects Mac OSX) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6797 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6797 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6797 -CVE-2020-6796 - RESERVED +CVE-2020-6796 (A content process could have modified shared memory relating to crash ...) {DSA-4620-1 DLA-2102-1} - firefox 73.0-1 - firefox-esr 68.5.0esr-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6796 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6796 -CVE-2020-6795 - RESERVED +CVE-2020-6795 (When processing a message that contains multiple S/MIME signatures, a ...) {DSA-4625-1 DLA-2104-1} - thunderbird 1:68.5.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6795 -CVE-2020-6794 - RESERVED +CVE-2020-6794 (If a user saved passwords before Thunderbird 60 and then later set a m ...) {DSA-4625-1 DLA-2104-1} - thunderbird 1:68.5.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6794 -CVE-2020-6793 - RESERVED +CVE-2020-6793 (When processing an email message with an ill-formed envelope, Thunderb ...) {DSA-4625-1 DLA-2104-1} - thunderbird 1:68.5.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6793 -CVE-2020-6792 - RESERVED +CVE-2020-6792 (When deriving an identifier for an email message, uninitialized memory ...) {DSA-4625-1 DLA-2104-1} - thunderbird 1:68.5.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6792 @@ -8393,8 +8527,8 @@ CVE-2020-5541 RESERVED CVE-2020-5540 RESERVED -CVE-2020-5539 - RESERVED +CVE-2020-5539 (GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and Ver.3.0 do no ...) + TODO: check CVE-2020-5538 RESERVED CVE-2020-5537 |