automatic update

author: security tracker role <sectracker@soriano.debian.org> 2020-08-16 20:10:15 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2020-08-16 20:10:15 +0000
commit: 12b63c7b52670c189c8bbf24b0b9100c9101fd28 (patch)
tree: c3d9fbf9d6bb781421e426d0e35fe1deaf204443 /data/CVE
parent: 403179e1d42cbb18b207727458a6213ec501bfe7 (diff)
4 files changed, 15 insertions, 10 deletions
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index 3618739c8b..c1ae5bce59 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -1,3 +1,5 @@
+CVE-2016-11085 (php/qmn_options_questions_tab.php in the quiz-master-next plugin befor ...)
+	TODO: check
 CVE-2016-11084 (An issue was discovered in Mattermost Server before 2.1.0. It allows X ...)
 	NOT-FOR-US: Mattermost
 CVE-2016-11083 (An issue was discovered in Mattermost Server before 2.2.0. It allows X ...)
diff --git a/data/CVE/2017.list b/data/CVE/2017.list
index 7ceb3463fb..cc2c55cf3c 100644
--- a/data/CVE/2017.list
+++ b/data/CVE/2017.list
@@ -3435,7 +3435,7 @@ CVE-2017-17744 (A cross-site scripting (XSS) vulnerability in the custom-map plu
 CVE-2017-17743 (Improper input sanitization within the restricted administration shell ...)
 	NOT-FOR-US: UCOPIA Wireless Appliance
 CVE-2017-17742 (Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x befo ...)
-	{DSA-4259-1 DLA-2027-1 DLA-1421-1 DLA-1359-1 DLA-1358-1}
+	{DSA-4259-1 DLA-2330-1 DLA-2027-1 DLA-1421-1 DLA-1359-1 DLA-1358-1}
 	- jruby <unfixed>
 	- ruby2.5 2.5.1-1
 	- ruby2.3 <removed>
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 5001554571..eb51818519 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -11643,7 +11643,7 @@ CVE-2019-16257 (Some Motorola devices include the SIMalliance Toolbox Browser (a
 CVE-2019-16256 (Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T  ...)
 	NOT-FOR-US: SIMalliance Toolbox Browser
 CVE-2019-16255 (Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allow ...)
-	{DSA-4587-1 DSA-4586-1 DLA-2027-1 DLA-2007-1}
+	{DSA-4587-1 DSA-4586-1 DLA-2330-1 DLA-2027-1 DLA-2007-1}
 	- ruby2.5 2.5.7-1
 	- ruby2.3 <removed>
 	- ruby2.1 <removed>
@@ -11651,7 +11651,7 @@ CVE-2019-16255 (Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4
 	NOTE: https://www.ruby-lang.org/en/news/2019/10/01/code-injection-shell-test-cve-2019-16255/
 	NOTE: ruby2.5: https://github.com/ruby/ruby/commit/3af01ae1101e0b8815ae5a106be64b0e82a58640
 CVE-2019-16254 (Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allow ...)
-	{DSA-4587-1 DSA-4586-1 DLA-2027-1 DLA-2007-1}
+	{DSA-4587-1 DSA-4586-1 DLA-2330-1 DLA-2027-1 DLA-2007-1}
 	- ruby2.5 2.5.7-1
 	- ruby2.3 <removed>
 	- ruby2.1 <removed>
@@ -11842,7 +11842,7 @@ CVE-2019-16203 (Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expo
 CVE-2019-16202 (MISP before 2.4.115 allows privilege escalation in certain situations. ...)
 	NOT-FOR-US: MISP
 CVE-2019-16201 (WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5 ...)
-	{DSA-4587-1 DSA-4586-1 DLA-2027-1 DLA-2007-1}
+	{DSA-4587-1 DSA-4586-1 DLA-2330-1 DLA-2027-1 DLA-2007-1}
 	- ruby2.5 2.5.7-1
 	- ruby2.3 <removed>
 	- ruby2.1 <removed>
@@ -34375,7 +34375,7 @@ CVE-2019-8327
 CVE-2019-8326
 	RESERVED
 CVE-2019-8325 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since ...)
-	{DSA-4433-1 DLA-1796-1 DLA-1735-1}
+	{DSA-4433-1 DLA-2330-1 DLA-1796-1 DLA-1735-1}
 	- ruby2.5 2.5.5-1
 	- ruby2.3 <removed>
 	- ruby2.1 <removed>
@@ -34385,7 +34385,7 @@ CVE-2019-8325 (An issue was discovered in RubyGems 2.6 and later through 3.0.2.
 	NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
 	NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b
 CVE-2019-8324 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. A cra ...)
-	{DSA-4433-1 DLA-1796-1 DLA-1735-1}
+	{DSA-4433-1 DLA-2330-1 DLA-1796-1 DLA-1735-1}
 	- ruby2.5 2.5.5-1
 	- ruby2.3 <removed>
 	- ruby2.1 <removed>
@@ -34395,7 +34395,7 @@ CVE-2019-8324 (An issue was discovered in RubyGems 2.6 and later through 3.0.2.
 	NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
 	NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b
 CVE-2019-8323 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem:: ...)
-	{DSA-4433-1 DLA-1796-1 DLA-1735-1}
+	{DSA-4433-1 DLA-2330-1 DLA-1796-1 DLA-1735-1}
 	- ruby2.5 2.5.5-1
 	- ruby2.3 <removed>
 	- ruby2.1 <removed>
@@ -34405,7 +34405,7 @@ CVE-2019-8323 (An issue was discovered in RubyGems 2.6 and later through 3.0.2.
 	NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
 	NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b
 CVE-2019-8322 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. The g ...)
-	{DSA-4433-1 DLA-1796-1 DLA-1735-1}
+	{DSA-4433-1 DLA-2330-1 DLA-1796-1 DLA-1735-1}
 	- ruby2.5 2.5.5-1
 	- ruby2.3 <removed>
 	- ruby2.1 <removed>
@@ -34415,7 +34415,7 @@ CVE-2019-8322 (An issue was discovered in RubyGems 2.6 and later through 3.0.2.
 	NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
 	NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b
 CVE-2019-8321 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since ...)
-	{DSA-4433-1 DLA-1796-1}
+	{DSA-4433-1 DLA-2330-1 DLA-1796-1}
 	- ruby2.5 2.5.5-1
 	- ruby2.3 <removed>
 	- ruby2.1 <removed>
@@ -34426,7 +34426,7 @@ CVE-2019-8321 (An issue was discovered in RubyGems 2.6 and later through 3.0.2.
 	NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
 	NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b
 CVE-2019-8320 (A Directory Traversal issue was discovered in RubyGems 2.7.6 and later ...)
-	{DSA-4433-1 DLA-1735-1}
+	{DSA-4433-1 DLA-2330-1 DLA-1735-1}
 	- ruby2.5 2.5.5-1
 	- ruby2.3 <removed>
 	- ruby2.1 <removed>
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 795384d1de..892167d7bd 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1,3 +1,5 @@
+CVE-2020-24363
+	RESERVED
 CVE-2020-24362
 	RESERVED
 CVE-2020-24361 (SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, P ...)
@@ -16951,6 +16953,7 @@ CVE-2020-15954 (KDE KMail 19.12.3 (aka 5.13.3) engages in unencrypted POP3 commu
 	NOTE: kdepim-runtime: https://invent.kde.org/pim/kdepim-runtime/commit/bd64ab29116aa7318fdee7f95878ff97580162f2
 	NOTE: kmail-account-wizard: https://invent.kde.org/pim/kmail-account-wizard/commit/a64d80e523edce7d3d59c26834973418fae042f6
 CVE-2020-15953 (LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other  ...)
+	{DLA-2329-1}
 	- libetpan <unfixed> (bug #966647)
 	NOTE: https://github.com/dinhvh/libetpan/issues/386
 	NOTE: https://github.com/dinhvh/libetpan/pull/387
author	security tracker role <sectracker@soriano.debian.org>	2020-08-16 20:10:15 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2020-08-16 20:10:15 +0000
commit	12b63c7b52670c189c8bbf24b0b9100c9101fd28 (patch)
tree	c3d9fbf9d6bb781421e426d0e35fe1deaf204443 /data/CVE
parent	403179e1d42cbb18b207727458a6213ec501bfe7 (diff)