automatic update

author: security tracker role <sectracker@soriano.debian.org> 2020-02-19 08:10:23 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2020-02-19 08:10:23 +0000
commit: d1f470faa64a24c48b839d8bc1f23b5d3a387cdc (patch)
tree: 2317492b166ef0cbb97447f85b6d56327e67fba9 /data
parent: f3d4fe7818eabd361ab28e95c8f3ac7b75d0b3ce (diff)
5 files changed, 55 insertions, 17 deletions
diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index 93c797b60c..3aa891ebbd 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -8633,8 +8633,7 @@ CVE-2011-2056
 	RESERVED
 CVE-2011-2055
 	RESERVED
-CVE-2011-2054
-	RESERVED
+CVE-2011-2054 (A vulnerability in the Cisco ASA that could allow a remote attacker to ...)
 	NOT-FOR-US: ** REJECT ** CVE-2011-2054 misused as CVE-2011-2524
 CVE-2011-2053
 	RESERVED
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index 1ec2384d63..048c36e903 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -1,3 +1,5 @@
+CVE-2015-9543 (An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 1 ...)
+	TODO: check
 CVE-2015-9542 [buffer overflow in password field]
 	RESERVED
 	- libpam-radius-auth <unfixed> (bug #951396)
@@ -25274,8 +25276,8 @@ CVE-2015-0751 (Cisco IP Phone 7861, when firmware from Cisco Unified Communicati
 	NOT-FOR-US: Cisco
 CVE-2015-0750 (The administrative web interface in Cisco Hosted Collaboration Solutio ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0749
-	RESERVED
+CVE-2015-0749 (A vulnerability in Cisco Unified Communications Manager could allow an ...)
+	TODO: check
 CVE-2015-0748
 	RESERVED
 CVE-2015-0747 (Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release al ...)
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index f4a69f633d..b411fade96 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -10933,8 +10933,8 @@ CVE-2018-16996
 	RESERVED
 CVE-2018-16995
 	RESERVED
-CVE-2018-16994
-	RESERVED
+CVE-2018-16994 (An issue was discovered on PHOENIX CONTACT AXL F BK PN &lt;=1.0.4, AXL ...)
+	TODO: check
 CVE-2018-16993
 	RESERVED
 CVE-2018-16992
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 72b57c0b18..15717c3e5e 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -1,3 +1,11 @@
+CVE-2019-20478 (In ruamel.yaml through 0.16.7, the load method allows remote code exec ...)
+	TODO: check
+CVE-2019-20477 (PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and ...)
+	TODO: check
+CVE-2019-20476
+	RESERVED
+CVE-2019-20475
+	RESERVED
 CVE-2019-20474 (An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.4 ...)
 	NOT-FOR-US: Zoho ManageEngine Remote Access Plus
 CVE-2019-20473
@@ -24421,7 +24429,7 @@ CVE-2019-11052
 CVE-2019-11051
 	RESERVED
 CVE-2019-11050 (When PHP EXIF extension is parsing EXIF information from an image, e.g ...)
-	{DSA-4626-1 DLA-2050-1}
+	{DSA-4628-1 DSA-4626-1 DLA-2050-1}
 	- php7.3 <unfixed>
 	- php7.0 <removed>
 	- php5 <removed>
@@ -24436,14 +24444,14 @@ CVE-2019-11049 (In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when su
 CVE-2019-11048
 	RESERVED
 CVE-2019-11047 (When PHP EXIF extension is parsing EXIF information from an image, e.g ...)
-	{DSA-4626-1 DLA-2050-1}
+	{DSA-4628-1 DSA-4626-1 DLA-2050-1}
 	- php7.3 <unfixed>
 	- php7.0 <removed>
 	- php5 <removed>
 	NOTE: Fixed in PHP 7.4.1, 7.3.13
 	NOTE: PHP Bug: http://bugs.php.net/78910
 CVE-2019-11046 (In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP  ...)
-	{DSA-4626-1 DLA-2050-1}
+	{DSA-4628-1 DSA-4626-1 DLA-2050-1}
 	- php7.3 <unfixed>
 	- php7.0 <removed>
 	- php5 <removed>
@@ -24451,7 +24459,7 @@ CVE-2019-11046 (In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0
 	NOTE: PHP Bug: http://bugs.php.net/78878
 	NOTE: http://git.php.net/?p=php-src.git;a=patch;h=2d07f00b73d8f94099850e0f5983e1cc5817c196
 CVE-2019-11045 (In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP  ...)
-	{DSA-4626-1 DLA-2050-1}
+	{DSA-4628-1 DSA-4626-1 DLA-2050-1}
 	- php7.3 <unfixed>
 	- php7.0 <removed>
 	- php5 <removed>
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 589ec31c85..d834d6ad08 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1,3 +1,31 @@
+CVE-2020-9285
+	RESERVED
+CVE-2020-9284
+	RESERVED
+CVE-2020-9283
+	RESERVED
+CVE-2020-9282
+	RESERVED
+CVE-2020-9281
+	RESERVED
+CVE-2020-9280
+	RESERVED
+CVE-2020-9279
+	RESERVED
+CVE-2020-9278
+	RESERVED
+CVE-2020-9277
+	RESERVED
+CVE-2020-9276
+	RESERVED
+CVE-2020-9275
+	RESERVED
+CVE-2020-9274
+	RESERVED
+CVE-2020-9273
+	RESERVED
+CVE-2020-9272
+	RESERVED
 CVE-2020-9271 (ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via s ...)
 	NOT-FOR-US: ICE Hrm
 CVE-2020-9270 (ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via  ...)
@@ -551,7 +579,7 @@ CVE-2020-8999
 	RESERVED
 CVE-2020-8998
 	REJECTED
-CVE-2020-8997 (Abbott FreeStyle Libre 14-day before February 2020 and FreeStyle Libre ...)
+CVE-2020-8997 (Older generation Abbott FreeStyle Libre sensors allow remote attackers ...)
 	NOT-FOR-US: Abbott FreeStyle Libre
 CVE-2020-8996 (AnyShare Cloud 6.0.9 allows authenticated directory traversal to read  ...)
 	NOT-FOR-US: AnyShare Cloud
@@ -1291,8 +1319,8 @@ CVE-2020-8635
 	RESERVED
 CVE-2020-8634
 	RESERVED
-CVE-2020-8633
-	RESERVED
+CVE-2020-8633 (An issue was discovered in Zimbra Collaboration Suite (ZCS) before 8.8 ...)
+	TODO: check
 CVE-2020-8632 (In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_ ...)
 	- cloud-init 19.4-2 (bug #951363)
 	[buster] - cloud-init <no-dsa> (Minor issue)
@@ -3076,8 +3104,8 @@ CVE-2020-7798
 	RESERVED
 CVE-2020-7797
 	RESERVED
-CVE-2020-7796
-	RESERVED
+CVE-2020-7796 (Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF whe ...)
+	TODO: check
 CVE-2020-7795
 	RESERVED
 CVE-2020-7794
@@ -3729,6 +3757,7 @@ CVE-2020-7473
 CVE-2020-7472
 	RESERVED
 CVE-2020-7471 (Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 al ...)
+	{DSA-4629-1}
 	- python-django 2:2.2.10-1 (bug #950581)
 	[jessie] - python-django <not-affected> (Vulnerable code introduced in Django ~1.9)
 	NOTE: https://www.djangoproject.com/weblog/2020/feb/03/security-releases/
@@ -4593,7 +4622,7 @@ CVE-2020-7062
 CVE-2020-7061
 	RESERVED
 CVE-2020-7060 (When using certain mbstring functions to convert multibyte encodings,  ...)
-	{DSA-4626-1}
+	{DSA-4628-1 DSA-4626-1}
 	- php7.4 7.4.2-7
 	- php7.3 <unfixed>
 	- php7.0 <removed>
@@ -4601,7 +4630,7 @@ CVE-2020-7060 (When using certain mbstring functions to convert multibyte encodi
 	NOTE: Fixed in PHP 7.4.2, 7.3.14, 7.2.27
 	NOTE: PHP Bug: http://bugs.php.net/79037
 CVE-2020-7059 (When using fgetss() function to read data with stripping tags, in PHP  ...)
-	{DSA-4626-1}
+	{DSA-4628-1 DSA-4626-1}
 	- php7.4 7.4.2-7
 	- php7.3 <unfixed>
 	- php7.0 <removed>
author	security tracker role <sectracker@soriano.debian.org>	2020-02-19 08:10:23 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2020-02-19 08:10:23 +0000
commit	d1f470faa64a24c48b839d8bc1f23b5d3a387cdc (patch)
tree	2317492b166ef0cbb97447f85b6d56327e67fba9 /data
parent	f3d4fe7818eabd361ab28e95c8f3ac7b75d0b3ce (diff)