diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2020-08-01 20:10:24 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2020-08-01 20:10:24 +0000 |
| commit | eecf52edead3ca192cc921eab15a8498403d697e (patch) | |
| tree | d0182a71b2896ae79c264aa865632c46675102c0 /data | |
| parent | e9efaa971d4998fa006eebdc091858d6ca72254a (diff) | |
automatic update
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/2015.list | 2 | ||||
| -rw-r--r-- | data/CVE/2018.list | 4 | ||||
| -rw-r--r-- | data/CVE/2020.list | 12 |
3 files changed, 14 insertions, 4 deletions
diff --git a/data/CVE/2015.list b/data/CVE/2015.list index 2bca22126d..483e41bcda 100644 --- a/data/CVE/2015.list +++ b/data/CVE/2015.list @@ -16,7 +16,7 @@ CVE-2015-9543 (An issue was discovered in OpenStack Nova before 18.2.4, 19.x bef NOTE: https://launchpad.net/bugs/1492140 NOTE: https://review.opendev.org/220622 CVE-2015-9542 (add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correct ...) - {DLA-2116-1} + {DLA-2304-1 DLA-2116-1} - libpam-radius-auth 1.4.0-3 (bug #951396) [buster] - libpam-radius-auth 1.4.0-3~deb10u1 NOTE: https://github.com/FreeRADIUS/pam_radius/commit/01173ec diff --git a/data/CVE/2018.list b/data/CVE/2018.list index 733492ac28..8f908f58c7 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -22612,7 +22612,7 @@ CVE-2018-1000546 (Triplea version <= 1.9.0.0.10291 contains a XML External En CVE-2018-1000545 REJECTED CVE-2018-1000544 (rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Tra ...) - {DLA-1467-1} + {DLA-2307-1 DLA-1467-1} - ruby-zip 1.2.2-1 (bug #902720) NOTE: https://github.com/rubyzip/rubyzip/issues/369 NOTE: Part of fixes: @@ -28137,7 +28137,7 @@ CVE-2018-10758 (The edit/ URI in Datenstrom Yellow 0.7.3 has CSRF via a delete a CVE-2018-10757 (CSP MySQL User Manager 2.3.1 allows SQL injection, and resultant Authe ...) NOT-FOR-US: CSP MySQL User Manager CVE-2018-10756 (Use-after-free in libtransmission/variant.c in Transmission before 3.0 ...) - {DLA-2218-1} + {DLA-2305-1 DLA-2218-1} - transmission 3.00-1 (bug #961461) [buster] - transmission 2.94-2+deb10u1 NOTE: https://github.com/transmission/transmission/commit/2123adf8e5e1c2b48791f9d22fc8c747e974180e (3.00) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index f86a842057..9e134844c1 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,3 +1,7 @@ +CVE-2020-16265 + RESERVED +CVE-2020-16264 + RESERVED CVE-2020-16263 RESERVED CVE-2020-16262 @@ -6108,7 +6112,7 @@ CVE-2020-13627 (Cross-site scripting (XSS) vulnerability allows remote attackers CVE-2020-13626 RESERVED CVE-2020-13625 (PHPMailer before 6.1.6 contains an output escaping bug when the name o ...) - {DLA-2244-1} + {DLA-2306-1 DLA-2244-1} - libphp-phpmailer 6.1.6-1 (bug #962827) [buster] - libphp-phpmailer <no-dsa> (Minor issue) NOTE: https://github.com/PHPMailer/PHPMailer/security/advisories/GHSA-f7hx-fqxw-rvvj @@ -15084,6 +15088,7 @@ CVE-2020-9926 RESERVED CVE-2020-9925 RESERVED + {DSA-4739-1} - webkit2gtk 2.28.4-1 [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) [jessie] - webkit2gtk <ignored> (Not covered by security support in jessie) @@ -15109,6 +15114,7 @@ CVE-2020-9916 RESERVED CVE-2020-9915 RESERVED + {DSA-4739-1} - webkit2gtk 2.28.4-1 [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) [jessie] - webkit2gtk <ignored> (Not covered by security support in jessie) @@ -15154,6 +15160,7 @@ CVE-2020-9896 RESERVED CVE-2020-9895 RESERVED + {DSA-4739-1} - webkit2gtk 2.28.4-1 [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) [jessie] - webkit2gtk <ignored> (Not covered by security support in jessie) @@ -15161,6 +15168,7 @@ CVE-2020-9895 NOTE: https://webkitgtk.org/security/WSA-2020-0007.html CVE-2020-9894 RESERVED + {DSA-4739-1} - webkit2gtk 2.28.4-1 [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) [jessie] - webkit2gtk <ignored> (Not covered by security support in jessie) @@ -15168,6 +15176,7 @@ CVE-2020-9894 NOTE: https://webkitgtk.org/security/WSA-2020-0007.html CVE-2020-9893 RESERVED + {DSA-4739-1} - webkit2gtk 2.28.4-1 [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) [jessie] - webkit2gtk <ignored> (Not covered by security support in jessie) @@ -15235,6 +15244,7 @@ CVE-2020-9863 RESERVED CVE-2020-9862 RESERVED + {DSA-4739-1} - webkit2gtk 2.28.4-1 [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) [jessie] - webkit2gtk <ignored> (Not covered by security support in jessie) |