[Git][security-tracker-team/security-tracker][master] crawl bug filed
Moritz Muehlenhoff
jmm at debian.org
Sun Apr 19 22:21:26 BST 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bdbd830b by Moritz Muehlenhoff at 2020-04-19T23:21:00+02:00
crawl bug filed
various no-dsa/postponed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -68,10 +68,14 @@ CVE-2020-11881
RESERVED
CVE-2020-11880 (An issue was discovered in KDE KMail before 19.12.3. By using the prop ...)
- kmail <unfixed> (bug #958054)
+ [buster] - kmail <no-dsa> (Minor issue)
- kdepim <removed>
+ [stretch] - kdepim <no-dsa> (Minor issue)
NOTE: https://cgit.kde.org/kmail.git/commit/?id=2a348eccd352260f192d9b449492071bbf2b34b1
CVE-2020-11879 (An issue was discovered in GNOME Evolution before 3.35.91. By using th ...)
- evolution 3.36.0-1
+ [buster] - evolution <no-dsa> (Minor issue)
+ [stretch] - evolution <no-dsa> (Minor issue)
NOTE: https://gitlab.gnome.org/GNOME/evolution/issues/784
NOTE: https://gitlab.gnome.org/GNOME/evolution/-/commit/6489f20d6905cc797e2b2581c415e558c457caa7
CVE-2020-11878 (The Jitsi Meet (aka docker-jitsi-meet) stack on Docker before stable-4 ...)
@@ -720,7 +724,9 @@ CVE-2020-11725 (** DISPUTED ** snd_ctl_elem_add in sound/core/control.c in the L
CVE-2020-11723 (Cellebrite UFED 5.0 through 7.29 uses four hardcoded RSA private keys ...)
NOT-FOR-US: Cellebrite UFED
CVE-2020-11722 (Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote ...)
- - crawl <unfixed>
+ - crawl <unfixed> (bug #958232)
+ [buster] - crawl <no-dsa> (Minor issue)
+ [stretch] - crawl <no-dsa> (Minor issue)
NOTE: https://dpmendenhall.blogspot.com/2020/03/dungeon-crawl-stone-soup.html
NOTE: https://github.com/crawl/crawl/commit/768f60da87a3fa0b5561da5ade9309577c176d04
NOTE: https://github.com/crawl/crawl/commit/fc522ff6eb1bbb85e3de60c60a45762571e48c28
@@ -901,7 +907,9 @@ CVE-2020-11649
CVE-2020-11648
RESERVED
CVE-2020-11647 (In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the ...)
- - wireshark <unfixed> (bug #958213)
+ - wireshark <unfixed> (low; bug #958213)
+ [buster] - wireshark <postponed> (Can be fixed along in next 3.0.x DSA)
+ [stretch] - wireshark <postponed> (Can be fixed along in next DSA/update to 3.0)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16474
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6f56fc9496db158218243ea87e3660c874a0bab0
NOTE: https://www.wireshark.org/security/wnpa-sec-2020-07.html
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bdbd830bd74a3fc1f573e0c5bc7bf165b7b31925
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bdbd830bd74a3fc1f573e0c5bc7bf165b7b31925
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200419/a5d3fcfd/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list