[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
587170d9 by security tracker role at 2020-04-22T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,21 @@
+CVE-2020-12058
+	RESERVED
+CVE-2020-12057
+	RESERVED
+CVE-2020-12056
+	RESERVED
+CVE-2020-12055
+	RESERVED
+CVE-2020-12054
+	RESERVED
+CVE-2020-12053
+	RESERVED
+CVE-2020-12052
+	RESERVED
+CVE-2020-12051 (The CentralAuth extension through REL1_34 for MediaWiki allows remote  ...)
+	TODO: check
+CVE-2020-12050
+	RESERVED
 CVE-2020-12049
 	RESERVED
 CVE-2020-12048
@@ -410,24 +428,24 @@ CVE-2018-21150
 	RESERVED
 CVE-2018-21149
 	RESERVED
-CVE-2018-21148
-	RESERVED
-CVE-2018-21147
-	RESERVED
-CVE-2018-21146
-	RESERVED
-CVE-2018-21145
-	RESERVED
-CVE-2018-21144
-	RESERVED
-CVE-2018-21143
-	RESERVED
+CVE-2018-21148 (Certain NETGEAR devices are affected by a stack-based buffer overflow  ...)
+	TODO: check
+CVE-2018-21147 (Certain NETGEAR devices are affected by a stack-based buffer overflow  ...)
+	TODO: check
+CVE-2018-21146 (Certain NETGEAR devices are affected by command injection by an authen ...)
+	TODO: check
+CVE-2018-21145 (Certain NETGEAR devices are affected by a stack-based buffer overflow  ...)
+	TODO: check
+CVE-2018-21144 (Certain NETGEAR devices are affected by a stack-based buffer overflow  ...)
+	TODO: check
+CVE-2018-21143 (NETGEAR GS810EMX devices before 1.0.0.5 are affected by disclosure of  ...)
+	TODO: check
 CVE-2018-21142
 	RESERVED
-CVE-2018-21141
-	RESERVED
-CVE-2018-21140
-	RESERVED
+CVE-2018-21141 (Certain NETGEAR devices are affected by denial of service. This affect ...)
+	TODO: check
+CVE-2018-21140 (Certain NETGEAR devices are affected by incorrect configuration of sec ...)
+	TODO: check
 CVE-2018-21139
 	RESERVED
 CVE-2018-21138
@@ -16889,8 +16907,7 @@ CVE-2020-5303 (Tendermint before versions 0.33.3, 0.32.10, and 0.31.12 has a den
 	NOT-FOR-US: Tendermint
 CVE-2020-5302 (MH-WikiBot (an IRC Bot for interacting with the Miraheze API), had a b ...)
 	NOT-FOR-US: MH-WikiBot
-CVE-2020-5301 [Fix source code disclosure on case-insensitive file systems. See SSPSA 202004-01.]
-	RESERVED
+CVE-2020-5301 (SimpleSAMLphp versions before 1.18.6 contain an information disclosure ...)
 	- simplesamlphp <not-affected> (Windows-only issue)
 CVE-2020-5300 (In Hydra (an OAuth2 Server and OpenID Certified™ OpenID Connect  ...)
 	NOT-FOR-US: ORY Hydra
@@ -20290,8 +20307,8 @@ CVE-2019-20104 (The OpenID client application in Atlassian Crowd before version
 	NOT-FOR-US: Atlassian
 CVE-2019-20103
 	RESERVED
-CVE-2019-20102
-	RESERVED
+CVE-2019-20102 (The attachment-uploading feature in Atlassian Confluence Server from v ...)
+	TODO: check
 CVE-2019-20101
 	RESERVED
 CVE-2019-20100 (The Atlassian Application Links plugin is vulnerable to cross-site req ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/587170d93a7e825f8b2568390bcb54268b8377f2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/587170d93a7e825f8b2568390bcb54268b8377f2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200422/ff741def/attachment.html>