[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2020-1070{0,4}/samba for 2020-04-28 release

Tue Apr 28 09:39:53 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e50c6978 by Salvatore Bonaccorso at 2020-04-27T20:52:32+02:00
Add CVE-2020-1070{0,4}/samba for 2020-04-28 release

- - - - -
ad03fd71 by Salvatore Bonaccorso at 2020-04-28T10:39:36+02:00
Merge branch 'embargoed/samba-2020-04-28'

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4995,6 +4995,9 @@ CVE-2020-10705
 	RESERVED
 CVE-2020-10704
 	RESERVED
+	- samba <unfixed>
+	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14334
+	NOTE: https://www.samba.org/samba/security/CVE-2020-10704.html
 CVE-2020-10703 [Potential denial of service via active pool without target path]
 	RESERVED
 	- libvirt 6.0.0-2
@@ -5021,6 +5024,12 @@ CVE-2020-10701 [guest agent timeout can be set under read-only mode leading to D
 	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=4cc90c2e62df653e909ad31fd810224bf8bcf913 (v6.2.0-rc1)
 CVE-2020-10700
 	RESERVED
+	- samba <unfixed>
+	[buster] - samba <not-affected> (Vulnerable code introduced later)
+	[stretch] - samba <not-affected> (Vulnerable code introduced later)
+	[jessie] - samba <not-affected> (Vulnerable code introduced later)
+	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14331
+	NOTE: https://www.samba.org/samba/security/CVE-2020-10700.html
 CVE-2020-10699 (A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51  ...)
 	- targetcli-fb <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/open-iscsi/targetcli-fb/issues/162



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/989026a5c7c079d61d127d235c56d54d82c0d215...ad03fd71ab4bbc2b864287eaeb80d7a325554c32

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/989026a5c7c079d61d127d235c56d54d82c0d215...ad03fd71ab4bbc2b864287eaeb80d7a325554c32
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200428/b71a8941/attachment.html>
