[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Fri Aug 7 09:10:23 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
34957123 by security tracker role at 2020-08-07T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2020-17376
+	RESERVED
+CVE-2020-17375
+	RESERVED
 CVE-2020-17374
 	RESERVED
 CVE-2020-17373
@@ -2302,24 +2306,24 @@ CVE-2020-16229 (Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. P
 	NOT-FOR-US: Advantech WebAccess
 CVE-2020-16228
 	RESERVED
-CVE-2020-16227
-	RESERVED
+CVE-2020-16227 (Delta Electronics TPEditor Versions 1.97 and prior. An improper input  ...)
+	TODO: check
 CVE-2020-16226
 	RESERVED
-CVE-2020-16225
-	RESERVED
+CVE-2020-16225 (Delta Electronics TPEditor Versions 1.97 and prior. A write-what-where ...)
+	TODO: check
 CVE-2020-16224
 	RESERVED
-CVE-2020-16223
-	RESERVED
+CVE-2020-16223 (Delta Electronics TPEditor Versions 1.97 and prior. A heap-based buffe ...)
+	TODO: check
 CVE-2020-16222
 	RESERVED
-CVE-2020-16221
-	RESERVED
+CVE-2020-16221 (Delta Electronics TPEditor Versions 1.97 and prior. A stack-based buff ...)
+	TODO: check
 CVE-2020-16220
 	RESERVED
-CVE-2020-16219
-	RESERVED
+CVE-2020-16219 (Delta Electronics TPEditor Versions 1.97 and prior. An out-of-bounds r ...)
+	TODO: check
 CVE-2020-16218
 	RESERVED
 CVE-2020-16217 (Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. A doubl ...)
@@ -3511,10 +3515,10 @@ CVE-2020-15704 [ppp ZDI-CAN-11504]
 	- ppp <not-affected> (Ubuntu-specific issue, load_ppp_generic_if_needed.patch not used in Debian)
 CVE-2020-15703
 	RESERVED
-CVE-2020-15702
-	RESERVED
-CVE-2020-15701
-	RESERVED
+CVE-2020-15702 (TOCTOU Race Condition vulnerability in apport allows a local attacker  ...)
+	TODO: check
+CVE-2020-15701 (An unhandled exception in check_ignored() in apport/report.py can be e ...)
+	TODO: check
 CVE-2020-15700 (An issue was discovered in Joomla! through 3.9.19. A missing token che ...)
 	NOT-FOR-US: Joomla!
 CVE-2020-15699 (An issue was discovered in Joomla! through 3.9.19. Missing validation  ...)
@@ -4852,8 +4856,8 @@ CVE-2020-15138
 	RESERVED
 CVE-2020-15137
 	RESERVED
-CVE-2020-15136
-	RESERVED
+CVE-2020-15136 (In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication  ...)
+	TODO: check
 CVE-2020-15135 (save-server (npm package) before version 1.05 is affected by a CSRF vu ...)
 	TODO: check
 CVE-2020-15134 (Faye before version 1.4.0, there is a lack of certification validation ...)
@@ -4908,10 +4912,10 @@ CVE-2020-15117 (In Synergy before version 1.12.0, a Synergy server can be crashe
 	NOTE: https://github.com/symless/synergy-core/security/advisories/GHSA-chfm-333q-gfpp
 CVE-2020-15116
 	RESERVED
-CVE-2020-15115
-	RESERVED
-CVE-2020-15114
-	RESERVED
+CVE-2020-15115 (etcd before versions 3.3.23 and 3.4.10 does not perform any password l ...)
+	TODO: check
+CVE-2020-15114 (In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simpl ...)
+	TODO: check
 CVE-2020-15113 (In etcd before versions 3.3.23 and 3.4.10, certain directory paths are ...)
 	TODO: check
 CVE-2020-15112 (In etcd before versions 3.3.23 and 3.4.10, it is possible to have an e ...)
@@ -12997,8 +13001,8 @@ CVE-2020-11939 (In nDPI through 3.2 Stable, the SSH protocol dissector has multi
 	NOTE: https://securitylab.github.com/advisories/GHSL-2020-051_052-ntop-ndpi
 CVE-2020-11938 (In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator ...)
 	NOT-FOR-US: JetBrains TeamCity
-CVE-2020-11937
-	RESERVED
+CVE-2020-11937 (In whoopsie, parse_report() from whoopsie.c allows a local attacker to ...)
+	TODO: check
 CVE-2020-11936
 	RESERVED
 CVE-2020-11935



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/349571232be3234399cbeb9aedf51ce45a2eb94e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/349571232be3234399cbeb9aedf51ce45a2eb94e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200807/5a865260/attachment.html>

More information about the debian-security-tracker-commits mailing list