[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat Aug 15 21:10:30 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dde954ff by security tracker role at 2020-08-15T20:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17182,7 +17182,7 @@ CVE-2020-15863 (hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 0
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=5519724a13664b43e225ca05351c60b4468e4555
 CVE-2020-15861 [Elevation of Privileges due to symlink handling]
 	RESERVED
-	{DLA-2313-1}
+	{DSA-4746-1 DLA-2313-1}
 	- net-snmp 5.8+dfsg-5 (bug #966599)
 	NOTE: https://github.com/net-snmp/net-snmp/issues/145
 	NOTE: https://github.com/net-snmp/net-snmp/commit/4fd9a450444a434a993bc72f7c3486ccce41f602
@@ -17282,7 +17282,7 @@ CVE-2020-15817 (In JetBrains YouTrack before 2020.1.1331, an external user could
 	NOT-FOR-US: JetBrains YouTrack
 CVE-2020-15862 [privilege escalation]
 	RESERVED
-	{DLA-2299-1}
+	{DSA-4746-1 DLA-2299-1}
 	- net-snmp 5.8+dfsg-4 (bug #965166)
 	NOTE: The commit https://github.com/net-snmp/net-snmp/commit/c2b96ee744392243782094432f657ded4e985a07
 	NOTE: disables NET-SNMP-EXTEND-MIB support by default. But it is still
@@ -44488,6 +44488,7 @@ CVE-2020-5531 (Mitsubishi Electric MELSEC C Controller Module and MELIPC Series
 CVE-2020-5530 (Cross-site request forgery (CSRF) vulnerability in Easy Property Listi ...)
 	NOT-FOR-US: Easy Property Listings plugin for WordPress
 CVE-2020-5529 (HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. Html ...)
+	{DLA-2326-1}
 	- htmlunit <removed>
 	NOTE: https://github.com/HtmlUnit/htmlunit/commit/934390fefcd2cd58e6d86f2bc19d811ae17bfa28
 CVE-2020-5528 (Cross-site scripting vulnerability in Movable Type series (Movable Typ ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dde954ffd1f3f6aca07e4f47409725bd39794486

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dde954ffd1f3f6aca07e4f47409725bd39794486
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200815/4e2cee7f/attachment.html>

More information about the debian-security-tracker-commits mailing list