[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a8340982 by security tracker role at 2020-08-16T08:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2020-24362
+	RESERVED
+CVE-2020-24361 (SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, P ...)
+	TODO: check
+CVE-2020-24360
+	RESERVED
 CVE-2020-24359
 	RESERVED
 CVE-2020-24358
@@ -25270,12 +25276,12 @@ CVE-2020-12690 (An issue was discovered in OpenStack Keystone before 15.0.1, and
 	NOTE: https://bugs.launchpad.net/keystone/+bug/1873290
 	NOTE: https://www.openwall.com/lists/oss-security/2020/05/06/6
 CVE-2020-12674 (In Dovecot before 2.3.11.3, sending a specially formatted RPA request  ...)
-	{DSA-4745-1}
+	{DSA-4745-1 DLA-2328-1}
 	- dovecot 1:2.3.11.3+dfsg1-1 (bug #968302)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/08/12/3
 	NOTE: https://github.com/dovecot/core/commit/69ad3c902ea4bbf9f21ab1857d8923f975dc6145
 CVE-2020-12673 (In Dovecot before 2.3.11.3, sending a specially formatted NTLM request ...)
-	{DSA-4745-1}
+	{DSA-4745-1 DLA-2328-1}
 	- dovecot 1:2.3.11.3+dfsg1-1 (bug #968302)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/08/12/2
 	NOTE: https://github.com/dovecot/core/commit/fb246611e62ad8c5a95b0ca180a63f17aa34b0d8
@@ -26749,7 +26755,7 @@ CVE-2020-12102 (In Tiny File Manager 2.4.1, there is a Path Traversal vulnerabil
 CVE-2020-12101 (The address-management feature in xt:Commerce 5.1 to 6.2.2 allows remo ...)
 	NOT-FOR-US: xt:Commerce
 CVE-2020-12100 (In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp ...)
-	{DSA-4745-1}
+	{DSA-4745-1 DLA-2328-1}
 	- dovecot 1:2.3.11.3+dfsg1-1 (bug #968302)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/08/12/1
 	NOTE: https://github.com/dovecot/core/commit/d4bb43a08ab9ecfab7249a17279e5f773c8abaad
@@ -116182,7 +116188,7 @@ CVE-2019-0195 (Manipulating classpath asset file URLs, an attacker could guess t
 CVE-2019-0194 (Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 ...)
 	NOT-FOR-US: Apache Camel
 CVE-2019-0193 (In Apache Solr, the DataImportHandler, an optional but popular module  ...)
-	{DLA-1954-1}
+	{DLA-2327-1 DLA-1954-1}
 	- lucene-solr 3.6.2+dfsg-22 (low)
 	[buster] - lucene-solr <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-13669



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a8340982a72decb2cbe7962722ed3cf6b5c1f9b3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a8340982a72decb2cbe7962722ed3cf6b5c1f9b3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200816/2185e0dc/attachment-0001.html>