[Git][security-tracker-team/security-tracker][master] 2 commits: mark nim CVEs as no-dsa

Thorsten Alteholz alteholz at debian.org
Mon Aug 24 22:24:20 BST 2020



Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c471acdf by Thorsten Alteholz at 2020-08-24T23:21:06+02:00
mark nim CVEs as no-dsa

- - - - -
f7d26275 by Thorsten Alteholz at 2020-08-24T23:23:04+02:00
ignore CVE-2020-13124 of sabnzbdplus as it is in contrib

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18192,12 +18192,15 @@ CVE-2020-15695 (An issue was discovered in Joomla! through 3.9.19. A missing tok
 CVE-2020-15694 (In Nim 1.2.4, the standard library httpClient fails to properly valida ...)
 	- nim 1.2.6-1
 	[buster] - nim <no-dsa> (Minor issue)
+	[stretch] - nim <no-dsa> (Minor issue)
 CVE-2020-15693 (In Nim 1.2.4, the standard library httpClient is vulnerable to a CR-LF ...)
 	- nim 1.2.6-1
 	[buster] - nim <no-dsa> (Minor issue)
+	[stretch] - nim <no-dsa> (Minor issue)
 CVE-2020-15692 (In Nim 1.2.4, the standard library browsers mishandles the URL argumen ...)
 	- nim 1.2.6-1
 	[buster] - nim <no-dsa> (Minor issue)
+	[stretch] - nim <no-dsa> (Minor issue)
 CVE-2020-15691
 	RESERVED
 CVE-2020-15690
@@ -24785,6 +24788,7 @@ CVE-2020-13125 (An issue was discovered in the "Ultimate Addons for Elementor" p
 CVE-2020-13124 (SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in ...)
 	- sabnzbdplus <unfixed>
 	[buster] - sabnzbdplus <no-dsa> (Minor update, can be fixed via point release, contrib not supported)
+	[stretch] - sabnzbdplus <ignored> (contrib not supported)
 	NOTE: https://github.com/sabnzbd/sabnzbd/security/advisories/GHSA-9x87-96gg-33w2
 	NOTE: https://github.com/sabnzbd/sabnzbd/commit/dfcba6e2fb37f58fea06b453b1ba258c7f110429
 	NOTE: https://github.com/sabnzbd/sabnzbd/commit/73d3f7b5c248fc369de3454fe53e3e93924ebfe3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/93edc9ba7c7de6c174204560b5f853994f9db9d9...f7d2627520fd6a36d05e856788054cbe0ab4c0dd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/93edc9ba7c7de6c174204560b5f853994f9db9d9...f7d2627520fd6a36d05e856788054cbe0ab4c0dd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200824/757b4059/attachment.html>


More information about the debian-security-tracker-commits mailing list