[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Mon Aug 31 09:10:28 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
41b7929a by security tracker role at 2020-08-31T08:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2020-25033 (The Blubrry subscribe-sidebar (aka Subscribe Sidebar) plugin 1.3.1 for ...)
+ TODO: check
+CVE-2020-25032 (An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) ...)
+ TODO: check
+CVE-2020-25031 (checkinstall 1.6.2, when used to create a package that contains a syml ...)
+ TODO: check
CVE-2020-25030
RESERVED
CVE-2020-25029
@@ -1642,7 +1648,7 @@ CVE-2020-24241 (In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-fr
NOTE: https://github.com/netwide-assembler/nasm/commit/6ac6ac57e3d01ea8ed4ea47706eb724b59176461
NOTE: https://github.com/netwide-assembler/nasm/commit/78df8828a0a5d8e2d8ff3dced562bf1778ce2e6c
NOTE: Crash in CLI tool, no security impact
-CVE-2020-24240 (GNU Bison 3.7 has a use after free (UAF) vulnerability. A local attack ...)
+CVE-2020-24240 (GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/ob ...)
- bison <unfixed> (unimportant)
NOTE: https://github.com/akimd/bison/commit/be95a4fe2951374676efc9454ffee8638faaf68d (v3.7.1)
NOTE: https://lists.gnu.org/r/bug-bison/2020-07/msg00051.html
@@ -1917,8 +1923,8 @@ CVE-2020-24106
RESERVED
CVE-2020-24105
RESERVED
-CVE-2020-24104
- RESERVED
+CVE-2020-24104 (XSS on the PIX-Link Repeater/Router LV-WR07 with firmware v28K.Router. ...)
+ TODO: check
CVE-2020-24103
RESERVED
CVE-2020-24102
@@ -22505,11 +22511,13 @@ CVE-2020-14363 [Double free in libX11 locale handling code]
NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/acdaaadcb3d85c61fd43669fc5dddf0f8c3f911d
CVE-2020-14362
RESERVED
+ {DLA-2359-1}
- xorg-server <unfixed>
NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003058.html
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/2902b78535ecc6821cc027351818b28a5c7fdbdc
CVE-2020-14361
RESERVED
+ {DLA-2359-1}
- xorg-server <unfixed>
NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003058.html
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/144849ea27230962227e62a943b399e2ab304787
@@ -22560,16 +22568,19 @@ CVE-2020-14348
RESERVED
NOT-FOR-US: AMQ Online
CVE-2020-14347 (A flaw was found in the way xserver memory was not properly initialize ...)
+ {DLA-2359-1}
- xorg-server <unfixed> (bug #968986)
NOTE: https://lists.x.org/archives/xorg-announce/2020-July/003051.html
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/aac28e162e5108510065ad4c323affd6deffd816
CVE-2020-14346
RESERVED
+ {DLA-2359-1}
- xorg-server <unfixed>
NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003058.html
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/c940cc8b6c0a2983c1ec974f1b3f019795dd4cff
CVE-2020-14345
RESERVED
+ {DLA-2359-1}
- xorg-server <unfixed>
NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003058.html
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/f7cd1276bbd4fe3a9700096dec33b52b8440788d
@@ -39846,8 +39857,8 @@ CVE-2020-8099 (A vulnerability in the improper handling of junctions in Bitdefen
NOT-FOR-US: Bitdefender Antivirus Free
CVE-2020-8098
RESERVED
-CVE-2020-8097
- RESERVED
+CVE-2020-8097 (An improper authentication vulnerability in Bitdefender Endpoint Secur ...)
+ TODO: check
CVE-2020-8096 (Untrusted Search Path vulnerability in Bitdefender High-Level Antimalw ...)
NOT-FOR-US: Bitdefender
CVE-2020-8095 (A vulnerability in the improper handling of junctions before deletion ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41b7929a81d237d46eb93bb0762509aa8c96add5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41b7929a81d237d46eb93bb0762509aa8c96add5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200831/005c8433/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list