[Git][security-tracker-team/security-tracker][master] libsass triage
Moritz Muehlenhoff
jmm at debian.org
Fri Dec 18 10:18:21 GMT 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ba1561ed by Moritz Muehlenhoff at 2020-12-18T11:17:48+01:00
libsass triage
wireshark postponed
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2169,6 +2169,7 @@ CVE-2020-35476 (A remote code execution vulnerability occurs in OpenTSDB through
CVE-2020-35475 [Messages userrights-expiry-current and userrights-expiry-none can contain raw html]
RESERVED
- mediawiki 1:1.35.1-1
+ NOTE: https://phabricator.wikimedia.org/T268917
NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-December/094126.html
CVE-2020-35474 [Message recentchanges-legend-watchlistexpiry can contain raw html]
RESERVED
@@ -13927,7 +13928,7 @@ CVE-2020-27053 (In broadcastWifiCredentialChanged of ClientModeImpl.java, there
CVE-2020-27052 (In getLockTaskLaunchMode of ActivityRecord.java, there is a possible w ...)
NOT-FOR-US: Android
CVE-2020-27051 (In NFA_RwI93WriteMultipleBlocks of nfa_rw_api.cc, there is a possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-27050 (In rw_i93_send_cmd_write_multi_blocks of rw_i93.cc, there is a possibl ...)
NOT-FOR-US: Android
CVE-2020-27049 (In rw_t3t_send_raw_frame of rw_t3t.cc, there is a possible out of boun ...)
@@ -15392,18 +15393,22 @@ CVE-2020-26422
RESERVED
CVE-2020-26421 (Crash in USB HID protocol dissector and possibly other dissectors in W ...)
- wireshark 3.4.1-1
+ [buster] - wireshark <postponed> (Minor issue, can be fixed along in next DSA)
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16958
NOTE: https://www.wireshark.org/security/wnpa-sec-2020-17.html
CVE-2020-26420 (Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to ...)
- wireshark 3.4.1-1
+ [buster] - wireshark <postponed> (Minor issue, can be fixed along in next DSA)
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16994
NOTE: https://www.wireshark.org/security/wnpa-sec-2020-18.html
CVE-2020-26419 (Memory leak in the dissection engine in Wireshark 3.4.0 allows denial ...)
- wireshark 3.4.1-1
+ [buster] - wireshark <postponed> (Minor issue, can be fixed along in next DSA)
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17032
NOTE: https://www.wireshark.org/security/wnpa-sec-2020-19.html
CVE-2020-26418 (Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 t ...)
- wireshark 3.4.1-1
+ [buster] - wireshark <postponed> (Minor issue, can be fixed along in next DSA)
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16739
NOTE: https://www.wireshark.org/security/wnpa-sec-2020-16.html
CVE-2020-26417 (Information disclosure via GraphQL in GitLab CE/EE 13.1 and later expo ...)
@@ -15698,9 +15703,9 @@ CVE-2020-26276 (Fleet is an open source osquery manager. In Fleet before version
CVE-2020-26275
RESERVED
CVE-2020-26274 (In systeminformation (npm package) before version 4.31.1 there is a co ...)
- TODO: check
+ NOT-FOR-US: Node systeminformation
CVE-2020-26273 (osquery is a SQL powered operating system instrumentation, monitoring, ...)
- TODO: check
+ - osquery <itp> (bug #803502)
CVE-2020-26272
RESERVED
CVE-2020-26271 (In affected versions of TensorFlow under certain cases, loading a save ...)
@@ -15741,7 +15746,7 @@ CVE-2020-26257 (Matrix is an ecosystem for open federated Instant Messaging and
NOTE: https://github.com/matrix-org/synapse/pull/8776
NOTE: https://github.com/matrix-org/synapse/commit/3ce2f303f15f6ac3dc352298972dc6e04d9b7a8b
CVE-2020-26256 (Fast-csv is an npm package for parsing and formatting CSVs or any othe ...)
- TODO: check
+ NOT-FOR-US: Node fast-csv
CVE-2020-26255 (Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.4.5, and ...)
NOT-FOR-US: Kirby CMS
CVE-2020-26254 (omniauth-apple is the OmniAuth strategy for "Sign In with Apple" (Ruby ...)
@@ -15755,7 +15760,7 @@ CVE-2020-26251
CVE-2020-26250 (OAuthenticator is an OAuth login mechanism for JupyterHub. In oauthent ...)
NOT-FOR-US: JupyterHub login mechanism
CVE-2020-26249 (Red Discord Bot Dashboard is an easy-to-use interactive web dashboard ...)
- TODO: check
+ NOT-FOR-US: Red Discord Bot Dashboard
CVE-2020-26248 (In the PrestaShop module "productcomments" before version 4.2.1, an at ...)
NOT-FOR-US: PrestaShop module
CVE-2020-26247
@@ -28686,7 +28691,7 @@ CVE-2020-20138 (Cross Site Scripting (XSS) vulnerability in the Showtime2 Slides
CVE-2020-20137
RESERVED
CVE-2020-20136 (QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an ...)
- TODO: check
+ NOT-FOR-US: QuantConnect Lean
CVE-2020-20135
RESERVED
CVE-2020-20134
@@ -34728,7 +34733,7 @@ CVE-2020-17162
CVE-2020-17161
RESERVED
CVE-2020-17160 (, aka 'RETRACTED'. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-17159 (Visual Studio Code Java Extension Pack Remote Code Execution Vulnerabi ...)
NOT-FOR-US: Microsoft
CVE-2020-17158 (Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote ...)
@@ -34768,7 +34773,7 @@ CVE-2020-17142 (Microsoft Exchange Remote Code Execution Vulnerability This CVE
CVE-2020-17141 (Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is ...)
NOT-FOR-US: Microsoft
CVE-2020-17140 (Windows SMB Information Disclosure Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-17139 (Windows Overlay Filter Security Feature Bypass Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2020-17138 (Windows Error Reporting Information Disclosure Vulnerability This CVE ...)
@@ -34856,9 +34861,9 @@ CVE-2020-17098 (Windows GDI+ Information Disclosure Vulnerability ...)
CVE-2020-17097 (Windows Digital Media Receiver Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2020-17096 (Windows NTFS Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-17095 (Hyper-V Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-17094 (Windows Error Reporting Information Disclosure Vulnerability This CVE ...)
NOT-FOR-US: Microsoft
CVE-2020-17093
@@ -35056,7 +35061,7 @@ CVE-2020-16998 (DirectX Elevation of Privilege Vulnerability ...)
CVE-2020-16997 (Remote Desktop Protocol Server Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2020-16996 (Kerberos Security Feature Bypass Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16995 (An elevation of privilege vulnerability exists in Network Watcher Agen ...)
NOT-FOR-US: Microsoft
CVE-2020-16994 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is uniq ...)
@@ -37887,7 +37892,7 @@ CVE-2020-15798
CVE-2020-15797 (A vulnerability has been identified in DCA Vantage Analyzer (All versi ...)
NOT-FOR-US: DCA Vantage Analyzer
CVE-2020-15796 (A vulnerability has been identified in SIMATIC ET 200SP Open Controlle ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-15795
RESERVED
CVE-2020-15794 (A vulnerability has been identified in Desigo Insight (All versions). ...)
@@ -44187,7 +44192,7 @@ CVE-2020-13528 (An information disclosure vulnerability exists in the Web Manage
CVE-2020-13527 (An authentication bypass vulnerability exists in the Web Manager funct ...)
TODO: check
CVE-2020-13526 (SQL injection vulnerability exists in the handling of sort parameters ...)
- TODO: check
+ NOT-FOR-US: ProcessMaker
CVE-2020-13525 (The sort parameter in the download page /sysworkflow/en/neoclassic/rep ...)
NOT-FOR-US: ProcessMaker
CVE-2020-13524 (An out-of-bounds memory corruption vulnerability exists in the way Pix ...)
@@ -46536,9 +46541,9 @@ CVE-2020-12597
CVE-2020-12596
RESERVED
CVE-2020-12595 (An information disclosure flaw allows a malicious, authenticated, priv ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2020-12594 (A privilege escalation flaw allows a malicious, authenticated, privile ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2020-12593 (Symantec Endpoint Detection & Response, prior to 4.5, may be susce ...)
NOT-FOR-US: Symantec
CVE-2020-12592
@@ -60877,7 +60882,7 @@ CVE-2020-7562 (A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Ser
CVE-2020-7561 (A CWE-284: Improper Access Control vulnerability exists in Easergy T30 ...)
NOT-FOR-US: Easergy
CVE-2020-7560 (A CWE-123: Write-what-where Condition vulnerability exists in EcoStrux ...)
- TODO: check
+ NOT-FOR-US: EcoStruxure Control Expert
CVE-2020-7559 (A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer ...)
NOT-FOR-US: EcoStruxure Control Expert
CVE-2020-7558 (A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition ...)
@@ -78722,20 +78727,23 @@ CVE-2019-18801 (An issue was discovered in Envoy 1.12.0. An untrusted remote cli
CVE-2019-18800 (Viber through 11.7.0.5 allows a remote attacker who can capture a vict ...)
NOT-FOR-US: Viber
CVE-2019-18799 (LibSass before 3.6.3 allows a NULL pointer dereference in Sass::Parser ...)
- - libsass <unfixed> (low)
+ - libsass 3.6.3-1 (low)
[buster] - libsass <no-dsa> (Minor issue)
[stretch] - libsass <no-dsa> (Minor issue)
NOTE: https://github.com/sass/libsass/issues/3001
+ NOTE: https://github.com/mgreter/libsass/commit/994695c669085058c4a500f295a0531893eff77a
CVE-2019-18798 (LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::wea ...)
- - libsass <unfixed> (low)
+ - libsass 3.6.3-1 (low)
[buster] - libsass <no-dsa> (Minor issue)
[stretch] - libsass <no-dsa> (Minor issue)
NOTE: https://github.com/sass/libsass/issues/2999
+ NOTE: https://github.com/mgreter/libsass/commit/0b721e0f37fc69ab197ec956a923e036e3b05ca6
CVE-2019-18797 (LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sas ...)
- - libsass <unfixed> (low)
+ - libsass <unfixed> (unimportant)
[buster] - libsass <no-dsa> (Minor issue)
[stretch] - libsass <no-dsa> (Minor issue)
NOTE: https://github.com/sass/libsass/issues/3000
+ NOTE: Not considered a security issue be upstream
CVE-2019-18796 (The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamC ...)
NOT-FOR-US: BASS Audio Library
CVE-2019-18795 (The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamC ...)
@@ -82647,7 +82655,7 @@ CVE-2020-0497 (In canUseBiometric of BiometricServiceBase, there is a missing pe
CVE-2020-0496 (In CPDF_RenderStatus::LoadSMask of cpdf_renderstatus.cpp, there is a p ...)
NOT-FOR-US: Android
CVE-2020-0495 (In decode_Huffman of JBig2_SddProc.cpp, there is a possible out of bou ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0494 (In ih264d_parse_ave of ih264d_sei.c, there is a possible out of bounds ...)
NOT-FOR-US: Android media framework
CVE-2020-0493 (In CPDF_SampledFunc::v_Call of cpdf_sampledfunc.cpp, there is a possib ...)
@@ -82665,7 +82673,7 @@ CVE-2020-0488 (In ihevc_inter_pred_chroma_copy_ssse3 of ihevc_inter_pred_filters
CVE-2020-0487 (In read_metadata_vorbiscomment_ of stream_decoder.c, there is possible ...)
NOTE: Duplicate of CVE-2017-6888, requested rejection
CVE-2020-0486 (In openAssetFileListener of ContactsProvider2.java, there is a possibl ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0485 (In areFunctionsSupported of UsbBackend.java, there is a possible acces ...)
NOT-FOR-US: Android
CVE-2020-0484 (In destroyResources of ComposerClient.h, there is possible memory corr ...)
@@ -104675,11 +104683,12 @@ CVE-2019-11470 (The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1472
NOTE: https://github.com/ImageMagick/ImageMagick6/commit/a0473b29add9521ffd4c74f6f623b418811762b0
CVE-2018-20822 (LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrol ...)
- - libsass <unfixed> (low)
+ - libsass 3.6.3-1 (low)
[buster] - libsass <no-dsa> (Minor issue)
[stretch] - libsass <no-dsa> (Minor issue)
NOTE: https://github.com/sass/libsass/issues/2671
NOTE: Possibly introduced after https://github.com/sass/libsass/commit/25c9b4952f5838b615da996035453967d0420f57 (3.4.7)
+ NOTE: Fixed in 3.6.1, but 3.6.3 first to land in unstable
CVE-2018-20821 (The parsing component in LibSass through 3.5.5 allows attackers to cau ...)
- libsass <unfixed> (low)
[buster] - libsass <no-dsa> (Minor issue)
@@ -133350,10 +133359,11 @@ CVE-2018-19839 (In LibSass prior to 3.5.5, the function handle_error in sass_con
NOTE: https://github.com/sass/libsass/issues/2657
NOTE: https://github.com/sass/libsass/pull/2767
CVE-2018-19838 (In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENT_AST_ ...)
- - libsass <unfixed> (low)
+ - libsass 3.6.3-1 (low)
[buster] - libsass <no-dsa> (Minor issue)
[stretch] - libsass <no-dsa> (Minor issue)
NOTE: https://github.com/sass/libsass/issues/2660
+ NOTE: Fixed in 3.6.1, but 3.6.3 first to land in unstable
CVE-2018-19837 (In LibSass prior to 3.5.5, Sass::Eval::operator()(Sass::Binary_Express ...)
- libsass 3.5.4+20180621~c0a6cf3-1
[stretch] - libsass <no-dsa> (Minor issue)
@@ -138159,10 +138169,10 @@ CVE-2018-19221 (An issue was discovered in LAOBANCMS 2.0. It allows SQL Injectio
CVE-2018-19220 (An issue was discovered in LAOBANCMS 2.0. It allows remote attackers t ...)
NOT-FOR-US: LAOBANCMS
CVE-2018-19219 (In LibSass 3.5-stable, there is an illegal address access at Sass::Eva ...)
- - libsass <undetermined>
+ NOTE: Bogus report for libsass
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643760
CVE-2018-19218 (In LibSass 3.5-stable, there is an illegal address access at Sass::Par ...)
- - libsass <undetermined>
+ NOTE: Bogus report for libsass
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643758
CVE-2018-19217 (** DISPUTED ** In ncurses, possibly a 6.x version, there is a NULL poi ...)
- ncurses 6.0+20170701-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ba1561ed953923060f957f60ce5fbf4715ed07df
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ba1561ed953923060f957f60ce5fbf4715ed07df
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201218/624a4a2a/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list