[Git][security-tracker-team/security-tracker][master] Sync open-iscsi issues with information from upstream list

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0e529f6d by Salvatore Bonaccorso at 2020-12-21T15:42:31+01:00
Sync open-iscsi issues with information from upstream list

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -20570,8 +20570,13 @@ CVE-2020-24336 (An issue was discovered in Contiki through 3.0 and Contiki-NG th
 	NOT-FOR-US: Contiki
 CVE-2020-24335
 	RESERVED
+	- open-iscsi <unfixed>
+	NOTE: https://groups.google.com/g/open-iscsi/c/iRS9fcB1bJU/m/BbxY1SGPEwAJ
+	NOTE: Adressed upstream in 2.1.3 release
 CVE-2020-24334 (The code that processes DNS responses in uIP through 1.0, as used in C ...)
-	NOT-FOR-US: Contiki
+	- open-iscsi <unfixed>
+	NOTE: https://groups.google.com/g/open-iscsi/c/iRS9fcB1bJU/m/BbxY1SGPEwAJ
+	NOTE: Adressed upstream in 2.1.3 release
 CVE-2020-24333 (A vulnerability in Arista’s CloudVision Portal (CVP) prior to 20 ...)
 	NOT-FOR-US: Arista
 CVE-2020-24332 (An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ...)
@@ -34477,13 +34482,21 @@ CVE-2020-17442 (An issue was discovered in picoTCP 1.7.0. The code for parsing t
 CVE-2020-17441 (An issue was discovered in picoTCP 1.7.0. The code for processing the  ...)
 	NOT-FOR-US: picoTCP
 CVE-2020-17440 (An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other p ...)
-	NOT-FOR-US: Contiki
+	- open-iscsi <unfixed>
+	NOTE: https://groups.google.com/g/open-iscsi/c/iRS9fcB1bJU/m/BbxY1SGPEwAJ
+	NOTE: Adressed upstream in 2.1.3 release
 CVE-2020-17439 (An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other p ...)
-	NOT-FOR-US: Contiki
+	- open-iscsi <unfixed>
+	NOTE: https://groups.google.com/g/open-iscsi/c/iRS9fcB1bJU/m/BbxY1SGPEwAJ
+	NOTE: Adressed upstream in 2.1.3 release
 CVE-2020-17438 (An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other p ...)
-	NOT-FOR-US: Contiki
+	- open-iscsi <unfixed>
+	NOTE: https://groups.google.com/g/open-iscsi/c/iRS9fcB1bJU/m/BbxY1SGPEwAJ
+	NOTE: Adressed upstream in 2.1.3 release
 CVE-2020-17437 (An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other p ...)
-	NOT-FOR-US: Contiki
+	- open-iscsi <unfixed>
+	NOTE: https://groups.google.com/g/open-iscsi/c/iRS9fcB1bJU/m/BbxY1SGPEwAJ
+	NOTE: Adressed upstream in 2.1.3 release
 CVE-2020-17436
 	RESERVED
 CVE-2020-17435
@@ -43242,9 +43255,12 @@ CVE-2020-13990
 CVE-2020-13989
 	RESERVED
 CVE-2020-13988 (An issue was discovered in Contiki through 3.0. An Integer Overflow ex ...)
-	NOT-FOR-US: Contiki
+	NOTE: https://groups.google.com/g/open-iscsi/c/iRS9fcB1bJU/m/BbxY1SGPEwAJ
+	NOTE: Adressed upstream in 2.1.3 release
 CVE-2020-13987 (An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read  ...)
-	NOT-FOR-US: Contiki
+	- open-iscsi <unfixed>
+	NOTE: https://groups.google.com/g/open-iscsi/c/iRS9fcB1bJU/m/BbxY1SGPEwAJ
+	NOTE: Adressed upstream in 2.1.3 release
 CVE-2020-13986 (An issue was discovered in Contiki through 3.0. An infinite loop exist ...)
 	NOT-FOR-US: Contiki
 CVE-2020-13985 (An issue was discovered in Contiki through 3.0. A memory corruption vu ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e529f6d027aa46af16bb8f377c9b2dba4367b45

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e529f6d027aa46af16bb8f377c9b2dba4367b45
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201221/067d2b3f/attachment-0001.html>