[Git][security-tracker-team/security-tracker][master] new openjfx issue, "new" ntpd issue

Moritz Muehlenhoff jmm at debian.org
Thu Feb 6 13:00:33 GMT 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7daa125f by Moritz Muehlenhoff at 2020-02-06T14:00:07+01:00
new openjfx issue, "new" ntpd issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14515,7 +14515,8 @@ CVE-2020-2587 (Vulnerability in the Oracle Human Resources product of Oracle E-B
 CVE-2020-2586 (Vulnerability in the Oracle Human Resources product of Oracle E-Busine ...)
 	NOT-FOR-US: Oracle
 CVE-2020-2585 (Vulnerability in the Java SE product of Oracle Java SE (component: Jav ...)
-	TODO: check
+	- openjfx 11+26-1
+	NOTE: This only affects JavaFX 8, so marking the first post 8 version as fixed
 CVE-2020-2584 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #949994)
 	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
@@ -249636,7 +249637,9 @@ CVE-2014-5211 (Stack-based buffer overflow in the Attachmate Reflection FTP Clie
 CVE-2014-5210 (The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows re ...)
 	NOT-FOR-US: AlienVault OSSIM
 CVE-2014-5209 (An Information Disclosure vulnerability exists in NTP 4.2.7p25 private ...)
-	TODO: check
+	- ntp 1:4.2.8p3+dfsg-1
+	NOTE: Starting with 4.2.8, mode 7 is marked as deprecated and disabled by default,
+	NOTE:   treat this as the fixed version here
 CVE-2014-5208 (BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 30 ...)
 	NOT-FOR-US: Batch Management Packages in Yokogawa and Exaopc
 CVE-2014-5202 (Cross-site scripting (XSS) vulnerability in compfight-search.php in th ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7daa125fa102c00b448dab67a4c82782696e37c9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7daa125fa102c00b448dab67a4c82782696e37c9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200206/f2d33e8e/attachment.html>

More information about the debian-security-tracker-commits mailing list