[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Thu Feb 20 20:10:29 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a48481be by security tracker role at 2020-02-20T20:10:22+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1015,6 +1015,7 @@ CVE-2020-8842
 CVE-2020-8841 (An issue was discovered in TestLink 1.9.19. The relation_type paramete ...)
 	NOT-FOR-US: TestLink
 CVE-2020-8840 (FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean- ...)
+	{DLA-2111-1}
 	- jackson-databind <unfixed>
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2620
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/914e7c9f2cb8ce66724bf26a72adc7e958992497
@@ -9081,6 +9082,7 @@ CVE-2020-5202 (apt-cacher-ng through 3.3 allows local users to obtain sensitive
 CVE-2020-5201
 	RESERVED
 CVE-2019-20330 (FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.eh ...)
+	{DLA-2111-1}
 	- jackson-databind 2.10.1-1
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2526
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/fc4214a883dc087070f25da738ef0d49c2f3387e
@@ -26422,6 +26424,7 @@ CVE-2019-17628
 CVE-2019-17627 (The Yale Bluetooth Key application for mobile devices allows unauthori ...)
 	NOT-FOR-US: Yale Bluetooth Key application for mobile devices
 CVE-2019-17626 (ReportLab through 3.5.26 allows remote code execution because of toCol ...)
+	{DLA-2112-1}
 	- python-reportlab 3.5.34-1 (bug #942763)
 	NOTE: https://bitbucket.org/rptlab/reportlab/issues/199/eval-in-colorspy-leads-to-remote-code
 	NOTE: https://hg.reportlab.com/hg-public/reportlab/rev/51a521ad7dd3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a48481be165ea2885b6268e5667b19a861e3ce36

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a48481be165ea2885b6268e5667b19a861e3ce36
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200220/00bbf2c2/attachment.html>

More information about the debian-security-tracker-commits mailing list