[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Mon Jan 13 08:10:22 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a47f9803 by security tracker role at 2020-01-13T08:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2020-6861
+	RESERVED
+CVE-2020-6860 (libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hd ...)
+	TODO: check
+CVE-2020-6859
+	RESERVED
+CVE-2020-6858
+	RESERVED
+CVE-2020-6857
+	RESERVED
+CVE-2020-6856
+	RESERVED
+CVE-2020-6855
+	RESERVED
+CVE-2020-6854
+	RESERVED
+CVE-2020-6853
+	RESERVED
+CVE-2020-6852
+	RESERVED
+CVE-2020-6851 (OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl ...)
+	TODO: check
+CVE-2020-6850
+	RESERVED
+CVE-2020-6849
+	RESERVED
+CVE-2020-6848 (Axper Vision II 4 devices allow XSS via the DEVICE_NAME (aka Device Na ...)
+	TODO: check
 CVE-2020-6847 (OpenTrade through 0.2.0 has a DOM-based XSS vulnerability that is exec ...)
 	NOT-FOR-US: OpenTrade
 CVE-2020-6846
@@ -3702,6 +3730,7 @@ CVE-2019-20226
 	REJECTED
 CVE-2019-20326 [buffer overflow]
 	RESERVED
+	{DLA-2066-1}
 	- gthumb <unfixed> (bug #948197)
 	[buster] - gthumb <no-dsa> (Minor issue)
 	[stretch] - gthumb <no-dsa> (Minor issue)
@@ -20604,6 +20633,7 @@ CVE-2019-17573
 CVE-2019-17572
 	RESERVED
 CVE-2019-17571 (Included in Log4j 1.2 is a SocketServer class that is vulnerable to de ...)
+	{DLA-2065-1}
 	- apache-log4j1.2 1.2.17-9 (bug #947124)
 	NOTE: https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E
 	NOTE: CVE-2019-17571 correspond to CVE-2017-5645 for apache-log4j2. 1.2.x branch



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a47f9803b11648bb185b14f1215a2caf358b735b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a47f9803b11648bb185b14f1215a2caf358b735b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200113/293791c8/attachment.html>

More information about the debian-security-tracker-commits mailing list