[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Thu Jan 23 08:10:42 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6b2b6075 by security tracker role at 2020-01-23T08:10:34+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,55 @@
+CVE-2020-7920
+	RESERVED
+CVE-2020-7919
+	RESERVED
+CVE-2020-7918
+	RESERVED
+CVE-2020-7917
+	RESERVED
+CVE-2020-7916
+	RESERVED
+CVE-2020-7915 (An issue was discovered on Eaton 5P 850 devices. The Ubicacion SAI fie ...)
+	TODO: check
+CVE-2020-7914
+	RESERVED
+CVE-2020-7913
+	RESERVED
+CVE-2020-7912
+	RESERVED
+CVE-2020-7911
+	RESERVED
+CVE-2020-7910
+	RESERVED
+CVE-2020-7909
+	RESERVED
+CVE-2020-7908
+	RESERVED
+CVE-2020-7907
+	RESERVED
+CVE-2020-7906
+	RESERVED
+CVE-2020-7905
+	RESERVED
+CVE-2020-7904
+	RESERVED
+CVE-2019-20399 (A timing vulnerability in the Scalar::check_overflow function in Parit ...)
+	TODO: check
+CVE-2019-20398 (A NULL pointer dereference is present in libyang before v1.0-r3 in the ...)
+	TODO: check
+CVE-2019-20397 (A double-free is present in libyang before v1.0-r1 in the function yyp ...)
+	TODO: check
+CVE-2019-20396 (A segmentation fault is present in yyparse in libyang before v1.0-r1 d ...)
+	TODO: check
+CVE-2019-20395 (A stack consumption issue is present in libyang before v1.0-r1 due to  ...)
+	TODO: check
+CVE-2019-20394 (A double-free is present in libyang before v1.0-r3 in the function yyp ...)
+	TODO: check
+CVE-2019-20393 (A double-free is present in libyang before v1.0-r1 in the function yyp ...)
+	TODO: check
+CVE-2019-20392 (An invalid memory access flaw is present in libyang before v1.0-r1 in  ...)
+	TODO: check
+CVE-2019-20391 (An invalid memory access flaw is present in libyang before v1.0-r3 in  ...)
+	TODO: check
 CVE-2020-7903
 	RESERVED
 CVE-2020-7902
@@ -5634,8 +5686,8 @@ CVE-2020-5225
 	RESERVED
 CVE-2020-5224
 	RESERVED
-CVE-2020-5223
-	RESERVED
+CVE-2020-5223 (In PrivateBin versions 1.2.0 before 1.2.2, and 1.3.0 before 1.3.2, a p ...)
+	TODO: check
 CVE-2020-5222
 	RESERVED
 CVE-2020-5221 (In uftpd before 2.11, it is possible for an unauthenticated user to pe ...)
@@ -5646,10 +5698,10 @@ CVE-2020-5219
 	RESERVED
 CVE-2020-5218
 	RESERVED
-CVE-2020-5217
-	RESERVED
-CVE-2020-5216
-	RESERVED
+CVE-2020-5217 (In Secure Headers (RubyGem secure_headers), a directive injection vuln ...)
+	TODO: check
+CVE-2020-5216 (In Secure Headers (RubyGem secure_headers), a directive injection vuln ...)
+	TODO: check
 CVE-2020-5215
 	RESERVED
 CVE-2020-5214
@@ -10126,12 +10178,12 @@ CVE-2019-19844 (Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 al
 	NOTE: https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2 (1.11.x branch)
 CVE-2019-19843 (Incorrect access control in the web interface in Ruckus Wireless Unlea ...)
 	NOT-FOR-US: Ruckus devices
-CVE-2019-19842
-	RESERVED
-CVE-2019-19841
-	RESERVED
-CVE-2019-19840
-	RESERVED
+CVE-2019-19842 (emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remot ...)
+	TODO: check
+CVE-2019-19841 (emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remot ...)
+	TODO: check
+CVE-2019-19840 (A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruc ...)
+	TODO: check
 CVE-2019-19839
 	RESERVED
 CVE-2019-19838
@@ -302260,8 +302312,7 @@ CVE-2011-3624 (Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 a
 CVE-2011-3623 (Multiple stack-based buffer overflows in VideoLAN VLC media player bef ...)
 	- vlc 1.1.3-1
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=285370
-CVE-2011-3622
-	RESERVED
+CVE-2011-3622 (A Cross-Site Scripting (XSS) vulnerability exists in the admin login s ...)
 	NOT-FOR-US: phorum
 CVE-2011-3621 (A reverse proxy issue exists in FluxBB before 1.4.7 when FORUM_BEHIND_ ...)
 	NOT-FOR-US: fluxbb



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6b2b6075f572fef72ca42a8a292d2f8e87d46a63

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6b2b6075f572fef72ca42a8a292d2f8e87d46a63
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200123/85da0a71/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list