[Git][security-tracker-team/security-tracker][master] Add new nethack issues
Salvatore Bonaccorso
carnil at debian.org
Wed Jan 29 09:24:14 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d7b57021 by Salvatore Bonaccorso at 2020-01-29T10:23:36+01:00
Add new nethack issues
All likely to be just maked no-dsa for buster and stretch but adding
those just for the initial tracking.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6880,17 +6880,25 @@ CVE-2020-5216 (In Secure Headers (RubyGem secure_headers), a directive injection
CVE-2020-5215 (In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Pytho ...)
TODO: check
CVE-2020-5214 (In NetHack before 3.6.5, detecting an unknown configuration file optio ...)
- TODO: check
+ - nethack <unfixed>
+ NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-p8fw-rq89-xqx6
CVE-2020-5213 (In NetHack before 3.6.5, too long of a value for the SYMBOL configurat ...)
- TODO: check
+ - nethack <unfixed>
+ NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-rr25-4v34-pr7v
CVE-2020-5212 (In NetHack before 3.6.5, an extremely long value for the MENUCOLOR con ...)
- TODO: check
+ - nethack <unfixed>
+ NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-g89f-m829-4m56
CVE-2020-5211 (In NetHack before 3.6.5, an invalid extended command in value for the ...)
- TODO: check
+ - nethack <unfixed>
+ NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-r788-4jf4-r9f7
CVE-2020-5210 (In NetHack before 3.6.5, an invalid argument to the -w command line op ...)
- TODO: check
+ - nethack <unfixed>
+ NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-v5pg-hpjg-9rpp
+ NOTE: https://github.com/NetHack/NetHack/commit/f3def5c0b999478da2d0a8f0b6a7c370a2065f77
CVE-2020-5209 (In NetHack before 3.6.5, unknown options starting with -de and -i can ...)
- TODO: check
+ - nethack <unfixed>
+ NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-fw72-r8xm-45p8
+ NOTE: https://github.com/NetHack/NetHack/commit/f3def5c0b999478da2d0a8f0b6a7c370a2065f77
CVE-2020-5208
RESERVED
CVE-2020-5207 (In Ktor before 1.3.0, request smuggling is possible when running behin ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d7b57021a88a45130688a3bc4af6cae90ec489ba
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d7b57021a88a45130688a3bc4af6cae90ec489ba
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200129/5b40991c/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list