[Git][security-tracker-team/security-tracker][master] kopano n/a

Moritz Muehlenhoff jmm at debian.org
Sat Jul 4 19:24:25 BST 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9b14e97f by Moritz Muehlenhoff at 2020-07-04T20:23:28+02:00
kopano n/a
bash issue unimportant

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19797,7 +19797,7 @@ CVE-2020-8016 (A Race Condition Enabling Link Following vulnerability in the pac
 CVE-2020-8015 (A UNIX Symbolic Link (Symlink) Following vulnerability in the packagin ...)
 	NOT-FOR-US: SuSE packaging of TexLive
 CVE-2020-8014 (A UNIX Symbolic Link (Symlink) Following vulnerability in the packagin ...)
-	TODO: check
+	- kopano-spamd <not-affected> (SuSE-specific packaging issue)
 CVE-2020-8013 (A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of S ...)
 	NOT-FOR-US: chkstat
 CVE-2020-8012 (CA Unified Infrastructure Management (Nimsoft/UIM) 9.20 and below cont ...)
@@ -42196,13 +42196,11 @@ CVE-2019-18277 (A flaw was found in HAProxy before 2.0.6. In legacy mode, messag
 	NOTE: https://git.haproxy.org/?p=haproxy-2.0.git;a=commit;h=196a7df44d8129d1adc795da020b722614d6a581
 	NOTE: https://nathandavison.com/blog/haproxy-http-request-smuggling
 CVE-2019-18276 (An issue was discovered in disable_priv_mode in shell.c in GNU Bash th ...)
-	- bash <unfixed> (low)
-	[buster] - bash <no-dsa> (Minor issue)
-	[stretch] - bash <no-dsa> (minor issue)
-	[jessie] - bash <no-dsa> (minor issue)
+	- bash <unfixed> (unimportant)
 	NOTE: https://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel&id=951bdaad7a18cc0dc1036bba86b18b90874d39ff
 	NOTE: https://savannah.gnu.org/patch/?9822
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1158028
+	NOTE: Negligible security impact
 CVE-2019-18275 (OSIsoft PI Vision, All versions of PI Vision prior to 2019. The affect ...)
 	NOT-FOR-US: OSIsoft
 CVE-2019-18274



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b14e97fb6d849a36ffa0be0b06b1391f80d9668

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b14e97fb6d849a36ffa0be0b06b1391f80d9668
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200704/eede3ef3/attachment.html>

More information about the debian-security-tracker-commits mailing list