[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-11736/file-roller will be fixed via ospu

Emilio Pozuelo Monfort pochu at debian.org
Thu Jul 9 10:16:15 BST 2020 


Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d391dce1 by Emilio Pozuelo Monfort at 2020-07-09T11:15:44+02:00
CVE-2020-11736/file-roller will be fixed via ospu

- - - - -
64192f4a by Emilio Pozuelo Monfort at 2020-07-09T11:15:44+02:00
CVE-2020-14928/e-d-s will be fixed via spu

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1610,6 +1610,8 @@ CVE-2020-14929 (Alpine before 2.23 silently proceeds to use an insecure connecti
 CVE-2020-14928
 	RESERVED
 	- evolution-data-server 3.36.4-1
+	[buster] - evolution-data-server <no-dsa> (Will be fixed via spu)
+	[stretch] - evolution-data-server <no-dsa> (Will be fixed via spu)
 	NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/-/issues/226
 	NOTE: https://gitlab.gnome.org/GNOME//evolution-data-server/commit/ba82be72cfd427b5d72ff21f929b3a6d8529c4df
 CVE-2020-14927 (Navigate CMS 2.9 allows XSS via the Alias or Real URL field of the "We ...)
@@ -10492,6 +10494,7 @@ CVE-2020-11736 (fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allo
 	{DLA-2180-1}
 	- file-roller 3.36.2-1 (bug #956638)
 	[buster] - file-roller <no-dsa> (Minor issue, will be fixed via spu)
+	[stretch] - file-roller <no-dsa> (Minor issue, will be fixed via spu)
 	NOTE: https://gitlab.gnome.org/GNOME/file-roller/-/commit/21dfcdbfe258984db89fb65243a1a888924e45a0
 CVE-2020-11734 (cgi-bin/go in CyberSolutions CyberMail 5 or later allows XSS via the A ...)
 	NOT-FOR-US: CyberSolutions CyberMail



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1964d5b232480835c03e400d43472f93ab95e4fb...64192f4a1ca8ffa05162a5482ba6486610b9771f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1964d5b232480835c03e400d43472f93ab95e4fb...64192f4a1ca8ffa05162a5482ba6486610b9771f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200709/e62422af/attachment.html>

More information about the debian-security-tracker-commits mailing list