[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Tue Jul 14 09:10:25 BST 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
30bb48d8 by security tracker role at 2020-07-14T08:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2020-15710
+	RESERVED
+CVE-2020-15709
+	RESERVED
+CVE-2020-15708
+	RESERVED
+CVE-2020-15707
+	RESERVED
+CVE-2020-15706
+	RESERVED
+CVE-2020-15705
+	RESERVED
+CVE-2020-15704
+	RESERVED
+CVE-2020-15703
+	RESERVED
+CVE-2020-15702
+	RESERVED
+CVE-2020-15701
+	RESERVED
 CVE-2020-15700
 	RESERVED
 CVE-2020-15699
@@ -1426,8 +1446,8 @@ CVE-2020-15052
 	RESERVED
 CVE-2020-15051
 	RESERVED
-CVE-2020-15050
-	RESERVED
+CVE-2020-15050 (An issue was discovered in the Video Extension in Suprema BioStar 2 be ...)
+	TODO: check
 CVE-2020-15049 (An issue was discovered in http/ContentLengthInterpreter.cc in Squid b ...)
 	- squid 4.12-1
 	- squid3 <removed>
@@ -3360,13 +3380,11 @@ CVE-2020-14301 [leak of sensitive cookie information via dumpxml]
 	- libvirt <not-affected> (Vulnerable code introduced with 6.2.0)
 	NOTE: Fixed by: https://github.com/libvirt/libvirt/commit/a5b064bf4b17a9884d7d361733737fb614ad8979
 	NOTE: Fixed by: https://github.com/libvirt/libvirt/commit/524de6cc35d3b222f0e940bb0fd027f5482572c5
-CVE-2020-14300
-	RESERVED
+CVE-2020-14300 (The docker packages version docker-1.13.1-108.git4ef4b30.el7 as releas ...)
 	- docker.io <not-affected> (Red Hat specific regression)
 CVE-2020-14299
 	RESERVED
-CVE-2020-14298
-	RESERVED
+CVE-2020-14298 (The version of docker as released for Red Hat Enterprise Linux 7 Extra ...)
 	- docker.io <not-affected> (Red Hat specific regression)
 CVE-2020-14297
 	RESERVED
@@ -4830,6 +4848,7 @@ CVE-2020-13755
 	RESERVED
 CVE-2020-13753
 	RESERVED
+	{DSA-4724-1}
 	- webkit2gtk 2.28.3-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
@@ -15886,6 +15905,7 @@ CVE-2020-9852 (An integer overflow was addressed through improved input validati
 CVE-2020-9851 (An access issue was addressed with improved access restrictions. This  ...)
 	NOT-FOR-US: Apple
 CVE-2020-9850 (A logic issue was addressed with improved restrictions. This issue is  ...)
+	{DSA-4724-1}
 	- webkit2gtk 2.28.3-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
@@ -15904,6 +15924,7 @@ CVE-2020-9845
 CVE-2020-9844 (A double free issue was addressed with improved memory management. Thi ...)
 	NOT-FOR-US: Apple
 CVE-2020-9843 (An input validation issue was addressed with improved input validation ...)
+	{DSA-4724-1}
 	- webkit2gtk 2.28.3-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
@@ -15980,18 +16001,21 @@ CVE-2020-9809 (An information disclosure issue was addressed with improved state
 CVE-2020-9808 (A memory corruption issue was addressed with improved state management ...)
 	NOT-FOR-US: Apple
 CVE-2020-9807 (A memory corruption issue was addressed with improved state management ...)
+	{DSA-4724-1}
 	- webkit2gtk 2.28.3-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
 	- wpewebkit 2.28.3-1
 	NOTE: https://webkitgtk.org/security/WSA-2020-0006.html
 CVE-2020-9806 (A memory corruption issue was addressed with improved state management ...)
+	{DSA-4724-1}
 	- webkit2gtk 2.28.3-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
 	- wpewebkit 2.28.3-1
 	NOTE: https://webkitgtk.org/security/WSA-2020-0006.html
 CVE-2020-9805 (A logic issue was addressed with improved restrictions. This issue is  ...)
+	{DSA-4724-1}
 	- webkit2gtk 2.28.3-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
@@ -16000,12 +16024,14 @@ CVE-2020-9805 (A logic issue was addressed with improved restrictions. This issu
 CVE-2020-9804 (A logic issue was addressed with improved restrictions. This issue is  ...)
 	NOT-FOR-US: Apple
 CVE-2020-9803 (A memory corruption issue was addressed with improved validation. This ...)
+	{DSA-4724-1}
 	- webkit2gtk 2.28.3-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
 	- wpewebkit 2.28.3-1
 	NOTE: https://webkitgtk.org/security/WSA-2020-0006.html
 CVE-2020-9802 (A logic issue was addressed with improved restrictions. This issue is  ...)
+	{DSA-4724-1}
 	- webkit2gtk 2.28.3-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30bb48d87772366da35378fbae7d9fcd7d5c6c49

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30bb48d87772366da35378fbae7d9fcd7d5c6c49
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200714/a17f7a73/attachment.html>


More information about the debian-security-tracker-commits mailing list