[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Tue Jul 14 09:10:25 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
30bb48d8 by security tracker role at 2020-07-14T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2020-15710
+ RESERVED
+CVE-2020-15709
+ RESERVED
+CVE-2020-15708
+ RESERVED
+CVE-2020-15707
+ RESERVED
+CVE-2020-15706
+ RESERVED
+CVE-2020-15705
+ RESERVED
+CVE-2020-15704
+ RESERVED
+CVE-2020-15703
+ RESERVED
+CVE-2020-15702
+ RESERVED
+CVE-2020-15701
+ RESERVED
CVE-2020-15700
RESERVED
CVE-2020-15699
@@ -1426,8 +1446,8 @@ CVE-2020-15052
RESERVED
CVE-2020-15051
RESERVED
-CVE-2020-15050
- RESERVED
+CVE-2020-15050 (An issue was discovered in the Video Extension in Suprema BioStar 2 be ...)
+ TODO: check
CVE-2020-15049 (An issue was discovered in http/ContentLengthInterpreter.cc in Squid b ...)
- squid 4.12-1
- squid3 <removed>
@@ -3360,13 +3380,11 @@ CVE-2020-14301 [leak of sensitive cookie information via dumpxml]
- libvirt <not-affected> (Vulnerable code introduced with 6.2.0)
NOTE: Fixed by: https://github.com/libvirt/libvirt/commit/a5b064bf4b17a9884d7d361733737fb614ad8979
NOTE: Fixed by: https://github.com/libvirt/libvirt/commit/524de6cc35d3b222f0e940bb0fd027f5482572c5
-CVE-2020-14300
- RESERVED
+CVE-2020-14300 (The docker packages version docker-1.13.1-108.git4ef4b30.el7 as releas ...)
- docker.io <not-affected> (Red Hat specific regression)
CVE-2020-14299
RESERVED
-CVE-2020-14298
- RESERVED
+CVE-2020-14298 (The version of docker as released for Red Hat Enterprise Linux 7 Extra ...)
- docker.io <not-affected> (Red Hat specific regression)
CVE-2020-14297
RESERVED
@@ -4830,6 +4848,7 @@ CVE-2020-13755
RESERVED
CVE-2020-13753
RESERVED
+ {DSA-4724-1}
- webkit2gtk 2.28.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
@@ -15886,6 +15905,7 @@ CVE-2020-9852 (An integer overflow was addressed through improved input validati
CVE-2020-9851 (An access issue was addressed with improved access restrictions. This ...)
NOT-FOR-US: Apple
CVE-2020-9850 (A logic issue was addressed with improved restrictions. This issue is ...)
+ {DSA-4724-1}
- webkit2gtk 2.28.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
@@ -15904,6 +15924,7 @@ CVE-2020-9845
CVE-2020-9844 (A double free issue was addressed with improved memory management. Thi ...)
NOT-FOR-US: Apple
CVE-2020-9843 (An input validation issue was addressed with improved input validation ...)
+ {DSA-4724-1}
- webkit2gtk 2.28.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
@@ -15980,18 +16001,21 @@ CVE-2020-9809 (An information disclosure issue was addressed with improved state
CVE-2020-9808 (A memory corruption issue was addressed with improved state management ...)
NOT-FOR-US: Apple
CVE-2020-9807 (A memory corruption issue was addressed with improved state management ...)
+ {DSA-4724-1}
- webkit2gtk 2.28.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
- wpewebkit 2.28.3-1
NOTE: https://webkitgtk.org/security/WSA-2020-0006.html
CVE-2020-9806 (A memory corruption issue was addressed with improved state management ...)
+ {DSA-4724-1}
- webkit2gtk 2.28.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
- wpewebkit 2.28.3-1
NOTE: https://webkitgtk.org/security/WSA-2020-0006.html
CVE-2020-9805 (A logic issue was addressed with improved restrictions. This issue is ...)
+ {DSA-4724-1}
- webkit2gtk 2.28.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
@@ -16000,12 +16024,14 @@ CVE-2020-9805 (A logic issue was addressed with improved restrictions. This issu
CVE-2020-9804 (A logic issue was addressed with improved restrictions. This issue is ...)
NOT-FOR-US: Apple
CVE-2020-9803 (A memory corruption issue was addressed with improved validation. This ...)
+ {DSA-4724-1}
- webkit2gtk 2.28.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
- wpewebkit 2.28.3-1
NOTE: https://webkitgtk.org/security/WSA-2020-0006.html
CVE-2020-9802 (A logic issue was addressed with improved restrictions. This issue is ...)
+ {DSA-4724-1}
- webkit2gtk 2.28.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30bb48d87772366da35378fbae7d9fcd7d5c6c49
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30bb48d87772366da35378fbae7d9fcd7d5c6c49
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200714/a17f7a73/attachment.html>
More information about the debian-security-tracker-commits
mailing list