[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Tue Jul 21 09:10:29 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b23f2cbf by security tracker role at 2020-07-21T08:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2020-15862
+	RESERVED
+CVE-2020-15861
+	RESERVED
+CVE-2020-15860
+	RESERVED
+CVE-2020-15859
+	RESERVED
+CVE-2020-15858
+	RESERVED
 CVE-2020-15857
 	RESERVED
 CVE-2020-15856
@@ -138,7 +148,7 @@ CVE-2019-20910 (An issue was discovered in GNU LibreDWG through 0.9.3. Crafted i
 	- libredwg <itp> (bug #595191)
 CVE-2019-20909 (An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL ...)
 	- libredwg <itp> (bug #595191)
-CVE-2020-15852 [XSA 329]
+CVE-2020-15852 (An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used ...)
 	- linux <unfixed>
 	[buster] - linux <not-affected> (Only affects 5.5 and later)
 	[stretch] - linux <not-affected> (Only affects 5.5 and later)
@@ -4726,8 +4736,7 @@ CVE-2020-13934 (An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6
 	NOTE: https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399 (9.0.37)
 CVE-2020-13933
 	RESERVED
-CVE-2020-13932
-	RESERVED
+CVE-2020-13932 (In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT p ...)
 	NOT-FOR-US: Apache ActiveMQ Artemis
 	NOTE: https://activemq.apache.org/security-advisories.data/CVE-2020-13932-announcement.txt
 CVE-2020-13931
@@ -25624,14 +25633,14 @@ CVE-2020-6105
 	RESERVED
 CVE-2020-6104
 	RESERVED
-CVE-2020-6103
-	RESERVED
-CVE-2020-6102
-	RESERVED
-CVE-2020-6101
-	RESERVED
-CVE-2020-6100
-	RESERVED
+CVE-2020-6103 (An exploitable code execution vulnerability exists in the Shader funct ...)
+	TODO: check
+CVE-2020-6102 (An exploitable code execution vulnerability exists in the Shader funct ...)
+	TODO: check
+CVE-2020-6101 (An exploitable code execution vulnerability exists in the Shader funct ...)
+	TODO: check
+CVE-2020-6100 (An exploitable memory corruption vulnerability exists in AMD atidxx64. ...)
+	TODO: check
 CVE-2020-6099
 	RESERVED
 CVE-2020-6098
@@ -30345,8 +30354,8 @@ CVE-2020-4127
 	RESERVED
 CVE-2020-4126
 	RESERVED
-CVE-2020-4125
-	RESERVED
+CVE-2020-4125 (Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a malicious  ...)
+	TODO: check
 CVE-2020-4124
 	RESERVED
 CVE-2020-4123
@@ -32894,8 +32903,8 @@ CVE-2020-3444
 	RESERVED
 CVE-2020-3443
 	RESERVED
-CVE-2020-3442
-	RESERVED
+CVE-2020-3442 (The DuoConnect client enables users to establish SSH connections to ho ...)
+	TODO: check
 CVE-2020-3441
 	RESERVED
 CVE-2020-3440
@@ -37552,8 +37561,8 @@ CVE-2020-1778
 	RESERVED
 CVE-2020-1777
 	RESERVED
-CVE-2020-1776
-	RESERVED
+CVE-2020-1776 (When an agent user is renamed or set to invalid the session belonging  ...)
+	TODO: check
 CVE-2020-1775 (BCC recipients in mails sent from OTRS are visible in article detail o ...)
 	TODO: check
 CVE-2020-1774 (When user downloads PGP or S/MIME keys/certificates, exported file has ...)
@@ -54164,6 +54173,7 @@ CVE-2019-14869 (A flaw was found in all versions of ghostscript 9.x before 9.50,
 	NOTE: from http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=7ecbfda92b4c8dbf6f6c2bf8fc82020a29219eff
 	NOTE: which changed the access to file permissions.
 CVE-2019-14868 (In ksh version 20120801, a flaw was found in the way it evaluates cert ...)
+	{DLA-2284-1}
 	- ksh 2020.0.0-2.1 (bug #948989)
 	[buster] - ksh <no-dsa> (Minor issue)
 	[jessie] - ksh <ignored> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b23f2cbf95c24f029202ad81dc24ffa65e87f681

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b23f2cbf95c24f029202ad81dc24ffa65e87f681
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200721/6c89ced0/attachment.html>

More information about the debian-security-tracker-commits mailing list