[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Fri Jul 24 21:10:29 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6ba2ab17 by security tracker role at 2020-07-24T20:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
-CVE-2020-15932
-	RESERVED
+CVE-2020-15932 (Overwolf before 0.149.2.30 mishandles Symbolic Links during updates, c ...)
+	TODO: check
 CVE-2020-15931
 	RESERVED
 CVE-2020-15930
@@ -150,8 +150,8 @@ CVE-2020-15862
 	RESERVED
 CVE-2020-15861
 	RESERVED
-CVE-2020-15860
-	RESERVED
+CVE-2020-15860 (Parallels Remote Application Server (RAS) 17.1.1 has a Business Logic  ...)
+	TODO: check
 CVE-2020-15859 (QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a gues ...)
 	- qemu <unfixed> (bug #965978)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-07/msg05895.html
@@ -350,8 +350,8 @@ CVE-2020-15780 (An issue was discovered in drivers/acpi/acpi_configfs.c in the L
 	- linux <unfixed>
 	NOTE: https://www.openwall.com/lists/oss-security/2020/06/15/3
 	NOTE: Fixed by: https://git.kernel.org/linus/75b0cea7bf307f362057cc778efe89af4c615354
-CVE-2020-15778
-	RESERVED
+CVE-2020-15778 (scp in OpenSSH through 8.3p1 allows command injection in scp.c remote  ...)
+	TODO: check
 CVE-2020-15777
 	RESERVED
 CVE-2020-15776
@@ -1986,6 +1986,7 @@ CVE-2020-15051 (An issue was discovered in Artica Proxy before 4.30.000000. Stor
 CVE-2020-15050 (An issue was discovered in the Video Extension in Suprema BioStar 2 be ...)
 	NOT-FOR-US: Suprema BioStar
 CVE-2020-15049 (An issue was discovered in http/ContentLengthInterpreter.cc in Squid b ...)
+	{DSA-4732-1}
 	- squid 4.12-1
 	- squid3 <removed>
 	NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-qf3v-rc95-96j5
@@ -3940,8 +3941,7 @@ CVE-2020-14309
 	RESERVED
 CVE-2020-14308
 	RESERVED
-CVE-2020-14307
-	RESERVED
+CVE-2020-14307 (A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) ver ...)
 	- wildfly <itp> (bug #752018)
 CVE-2020-14306
 	RESERVED
@@ -3970,8 +3970,8 @@ CVE-2020-14299
 	RESERVED
 CVE-2020-14298 (The version of docker as released for Red Hat Enterprise Linux 7 Extra ...)
 	- docker.io <not-affected> (Red Hat specific regression)
-CVE-2020-14297
-	RESERVED
+CVE-2020-14297 (A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat  ...)
+	TODO: check
 CVE-2020-14296
 	RESERVED
 CVE-2020-14295 (A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to  ...)
@@ -5410,7 +5410,7 @@ CVE-2020-13767
 CVE-2020-13766
 	RESERVED
 CVE-2020-13765 (rom_copy() in hw/core/loader.c in QEMU 4.1.0 does not validate the rel ...)
-	{DLA-2262-1}
+	{DSA-4728-1 DLA-2262-1}
 	- qemu 1:4.2-1
 	NOTE: https://www.openwall.com/lists/oss-security/2020/06/03/6
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=e423455c4f23a1a828901c78fe6d03b7dde79319
@@ -19575,7 +19575,7 @@ CVE-2020-8610
 CVE-2020-8609
 	RESERVED
 CVE-2020-8608 (In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf  ...)
-	{DLA-2144-1 DLA-2142-1}
+	{DSA-4733-1 DLA-2144-1 DLA-2142-1}
 	- libslirp 4.2.0-1
 	- qemu 1:4.1-2
 	[stretch] - qemu <postponed> (Minor issue)
@@ -20232,8 +20232,8 @@ CVE-2020-8328
 	RESERVED
 CVE-2020-8327 (A privilege escalation vulnerability was reported in LenovoBatteryGaug ...)
 	NOT-FOR-US: Lenovo
-CVE-2020-8326
-	RESERVED
+CVE-2020-8326 (An unquoted service path vulnerability was reported in Lenovo Drivers  ...)
+	TODO: check
 CVE-2020-8325
 	RESERVED
 CVE-2020-8324 (A vulnerability was reported in LenovoAppScenarioPluginSystem for Leno ...)
@@ -20250,8 +20250,8 @@ CVE-2020-8319 (A privilege escalation vulnerability was reported in Lenovo Syste
 	NOT-FOR-US: Lenovo
 CVE-2020-8318 (A privilege escalation vulnerability was reported in the LenovoSystemU ...)
 	NOT-FOR-US: Lenovo
-CVE-2020-8317
-	RESERVED
+CVE-2020-8317 (A DLL search path vulnerability was reported in Lenovo Drivers Managem ...)
+	TODO: check
 CVE-2020-8316 (A vulnerability was reported in Lenovo Vantage prior to version 10.200 ...)
 	NOT-FOR-US: Lenovo
 CVE-2020-8428 (fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky u ...)
@@ -40182,7 +40182,6 @@ CVE-2020-1505
 	RESERVED
 CVE-2020-1504
 	RESERVED
-	{DSA-4732-1}
 CVE-2020-1503
 	RESERVED
 CVE-2020-1502



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ba2ab176284963973578ea88a946ca46306a696

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ba2ab176284963973578ea88a946ca46306a696
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200724/d18af088/attachment.html>

More information about the debian-security-tracker-commits mailing list