[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed Jul 29 21:10:28 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a0e57058 by security tracker role at 2020-07-29T20:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2020-16131
+ RESERVED
+CVE-2020-16130
+ RESERVED
+CVE-2020-16129
+ RESERVED
+CVE-2020-16128
+ RESERVED
+CVE-2020-16127
+ RESERVED
+CVE-2020-16126
+ RESERVED
+CVE-2020-16125
+ RESERVED
+CVE-2020-16124
+ RESERVED
+CVE-2020-16123
+ RESERVED
+CVE-2020-16122
+ RESERVED
+CVE-2020-16121
+ RESERVED
+CVE-2020-16120
+ RESERVED
+CVE-2020-16119
+ RESERVED
+CVE-2020-16118 (In GNOME Balsa before 2.6.0, a malicious server operator or man in the ...)
+ TODO: check
+CVE-2020-16117 (In GNOME evolution-data-server before 3.35.91, a malicious server can ...)
+ TODO: check
CVE-2020-16116
RESERVED
CVE-2020-16115
@@ -40,8 +70,8 @@ CVE-2020-16097
RESERVED
CVE-2020-16096
RESERVED
-CVE-2020-16095
- RESERVED
+CVE-2020-16095 (The dlf (aka Kitodo.Presentation) extension before 3.1.2 for TYPO3 all ...)
+ TODO: check
CVE-2020-16094 (In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious ...)
- claws-mail <unfixed>
NOTE: https://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=4313
@@ -918,20 +948,19 @@ CVE-2020-15709
RESERVED
CVE-2020-15708
RESERVED
-CVE-2020-15707
- RESERVED
+CVE-2020-15707 (Integer overflows were discovered in the functions grub_cmd_initrd and ...)
+ {DSA-4735-1}
- grub2 2.04-9
[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
NOTE: https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=e7b8856f8be3292afdb38d2e8c70ad8d62a61e10
-CVE-2020-15706
- RESERVED
+CVE-2020-15706 (GRUB2 contains a race condition in grub_script_function_create() leadi ...)
+ {DSA-4735-1}
- grub2 2.04-9
[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
NOTE: https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=426f57383d647406ae9c628c472059c27cd6e040
-CVE-2020-15705
- RESERVED
+CVE-2020-15705 (GRUB2 fails to validate kernel signature when booted directly without ...)
- grub2 <unfixed> (unimportant)
NOTE: Issue does not affect standard SB Debian setup.
NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
@@ -1046,6 +1075,7 @@ CVE-2020-15660
RESERVED
CVE-2020-15659
RESERVED
+ {DSA-4736-1 DLA-2297-1}
- firefox 79.0-1
- firefox-esr 68.11.0esr-1
- thunderbird <unfixed>
@@ -1090,6 +1120,7 @@ CVE-2020-15653
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/#CVE-2020-15653
CVE-2020-15652
RESERVED
+ {DSA-4736-1 DLA-2297-1}
- firefox 79.0-1
- firefox-esr 68.11.0esr-1
- thunderbird <unfixed>
@@ -1257,8 +1288,8 @@ CVE-2020-15590
RESERVED
CVE-2020-15589
RESERVED
-CVE-2020-15588
- RESERVED
+CVE-2020-15588 (An issue was discovered in the client side of Zoho ManageEngine Deskto ...)
+ TODO: check
CVE-2020-15587
RESERVED
CVE-2020-15586 (Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net ...)
@@ -1482,7 +1513,7 @@ CVE-2020-15499
RESERVED
CVE-2020-15498
RESERVED
-CVE-2020-15497 (jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build-20200224104759 ...)
+CVE-2020-15497 (** DISPUTED ** jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build ...)
NOT-FOR-US: Jalios JCMS
CVE-2020-15496
RESERVED
@@ -2288,8 +2319,8 @@ CVE-2020-15127
RESERVED
CVE-2020-15126 (In parser-server from version 3.5.0 and before 4.3.0, an authenticated ...)
NOT-FOR-US: Node parser-server
-CVE-2020-15125
- RESERVED
+CVE-2020-15125 (In auth0 (npm package) versions before 2.27.1, a DenyList of specific ...)
+ TODO: check
CVE-2020-15124 (In Goobi Viewer Core before version 4.8.3, a path traversal vulnerabil ...)
NOT-FOR-US: Goobi Viewer Core
CVE-2020-15123 (In codecov (npm package) before version 3.7.1 the upload method has a ...)
@@ -2355,10 +2386,10 @@ CVE-2020-15101 (In freewvs before 0.1.1, a directory structure of more than 1000
NOT-FOR-US: freewvs
CVE-2020-15100 (In freewvs before 0.1.1, a user could create a large file that freewvs ...)
NOT-FOR-US: freewvs
-CVE-2020-15099
- RESERVED
-CVE-2020-15098
- RESERVED
+CVE-2020-15099 (In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and ...)
+ TODO: check
+CVE-2020-15098 (In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and ...)
+ TODO: check
CVE-2020-15097
RESERVED
CVE-2020-15096 (In Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21, the ...)
@@ -2384,8 +2415,8 @@ CVE-2020-15088
RESERVED
CVE-2020-15087 (In Presto before version 337, authenticated users can bypass authoriza ...)
NOT-FOR-US: Presto query engine, different from src:presto
-CVE-2020-15086
- RESERVED
+CVE-2020-15086 (In TYPO3 installations with the "mediace" extension from version 7.6.2 ...)
+ TODO: check
CVE-2020-15085 (In Saleor Storefront before version 2.10.3, request data used to authe ...)
NOT-FOR-US: Saleor Storefront
CVE-2020-15084 (In express-jwt (NPM package) up and including version 5.3.3, the algor ...)
@@ -3681,22 +3712,22 @@ CVE-2020-14495
RESERVED
CVE-2020-14494 (OpenClinic GA versions 5.09.02 and 5.89.05b contain an authentication ...)
NOT-FOR-US: OpenClinic GA
-CVE-2020-14493
- RESERVED
-CVE-2020-14492
- RESERVED
+CVE-2020-14493 (A low-privilege user may use SQL syntax to write arbitrary files to th ...)
+ TODO: check
+CVE-2020-14492 (OpenClinic GA 5.09.02 and 5.89.05b does not properly neutralize user-c ...)
+ TODO: check
CVE-2020-14491 (OpenClinic GA versions 5.09.02 and 5.89.05b do not properly check perm ...)
NOT-FOR-US: OpenClinic GA
-CVE-2020-14490
- RESERVED
-CVE-2020-14489
- RESERVED
-CVE-2020-14488
- RESERVED
-CVE-2020-14487
- RESERVED
-CVE-2020-14486
- RESERVED
+CVE-2020-14490 (OpenClinic GA 5.09.02 and 5.89.05b includes arbitrary local files spec ...)
+ TODO: check
+CVE-2020-14489 (OpenClinic GA 5.09.02 and 5.89.05b stores passwords using inadequate h ...)
+ TODO: check
+CVE-2020-14488 (OpenClinic GA 5.09.02 and 5.89.05b does not properly verify uploaded f ...)
+ TODO: check
+CVE-2020-14487 (OpenClinic GA 5.09.02 contains a hidden default user account that may ...)
+ TODO: check
+CVE-2020-14486 (An attacker may bypass permission/authorization checks in OpenClinic G ...)
+ TODO: check
CVE-2020-14485 (OpenClinic GA versions 5.09.02 and 5.89.05b may allow an attacker to b ...)
NOT-FOR-US: OpenClinic GA
CVE-2020-14484 (OpenClinic GA versions 5.09.02 and 5.89.05b may allow an attacker to b ...)
@@ -4405,8 +4436,7 @@ CVE-2020-14318
CVE-2020-14317
RESERVED
- wildfly <itp> (bug #752018)
-CVE-2020-14316
- RESERVED
+CVE-2020-14316 (A flaw was found in kubevirt 0.29 and earlier. Virtual Machine Instanc ...)
NOT-FOR-US: KubeVirt
CVE-2020-14315
RESERVED
@@ -4428,24 +4458,27 @@ CVE-2020-14312
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1851342
CVE-2020-14311
RESERVED
+ {DSA-4735-1}
- grub2 2.04-9
[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
NOTE: https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=3f05d693d1274965ffbe4ba99080dc2c570944c6
CVE-2020-14310
RESERVED
+ {DSA-4735-1}
- grub2 2.04-9
[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
NOTE: https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=3f05d693d1274965ffbe4ba99080dc2c570944c6
CVE-2020-14309
RESERVED
+ {DSA-4735-1}
- grub2 2.04-9
[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
NOTE: https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=3f05d693d1274965ffbe4ba99080dc2c570944c6
-CVE-2020-14308
- RESERVED
+CVE-2020-14308 (In grub2 versions before 2.06 the grub memory allocator doesn't check ...)
+ {DSA-4735-1}
- grub2 2.04-9
[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
@@ -6082,8 +6115,8 @@ CVE-2020-13701
RESERVED
CVE-2020-13700 (An issue was discovered in the acf-to-rest-api plugin through 3.1.0 fo ...)
NOT-FOR-US: acf-to-rest-api plugin for WordPress
-CVE-2020-13699
- RESERVED
+CVE-2020-13699 (TeamViewer Desktop for Windows before 15.8.3 does not properly quote i ...)
+ TODO: check
CVE-2020-13698
RESERVED
CVE-2020-13697
@@ -10378,13 +10411,11 @@ CVE-2020-11935
NOTE: https://sourceforge.net/p/aufs/mailman/message/37048642/
NOTE: https://github.com/sfjro/aufs4-linux/commit/515a586eeef31e0717d5dea21e2c11a965340b3c
NOTE: https://github.com/sfjro/aufs4-linux/commit/f10aea57d39d6cd311312e9e7746804f7059b5c8
-CVE-2020-11934
- RESERVED
+CVE-2020-11934 (It was discovered that snapctl user-open allowed altering the $XDG_DAT ...)
- snapd 2.45.2-1
[buster] - snapd <no-dsa> (Minor issue)
NOTE: https://github.com/snapcore/snapd/commit/06342a31878f1cf99d56da5483e71b9af61f46ad
-CVE-2020-11933
- RESERVED
+CVE-2020-11933 (cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 de ...)
NOT-FOR-US: cloud-init in some Ubuntu images
CVE-2020-11932 (It was discovered that the Subiquity installer for Ubuntu Server logge ...)
NOT-FOR-US: Subiquity installer for Ubuntu
@@ -15043,6 +15074,7 @@ CVE-2020-10714
NOT-FOR-US: WildFly Elytron
CVE-2020-10713
RESERVED
+ {DSA-4735-1}
- grub2 2.04-9
[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
NOTE: https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/
@@ -17521,14 +17553,14 @@ CVE-2020-9694
RESERVED
CVE-2020-9693
RESERVED
-CVE-2020-9692
- RESERVED
-CVE-2020-9691
- RESERVED
-CVE-2020-9690
- RESERVED
-CVE-2020-9689
- RESERVED
+CVE-2020-9692 (Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a ...)
+ TODO: check
+CVE-2020-9691 (Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a ...)
+ TODO: check
+CVE-2020-9690 (Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a ...)
+ TODO: check
+CVE-2020-9689 (Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a ...)
+ TODO: check
CVE-2020-9688 (Adobe Download Manager version 2.0.0.518 have a command injection vuln ...)
NOT-FOR-US: Adobe
CVE-2020-9687 (Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an ...)
@@ -20254,8 +20286,8 @@ CVE-2020-8555 (The Kubernetes kube-controller-manager in versions v1.0-1.14, ver
NOTE: https://github.com/kubernetes/kubernetes/issues/91542
CVE-2020-8554
RESERVED
-CVE-2020-8553
- RESERVED
+CVE-2020-8553 (The Kubernetes ingress-nginx component prior to version 0.28.0 allows ...)
+ TODO: check
CVE-2020-8552 (The Kubernetes API server component in versions prior to 1.15.9, 1.16. ...)
- kubernetes 1.17.4-1
NOTE: https://github.com/kubernetes/kubernetes/issues/89378
@@ -22354,13 +22386,13 @@ CVE-2020-7700
RESERVED
CVE-2020-7699
RESERVED
-CVE-2020-7698
- RESERVED
-CVE-2020-7697
- RESERVED
+CVE-2020-7698 (This affects the package Gerapy from 0 and before 0.9.3. The input bei ...)
+ TODO: check
+CVE-2020-7697 (This affects all versions of package mock2easy. a malicious user could ...)
+ TODO: check
CVE-2020-7696 (This affects all versions of package react-native-fast-image. When an ...)
TODO: check
-CVE-2020-7695 (This affects all versions of package uvicorn. Uvicorn's implementation ...)
+CVE-2020-7695 (Uvicorn before 0.11.7 is vulnerable to HTTP response splitting. CRLF s ...)
TODO: check
CVE-2020-7694 (This affects all versions of package uvicorn. The request logger provi ...)
TODO: check
@@ -25241,6 +25273,7 @@ CVE-2020-6515 (Use after free in tab strip in Google Chrome prior to 84.0.4147.8
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6514 (Inappropriate implementation in WebRTC in Google Chrome prior to 84.0. ...)
+ {DSA-4736-1 DLA-2297-1}
[experimental] - chromium 84.0.4147.89-1
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -25445,7 +25478,7 @@ CVE-2020-6464 (Type confusion in Blink in Google Chrome prior to 81.0.4044.138 a
- chromium 83.0.4103.83-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6463 (Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowe ...)
- {DSA-4714-1}
+ {DSA-4736-1 DSA-4714-1 DLA-2297-1}
- chromium 83.0.4103.83-1
[stretch] - chromium <end-of-life> (see DSA 4562)
- firefox 79.0-1
@@ -27126,14 +27159,14 @@ CVE-2020-5765 (Nessus 8.10.0 and earlier were found to contain a Stored XSS vuln
NOT-FOR-US: Nessus
CVE-2020-5764 (MX Player Android App versions prior to v1.24.5, are vulnerable to a d ...)
NOT-FOR-US: MX Player Android App
-CVE-2020-5763
- RESERVED
-CVE-2020-5762
- RESERVED
-CVE-2020-5761
- RESERVED
-CVE-2020-5760
- RESERVED
+CVE-2020-5763 (Grandstream HT800 series firmware version 1.0.17.5 and below contain a ...)
+ TODO: check
+CVE-2020-5762 (Grandstream HT800 series firmware version 1.0.17.5 and below is vulner ...)
+ TODO: check
+CVE-2020-5761 (Grandstream HT800 series firmware version 1.0.17.5 and below is vulner ...)
+ TODO: check
+CVE-2020-5760 (Grandstream HT800 series firmware version 1.0.17.5 and below is vulner ...)
+ TODO: check
CVE-2020-5759 (Grandstream UCM6200 series firmware version 1.0.20.23 and below is vul ...)
NOT-FOR-US: Grandstream
CVE-2020-5758 (Grandstream UCM6200 series firmware version 1.0.20.23 and below is vul ...)
@@ -30050,10 +30083,10 @@ CVE-2020-4647
RESERVED
CVE-2020-4646
RESERVED
-CVE-2020-4645
- RESERVED
-CVE-2020-4644
- RESERVED
+CVE-2020-4645 (IBM Planning Analytics Local 2.0.0 through 2.0.9.1 is vulnerable to cr ...)
+ TODO: check
+CVE-2020-4644 (IBM Planning Analytics Local 2.0.0 through 2.0.9.1 could allow a remot ...)
+ TODO: check
CVE-2020-4643
RESERVED
CVE-2020-4642
@@ -30192,22 +30225,22 @@ CVE-2020-4576
RESERVED
CVE-2020-4575
RESERVED
-CVE-2020-4574
- RESERVED
-CVE-2020-4573
- RESERVED
-CVE-2020-4572
- RESERVED
+CVE-2020-4574 (IBM Tivoli Key Lifecycle Manager does not require that users should ha ...)
+ TODO: check
+CVE-2020-4573 (IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could disclose sensitiv ...)
+ TODO: check
+CVE-2020-4572 (IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote at ...)
+ TODO: check
CVE-2020-4571
RESERVED
CVE-2020-4570
RESERVED
-CVE-2020-4569
- RESERVED
+CVE-2020-4569 (IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 uses a protection mecha ...)
+ TODO: check
CVE-2020-4568
RESERVED
-CVE-2020-4567
- RESERVED
+CVE-2020-4567 (IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 uses an inadequate acco ...)
+ TODO: check
CVE-2020-4566
RESERVED
CVE-2020-4565 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an attacke ...)
@@ -30414,8 +30447,8 @@ CVE-2020-4465 (IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 CD,
NOT-FOR-US: IBM
CVE-2020-4464 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional co ...)
NOT-FOR-US: IBM
-CVE-2020-4463
- RESERVED
+CVE-2020-4463 (IBM Maximo Asset Management 7.6.0.1 and 7.6.0.2 is vulnerable to an XM ...)
+ TODO: check
CVE-2020-4462 (IBM Sterling External Authentication Server 6.0.1, 6.0.0, 2.4.3.2, and ...)
NOT-FOR-US: IBM
CVE-2020-4461 (IBM Security Access Manager Appliance 9.0.7.1 could allow an authentic ...)
@@ -31253,6 +31286,7 @@ CVE-2020-4051 (In Dijit before versions 1.11.11, and greater than or equal to 1.
CVE-2020-4045 (SSB-DB version 20.0.0 has an information disclosure vulnerability. The ...)
NOT-FOR-US: SSB-DB
CVE-2020-4044 (The xrdp-sesman service before version 0.9.13.1 can be crashed by conn ...)
+ {DSA-4737-1}
- xrdp 0.9.12-1.1 (bug #964573)
NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-j9fv-6fwf-p3g4
NOTE: Fixed by: https://github.com/neutrinolabs/xrdp/commit/e593f58a82bf79b556601ae08e9e25e366a662fb
@@ -31780,24 +31814,24 @@ CVE-2019-20035
RESERVED
CVE-2019-20034
RESERVED
-CVE-2019-20033
- RESERVED
-CVE-2019-20032
- RESERVED
-CVE-2019-20031
- RESERVED
-CVE-2019-20030
- RESERVED
-CVE-2019-20029
- RESERVED
-CVE-2019-20028
- RESERVED
-CVE-2019-20027
- RESERVED
-CVE-2019-20026
- RESERVED
-CVE-2019-20025
- RESERVED
+CVE-2019-20033 (On Aspire-derived NEC PBXes, including all versions of SV8100 devices, ...)
+ TODO: check
+CVE-2019-20032 (An attacker with access to an InMail voicemail box equipped with the f ...)
+ TODO: check
+CVE-2019-20031 (NEC UM8000, UM4730 and prior non-InMail voicemail systems with all kno ...)
+ TODO: check
+CVE-2019-20030 (An attacker with knowledge of the modem access number on a NEC UM8000 ...)
+ TODO: check
+CVE-2019-20029 (An exploitable privilege escalation vulnerability exists in the WebPro ...)
+ TODO: check
+CVE-2019-20028 (Aspire-derived NEC PBXes operating InMail software, including all vers ...)
+ TODO: check
+CVE-2019-20027 (Aspire-derived NEC PBXes, including the SV8100, SV9100, SL1100 and SL2 ...)
+ TODO: check
+CVE-2019-20026 (The WebPro interface in NEC SV9100 software releases 7.0 or higher all ...)
+ TODO: check
+CVE-2019-20025 (Certain builds of NEC SV9100 software could allow an unauthenticated, ...)
+ TODO: check
CVE-2019-20024 (A heap-based buffer overflow was discovered in image_buffer_resize in ...)
- libsixel 1.8.6-1 (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
@@ -37055,12 +37089,12 @@ CVE-2020-2080
RESERVED
CVE-2020-2079
RESERVED
-CVE-2020-2078
- RESERVED
-CVE-2020-2077
- RESERVED
-CVE-2020-2076
- RESERVED
+CVE-2020-2078 (Passwords are stored in plain text within the configuration of SICK Pa ...)
+ TODO: check
+CVE-2020-2077 (SICK Package Analytics software up to and including version V04.0.0 ar ...)
+ TODO: check
+CVE-2020-2076 (SICK Package Analytics software up to and including version V04.0.0 ar ...)
+ TODO: check
CVE-2020-2075
RESERVED
CVE-2020-2074
@@ -79084,7 +79118,7 @@ CVE-2019-7149 (A heap-based buffer over-read was discovered in the function read
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24102
NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00068.html
NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=2562759d6fe5b364fe224852e64e8bda39eb2e35
-CVE-2019-7148 (**DISPUTED** An attempted excessive memory allocation was discovered i ...)
+CVE-2019-7148 (An attempted excessive memory allocation was discovered in the functio ...)
- elfutils 0.176-1 (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24085
NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=e32380ecefbb23448541367283d3b94930762986
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0e57058ca4665080182f1ac0f5f27ece42ec78b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0e57058ca4665080182f1ac0f5f27ece42ec78b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200729/46070af8/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list