[Git][security-tracker-team/security-tracker][master] automatic update

Thu Jul 30 09:10:34 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7d0477b0 by security tracker role at 2020-07-30T08:10:27+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2020-16145
+	RESERVED
+CVE-2020-16144
+	RESERVED
+CVE-2020-16143 (The seafile-client client 7.0.8 for Seafile is vulnerable to DLL hijac ...)
+	TODO: check
+CVE-2020-16142
+	RESERVED
+CVE-2020-16141
+	RESERVED
+CVE-2020-16140
+	RESERVED
+CVE-2020-16139
+	RESERVED
+CVE-2020-16138
+	RESERVED
+CVE-2020-16137
+	RESERVED
+CVE-2020-16136
+	RESERVED
+CVE-2020-16135 (libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buf ...)
+	TODO: check
+CVE-2020-16134
+	RESERVED
+CVE-2020-16133
+	RESERVED
+CVE-2020-16132
+	RESERVED
+CVE-2017-18923 (beroNet VoIP Gateways before 3.0.16 have a PHP script that allows down ...)
+	TODO: check
 CVE-2020-16131
 	RESERVED
 CVE-2020-16130
@@ -18599,7 +18629,7 @@ CVE-2020-9272 (ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mo
 	NOTE: Debian does not build mod_cap and does not use the embedded libcap.
 	NOTE: Sourcewise fixed in 1.3.6c by updating to the lastest libcap.
 CVE-2019-20479 (A flaw was found in mod_auth_openidc before version 2.4.1. An open red ...)
-	{DLA-2130-1}
+	{DLA-2298-1 DLA-2130-1}
 	- libapache2-mod-auth-openidc 2.4.1-1
 	[buster] - libapache2-mod-auth-openidc <no-dsa> (Minor issue)
 	NOTE: https://github.com/zmartzone/mod_auth_openidc/commit/02431c0adfa30f478cf2eb20ed6ea51fdf446be7
@@ -55041,7 +55071,7 @@ CVE-2019-14858 (A vulnerability was found in Ansible engine 2.x up to 2.8 and An
 	NOTE: https://github.com/ansible/ansible/pull/63405
 	NOTE: Sub-options/sub-specs/sub-parameters introduced in https://github.com/ansible/ansible/commit/25de905c6e05bd6df91f4299628ee6d386d3da50 (2.4)
 CVE-2019-14857 (A flaw was found in mod_auth_openidc before version 2.4.0.1. An open r ...)
-	{DLA-1996-1}
+	{DLA-2298-1 DLA-1996-1}
 	- libapache2-mod-auth-openidc 2.4.0.3-1 (bug #942165)
 	[buster] - libapache2-mod-auth-openidc <no-dsa> (Minor issue)
 	NOTE: https://github.com/zmartzone/mod_auth_openidc/commit/5c15dfb08106c2451c2c44ce7ace6813c216ba75
@@ -70931,7 +70961,7 @@ CVE-2019-1010249 (The Linux Foundation ONOS 2.0.0 and earlier is affected by: In
 CVE-2019-1010248 (Synetics GmbH I-doit 1.12 and earlier is affected by: SQL Injection. T ...)
 	NOT-FOR-US: ONOS
 CVE-2019-1010247 (ZmartZone IAM mod_auth_openidc 2.3.10.1 and earlier is affected by: Cr ...)
-	{DLA-1894-1}
+	{DLA-2298-1 DLA-1894-1}
 	- libapache2-mod-auth-openidc 2.3.10.2-1
 	NOTE: Fixed by: https://github.com/zmartzone/mod_auth_openidc/commit/132a4111bf3791e76437619a66336dce2ce4c79b (v2.3.10.2)
 	NOTE: https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2019-001_mod_auth_openidc_reflected_xss.txt



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d0477b0f601eb75a3ac3b1e260aa8c2995d4b23

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d0477b0f601eb75a3ac3b1e260aa8c2995d4b23
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200730/0e48ec7a/attachment.html>
