[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Jun 4 21:38:17 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2ecefd79 by security tracker role at 2020-06-04T20:38:09+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,29 +1,85 @@
-CVE-2020-13815
+CVE-2020-13843
RESERVED
-CVE-2020-13814
+CVE-2020-13842
RESERVED
-CVE-2020-13813
+CVE-2020-13841
RESERVED
-CVE-2020-13812
+CVE-2020-13840
RESERVED
-CVE-2020-13811
+CVE-2020-13839
RESERVED
-CVE-2020-13810
+CVE-2020-13838 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
+ TODO: check
+CVE-2020-13837 (An issue was discovered on Samsung mobile devices with Q(10.0) softwar ...)
+ TODO: check
+CVE-2020-13836 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
+ TODO: check
+CVE-2020-13835 (An issue was discovered on Samsung mobile devices with O(8.x) (with TE ...)
+ TODO: check
+CVE-2020-13834 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
+ TODO: check
+CVE-2020-13833 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
+ TODO: check
+CVE-2020-13832 (An issue was discovered on Samsung mobile devices with Q(10.0) (with T ...)
+ TODO: check
+CVE-2020-13831 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
+ TODO: check
+CVE-2020-13830 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
+ TODO: check
+CVE-2020-13829 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
+ TODO: check
+CVE-2020-13828
+ RESERVED
+CVE-2020-13827 (phpList before 3.5.4 allows XSS via /lists/admin/user.php and /lists/a ...)
+ TODO: check
+CVE-2020-13826
RESERVED
-CVE-2020-13809
+CVE-2020-13825
RESERVED
-CVE-2020-13808
+CVE-2020-13824
RESERVED
-CVE-2020-13807
+CVE-2020-13823
RESERVED
-CVE-2020-13806
+CVE-2020-13822 (The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleabi ...)
+ TODO: check
+CVE-2020-13821
RESERVED
-CVE-2020-13805
+CVE-2020-13820
RESERVED
-CVE-2020-13804
+CVE-2020-13819
RESERVED
-CVE-2020-13803
+CVE-2020-13818 (In Zoho ManageEngine OpManager before 125144, when <cachestart> ...)
+ TODO: check
+CVE-2020-13817 (ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote att ...)
+ TODO: check
+CVE-2020-13816
RESERVED
+CVE-2020-13815 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. I ...)
+ TODO: check
+CVE-2020-13814 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. I ...)
+ TODO: check
+CVE-2020-13813 (An issue was discovered in Foxit Studio Photo before 3.6.6.922. It all ...)
+ TODO: check
+CVE-2020-13812 (An issue was discovered in Foxit Studio Photo before 3.6.6.922. It all ...)
+ TODO: check
+CVE-2020-13811 (An issue was discovered in Foxit Studio Photo before 3.6.6.922. It has ...)
+ TODO: check
+CVE-2020-13810 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. I ...)
+ TODO: check
+CVE-2020-13809 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. I ...)
+ TODO: check
+CVE-2020-13808 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. I ...)
+ TODO: check
+CVE-2020-13807 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. I ...)
+ TODO: check
+CVE-2020-13806 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. I ...)
+ TODO: check
+CVE-2020-13805 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. I ...)
+ TODO: check
+CVE-2020-13804 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. I ...)
+ TODO: check
+CVE-2020-13803 (An issue was discovered in Foxit PhantomPDF Mac and Foxit Reader for M ...)
+ TODO: check
CVE-2020-13802
RESERVED
CVE-2020-13801
@@ -44,76 +100,76 @@ CVE-2020-13793
RESERVED
CVE-2020-13792 (PlayTube 1.8 allows disclosure of user details via ajax.php?type=../ad ...)
TODO: check
-CVE-2019-20837
- RESERVED
-CVE-2019-20836
- RESERVED
-CVE-2019-20835
- RESERVED
-CVE-2019-20834
- RESERVED
-CVE-2019-20833
- RESERVED
-CVE-2019-20832
- RESERVED
-CVE-2019-20831
- RESERVED
-CVE-2019-20830
- RESERVED
-CVE-2019-20829
- RESERVED
-CVE-2019-20828
- RESERVED
-CVE-2019-20827
- RESERVED
-CVE-2019-20826
- RESERVED
-CVE-2019-20825
- RESERVED
-CVE-2019-20824
- RESERVED
-CVE-2019-20823
- RESERVED
-CVE-2019-20822
- RESERVED
-CVE-2019-20821
- RESERVED
-CVE-2019-20820
- RESERVED
-CVE-2019-20819
- RESERVED
-CVE-2019-20818
- RESERVED
-CVE-2019-20817
- RESERVED
-CVE-2019-20816
- RESERVED
-CVE-2019-20815
- RESERVED
-CVE-2019-20814
- RESERVED
-CVE-2019-20813
- RESERVED
-CVE-2018-21244
- RESERVED
-CVE-2018-21243
- RESERVED
-CVE-2018-21242
- RESERVED
-CVE-2018-21241
- RESERVED
-CVE-2018-21240
- RESERVED
-CVE-2018-21239
- RESERVED
-CVE-2018-21238
- RESERVED
-CVE-2018-21237
- RESERVED
-CVE-2018-21236
- RESERVED
-CVE-2018-21235
- RESERVED
+CVE-2019-20837 (An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It ...)
+ TODO: check
+CVE-2019-20836 (An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It ...)
+ TODO: check
+CVE-2019-20835 (An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It ...)
+ TODO: check
+CVE-2019-20834 (An issue was discovered in Foxit PhantomPDF before 8.3.10. It allows s ...)
+ TODO: check
+CVE-2019-20833 (An issue was discovered in Foxit PhantomPDF before 8.3.10. It has mish ...)
+ TODO: check
+CVE-2019-20832 (An issue was discovered in Foxit PhantomPDF before 8.3.10. It has homo ...)
+ TODO: check
+CVE-2019-20831 (An issue was discovered in the 3D Plugin Beta for Foxit Reader and Pha ...)
+ TODO: check
+CVE-2019-20830 (An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It ...)
+ TODO: check
+CVE-2019-20829 (An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It ...)
+ TODO: check
+CVE-2019-20828 (An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It ...)
+ TODO: check
+CVE-2019-20827 (An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader f ...)
+ TODO: check
+CVE-2019-20826 (An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader f ...)
+ TODO: check
+CVE-2019-20825 (An issue was discovered in Foxit PhantomPDF before 8.3.11. It has an o ...)
+ TODO: check
+CVE-2019-20824 (An issue was discovered in Foxit PhantomPDF before 8.3.11. It has a NU ...)
+ TODO: check
+CVE-2019-20823 (An issue was discovered in Foxit PhantomPDF before 8.3.11. It has a bu ...)
+ TODO: check
+CVE-2019-20822 (An issue was discovered in the 3D Plugin Beta for Foxit Reader and Pha ...)
+ TODO: check
+CVE-2019-20821 (An issue was discovered in Foxit PhantomPDF Mac before 3.4. It has a N ...)
+ TODO: check
+CVE-2019-20820 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It ...)
+ TODO: check
+CVE-2019-20819 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It ...)
+ TODO: check
+CVE-2019-20818 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It ...)
+ TODO: check
+CVE-2019-20817 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It ...)
+ TODO: check
+CVE-2019-20816 (An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NU ...)
+ TODO: check
+CVE-2019-20815 (An issue was discovered in Foxit PhantomPDF before 8.3.12. It allows s ...)
+ TODO: check
+CVE-2019-20814 (An issue was discovered in Foxit PhantomPDF before 8.3.12. It allows m ...)
+ TODO: check
+CVE-2019-20813 (An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NU ...)
+ TODO: check
+CVE-2018-21244 (An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows ar ...)
+ TODO: check
+CVE-2018-21243 (An issue was discovered in Foxit PhantomPDF before 8.3.6. It has COM o ...)
+ TODO: check
+CVE-2018-21242 (An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows Re ...)
+ TODO: check
+CVE-2018-21241 (An issue was discovered in Foxit PhantomPDF before 8.3.6. It has an un ...)
+ TODO: check
+CVE-2018-21240 (An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It ...)
+ TODO: check
+CVE-2018-21239 (An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It ...)
+ TODO: check
+CVE-2018-21238 (An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows me ...)
+ TODO: check
+CVE-2018-21237 (An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NT ...)
+ TODO: check
+CVE-2018-21236 (An issue was discovered in Foxit Reader before 2.4.4. It has a NULL po ...)
+ TODO: check
+CVE-2018-21235 (An issue was discovered in Foxit E-mail advertising system before Sept ...)
+ TODO: check
CVE-2020-XXXX [Cross-Site Scripting (XSS) vulnerability via malicious XML messages]
- roundcube 1.4.5+dfsg.1-1 (bug #962124)
NOTE: 1.4.x: https://github.com/roundcube/roundcubemail/commit/ccaccae6653031b809b4347a60021951e19a0e43
@@ -122,16 +178,14 @@ CVE-2020-XXXX [Cross-Site Scripting (XSS) vulnerability in template object 'user
- roundcube 1.4.5+dfsg.1-1 (bug #962123)
NOTE: 1.4.x: https://github.com/roundcube/roundcubemail/commit/4beec65d40c5e5b1f2bace935c110baf05e10ae5
NOTE: 1.3.x: https://github.com/roundcube/roundcubemail/commit/37e2bc745723ef6322f0f785aefd0b9313a40f19
-CVE-2020-13800 [ati-vga: infinite recursion in ati_mm_read/write calls may lead to DoS]
- RESERVED
+CVE-2020-13800 (ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to tri ...)
- qemu <unfixed>
[buster] - qemu <not-affected> (Vulnerable code introduced later)
[stretch] - qemu <not-affected> (Vulnerable code introduced later)
[jessie] - qemu <not-affected> (Vulnerable code introduced later)
NOTE: https://www.openwall.com/lists/oss-security/2020/06/04/2
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00833.html
-CVE-2020-13791 [ati-vga: OOB access while reading PCI configuration may lead to DoS]
- RESERVED
+CVE-2020-13791 (hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of- ...)
- qemu <unfixed>
[buster] - qemu <not-affected> (Vulnerable code introduced later)
[stretch] - qemu <not-affected> (Vulnerable code introduced later)
@@ -197,8 +251,7 @@ CVE-2020-13767
RESERVED
CVE-2020-13766
RESERVED
-CVE-2020-13765 [loader: OOB access while loading registered ROM may lead to code execution]
- RESERVED
+CVE-2020-13765 (rom_copy() in hw/core/loader.c in QEMU 4.1.0 does not validate the rel ...)
- qemu 1:4.2-1
NOTE: https://www.openwall.com/lists/oss-security/2020/06/03/6
NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=e423455c4f23a1a828901c78fe6d03b7dde79319
@@ -370,8 +423,8 @@ CVE-2020-13694 (In QuickBox Community Edition through 2.5.5 and Pro Edition thro
NOT-FOR-US: QuickBox
CVE-2020-13693 (An unauthenticated privilege-escalation issue exists in the bbPress pl ...)
NOT-FOR-US: bbPress plugin for WordPress
-CVE-2020-13692
- RESERVED
+CVE-2020-13692 (PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE. ...)
+ TODO: check
CVE-2020-13691
RESERVED
CVE-2020-13690
@@ -589,6 +642,7 @@ CVE-2020-13598
CVE-2020-13597 (Clusters using Calico (version 3.14.0 and below), Calico Enterprise (v ...)
TODO: check
CVE-2020-13596 (An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0 ...)
+ {DLA-2233-1}
- python-django 2:2.2.13-1
NOTE: https://www.openwall.com/lists/oss-security/2020/06/03/1
NOTE: https://github.com/django/django/commit/2dd4d110c159d0c81dff42eaead2c378a0998735 (master)
@@ -1333,6 +1387,7 @@ CVE-2020-13256
CVE-2020-13255
RESERVED
CVE-2020-13254 (An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0 ...)
+ {DLA-2233-1}
- python-django 2:2.2.13-1
NOTE: https://www.openwall.com/lists/oss-security/2020/06/03/1
NOTE: https://github.com/django/django/commit/2c82414914ae6476be5a166be9ff49c24d0d9069 (master)
@@ -2238,8 +2293,8 @@ CVE-2020-12855
RESERVED
CVE-2020-12854
RESERVED
-CVE-2020-12853
- RESERVED
+CVE-2020-12853 (Pydio Cells 2.0.4 allows XSS. A malicious user can either upload or cr ...)
+ TODO: check
CVE-2020-12852
RESERVED
CVE-2020-12851
@@ -6011,12 +6066,12 @@ CVE-2020-11683
RESERVED
CVE-2020-11682
RESERVED
-CVE-2020-11681
- RESERVED
-CVE-2020-11680
- RESERVED
-CVE-2020-11679
- RESERVED
+CVE-2020-11681 (Castel NextGen DVR v1.0.0 stores and displays credentials for the asso ...)
+ TODO: check
+CVE-2020-11680 (Castel NextGen DVR v1.0.0 is vulnerable to authorization bypass on all ...)
+ TODO: check
+CVE-2020-11679 (Castel NextGen DVR v1.0.0 is vulnerable to privilege escalation throug ...)
+ TODO: check
CVE-2020-11678
RESERVED
CVE-2020-11677 (Cerner medico 26.00 has a Local Buffer Overflow (issue 3 of 3). ...)
@@ -6472,7 +6527,8 @@ CVE-2016-11053 (An issue was discovered on Samsung mobile devices with software
NOT-FOR-US: Samsung mobile devices
CVE-2016-11052 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) soft ...)
NOT-FOR-US: Samsung mobile devices
-CVE-2016-11051 (An issue was discovered on Samsung mobile devices with J(4.2) (Qualcom ...)
+CVE-2016-11051
+ REJECTED
NOT-FOR-US: Samsung mobile devices
CVE-2016-11050 (An issue was discovered on Samsung mobile devices with S3(KK), Note2(K ...)
NOT-FOR-US: Samsung mobile devices
@@ -9059,8 +9115,7 @@ CVE-2020-10703 (A NULL pointer dereference was found in the libvirt API responsi
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1790725
NOTE: Introduced by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=5d5c732d748d644ec14626bce448e84bdc4bd93e (v3.10.0-rc1)
NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=dfff16a7c261f8d28e3abe60a47165f845fa952f (v6.0.0-rc1)
-CVE-2020-10702 [weak signature generation in Pointer Authentication support for ARM]
- RESERVED
+CVE-2020-10702 (A flaw was found in QEMU in the implementation of the Pointer Authenti ...)
- qemu 1:4.2-5
[buster] - qemu <not-affected> (Vulnerable code introduced later)
[stretch] - qemu <not-affected> (Vulnerable code introduced later)
@@ -11918,8 +11973,8 @@ CVE-2020-9464 (A Denial-of-Service vulnerability exists in BECKHOFF Ethernet TCP
NOT-FOR-US: BECKHOFF Ethernet TCP/IP Bus Coupler BK9000
CVE-2020-9463 (Centreon 19.10 allows remote authenticated users to execute arbitrary ...)
- centreon-web <itp> (bug #913903)
-CVE-2020-9462
- RESERVED
+CVE-2020-9462 (An issue was discovered in all Athom Homey and Homey Pro devices up to ...)
+ TODO: check
CVE-2020-9461 (Octech Oempro 4.7 through 4.11 allow stored XSS by an authenticated us ...)
NOT-FOR-US: Octech Oempro
CVE-2020-9460 (Octech Oempro 4.7 through 4.11 allow XSS by an authenticated user. The ...)
@@ -12367,8 +12422,8 @@ CVE-2020-9294 (An improper authentication vulnerability in FortiMail 5.4.10, 6.0
NOT-FOR-US: FortiMail Fortiguard
CVE-2020-9293
RESERVED
-CVE-2020-9292
- RESERVED
+CVE-2020-9292 (An unquoted service path vulnerability in the FortiSIEM Windows Agent ...)
+ TODO: check
CVE-2020-9291 (An Insecure Temporary File vulnerability in FortiClient for Windows 6. ...)
NOT-FOR-US: Fortiguard / FortiClient for Windows
CVE-2020-9290 (An Unsafe Search Path vulnerability in FortiClient for Windows online ...)
@@ -16234,8 +16289,8 @@ CVE-2020-7663 (websocket-extensions ruby module prior to 0.1.5 allows Denial of
TODO: check
CVE-2020-7662 (websocket-extensions npm module prior to 1.0.4 allows Denial of Servic ...)
TODO: check
-CVE-2020-7661
- RESERVED
+CVE-2020-7661 (all versions of url-regex are vulnerable to Regular Expression Denial ...)
+ TODO: check
CVE-2020-7660 (serialize-javascript prior to 3.1.0 allows remote attackers to inject ...)
TODO: check
CVE-2020-7659 (reel through 0.6.1 allows Request Smuggling attacks due to incorrect C ...)
@@ -18673,8 +18728,8 @@ CVE-2020-6642
RESERVED
CVE-2020-6641
RESERVED
-CVE-2020-6640
- RESERVED
+CVE-2020-6640 (An improper neutralization of input vulnerability in the Admin Profile ...)
+ TODO: check
CVE-2020-6639
RESERVED
CVE-2020-6638 (Grin through 2.1.1 has Insufficient Validation. ...)
@@ -23914,8 +23969,8 @@ CVE-2020-4511
RESERVED
CVE-2020-4510
RESERVED
-CVE-2020-4509
- RESERVED
+CVE-2020-4509 (IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External Entity In ...)
+ TODO: check
CVE-2020-4508
RESERVED
CVE-2020-4507
@@ -24546,12 +24601,12 @@ CVE-2020-4195 (IBM API Connect V2018.4.1.0 through 2018.4.1.10 could allow a rem
NOT-FOR-US: IBM
CVE-2020-4194
RESERVED
-CVE-2020-4193
- RESERVED
+CVE-2020-4193 (IBM Security Guardium 11.1 uses an inadequate account lockout setting ...)
+ TODO: check
CVE-2020-4192
RESERVED
-CVE-2020-4191
- RESERVED
+CVE-2020-4191 (IBM Security Guardium 11.1 uses weaker than expected cryptographic alg ...)
+ TODO: check
CVE-2020-4190 (IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded credent ...)
NOT-FOR-US: IBM
CVE-2020-4189
@@ -24566,8 +24621,8 @@ CVE-2020-4185
RESERVED
CVE-2020-4184
RESERVED
-CVE-2020-4183
- RESERVED
+CVE-2020-4183 (IBM Security Guardium 11.1 is vulnerable to cross-site scripting. This ...)
+ TODO: check
CVE-2020-4182 (IBM Security Guardium 11.1 is vulnerable to cross-site scripting. This ...)
NOT-FOR-US: IBM
CVE-2020-4181
@@ -26179,11 +26234,11 @@ CVE-2020-3814
CVE-2020-3813
RESERVED
CVE-2020-3812 (qmail-verify as used in netqmail 1.06 is prone to an information discl ...)
- {DSA-4692-1}
+ {DSA-4692-1 DLA-2234-1}
- netqmail 1.06-6.2 (bug #961060)
NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/8
CVE-2020-3811 (qmail-verify as used in netqmail 1.06 is prone to a mail-address verif ...)
- {DSA-4692-1}
+ {DSA-4692-1 DLA-2234-1}
- netqmail 1.06-6.2 (bug #961060)
NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/8
CVE-2020-3810 (Missing input validation in the ar/tar implementations of APT before v ...)
@@ -43452,10 +43507,10 @@ CVE-2019-16387 (** DISPUTED ** PEGA Platform 8.3.0 is vulnerable to a direct prw
NOT-FOR-US: PEGA Platform
CVE-2019-16386 (** DISPUTED ** PEGA Platform 7.x and 8.x is vulnerable to Information ...)
NOT-FOR-US: PEGA Platform
-CVE-2019-16385
- RESERVED
-CVE-2019-16384
- RESERVED
+CVE-2019-16385 (Cybele Thinfinity VirtualUI 2.5.17.2 allows HTTP response splitting vi ...)
+ TODO: check
+CVE-2019-16384 (Cybele Thinfinity VirtualUI 2.5.17.2 allows ../ path traversal that ca ...)
+ TODO: check
CVE-2019-16383 (MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2 ...)
NOT-FOR-US: Progress MOVEit Transfer
CVE-2019-16382 (An issue was discovered in Ivanti Workspace Control 10.3.110.0. One is ...)
@@ -44310,8 +44365,8 @@ CVE-2019-16152 (A Denial of service (DoS) vulnerability in FortiClient for Linux
NOT-FOR-US: Fortiguard FortiClient
CVE-2019-16151
RESERVED
-CVE-2019-16150
- RESERVED
+CVE-2019-16150 (Use of a hard-coded cryptographic key to encrypt security sensitive da ...)
+ TODO: check
CVE-2019-16149
RESERVED
CVE-2019-16168 (In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can cras ...)
@@ -417749,17 +417804,17 @@ CVE-2005-1478 (Format string vulnerability in dSMTP (dsmtp.exe) in DMail 3.1a al
CVE-2005-1516 (DList (dlist.exe) in DMail 3.1a allows remote attackers to bypass auth ...)
NOT-FOR-US: DMail
CVE-2005-1515 (Integer signedness error in the qmail_put and substdio_put functions i ...)
- {DSA-4692-1}
+ {DSA-4692-1 DLA-2234-1}
- qmail 1.03-38
- netqmail 1.06-6.2
NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/8
CVE-2005-1514 (commands.c in qmail, when running on 64 bit platforms with a large amo ...)
- {DSA-4692-1}
+ {DSA-4692-1 DLA-2234-1}
- qmail 1.03-38
- netqmail 1.06-6.2
NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/8
CVE-2005-1513 (Integer overflow in the stralloc_readyplus function in qmail, when run ...)
- {DSA-4692-1}
+ {DSA-4692-1 DLA-2234-1}
- qmail 1.03-38
- netqmail 1.06-6.2
NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/8
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ecefd7902d1e5678690a18beac75b35f035cdf9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ecefd7902d1e5678690a18beac75b35f035cdf9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200604/da196149/attachment.html>
More information about the debian-security-tracker-commits
mailing list