[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9ac2db0e by security tracker role at 2020-06-06T08:10:23+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8,10 +8,10 @@ CVE-2020-13867 (Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for
 	TODO: check
 CVE-2020-13866
 	RESERVED
-CVE-2020-13865
-	RESERVED
-CVE-2020-13864
-	RESERVED
+CVE-2020-13865 (The Elementor Page Builder plugin before 2.9.9 for WordPress suffers f ...)
+	TODO: check
+CVE-2020-13864 (The Elementor Page Builder plugin before 2.9.9 for WordPress suffers f ...)
+	TODO: check
 CVE-2020-13863
 	RESERVED
 CVE-2020-13862
@@ -585,8 +585,8 @@ CVE-2020-13648
 	RESERVED
 CVE-2020-13647
 	RESERVED
-CVE-2020-13646
-	RESERVED
+CVE-2020-13646 (In the cheetah free wifi 5.1 driver file liebaonat.sys, local users ar ...)
+	TODO: check
 CVE-2020-13645 (In GNOME glib-networking through 2.64.2, the implementation of GTlsCli ...)
 	- glib-networking <unfixed> (bug #961756)
 	NOTE: https://gitlab.gnome.org/GNOME/glib-networking/-/issues/135
@@ -6100,10 +6100,10 @@ CVE-2020-11699
 	RESERVED
 CVE-2020-11698
 	RESERVED
-CVE-2020-11697
-	RESERVED
-CVE-2020-11696
-	RESERVED
+CVE-2020-11697 (In Combodo iTop, dashboard ids can be exploited with a reflective XSS  ...)
+	TODO: check
+CVE-2020-11696 (In Combodo iTop a menu shortcut name can be exploited with a stored XS ...)
+	TODO: check
 CVE-2020-11695
 	RESERVED
 CVE-2020-11694 (In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarizatio ...)
@@ -19130,21 +19130,27 @@ CVE-2020-6506
 CVE-2020-6505
 	RESERVED
 CVE-2020-6504 (Insufficient policy enforcement in notifications in Google Chrome prio ...)
+	{DSA-4500-1}
 	- chromium 74.0.3729.108-1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6503 (Inappropriate implementation in accessibility in Google Chrome prior t ...)
+	{DSA-4500-1}
 	- chromium 74.0.3729.108-1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6502 (Incorrect implementation in permissions in Google Chrome prior to 80.0 ...)
+	{DSA-4638-1}
 	- chromium 80.0.3987.106-1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6501 (Insufficient policy enforcement in CSP in Google Chrome prior to 80.0. ...)
+	{DSA-4638-1}
 	- chromium 80.0.3987.106-1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6500 (Inappropriate implementation in interstitials in Google Chrome prior t ...)
+	{DSA-4638-1}
 	- chromium 80.0.3987.106-1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6499 (Inappropriate implementation in AppCache in Google Chrome prior to 80. ...)
+	{DSA-4638-1}
 	- chromium 80.0.3987.106-1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6498 (Incorrect implementation in user interface in Google Chrome on iOS pri ...)
@@ -19281,6 +19287,7 @@ CVE-2020-6454 (Use after free in extensions in Google Chrome prior to 81.0.4044.
 	- chromium 81.0.4044.92-1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6453 (Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987 ...)
+	{DSA-4654-1}
 	- chromium 80.0.3987.162-1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6452 (Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ac2db0e3f1cd85cd5ed0caefbc96c57a02c1791

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ac2db0e3f1cd85cd5ed0caefbc96c57a02c1791
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200606/1ce96967/attachment.html>