[Git][security-tracker-team/security-tracker][master] automatic update

Sat Jun 13 21:10:29 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a5f07c70 by security tracker role at 2020-06-13T20:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2020-14059
+	RESERVED
+CVE-2020-14058
+	RESERVED
 CVE-2020-14057
 	RESERVED
 CVE-2020-14056
@@ -37460,13 +37464,13 @@ CVE-2020-0550 (Improper data forwarding in some data cache for some Intel(R) Pro
 	NOTE: https://software.intel.com/security-software-guidance/insights/deep-dive-snoop-assisted-l1-data-sampling
 	NOTE: https://software.intel.com/security-software-guidance/insights/processors-affected-snoop-assisted-l1-data-sampling
 CVE-2020-0549 (Cleanup errors in some data cache evictions for some Intel(R) Processo ...)
-	{DSA-4701-1}
+	{DSA-4701-1 DLA-2248-1}
 	- intel-microcode 3.20200609.1
 	NOTE: https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling
 	NOTE: https://cacheoutattack.com/
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html
 CVE-2020-0548 (Cleanup errors in some Intel(R) Processors may allow an authenticated  ...)
-	{DSA-4701-1}
+	{DSA-4701-1 DLA-2248-1}
 	- intel-microcode 3.20200609.1
 	NOTE: https://software.intel.com/security-software-guidance/software-guidance/vector-register-sampling
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html
@@ -37481,7 +37485,7 @@ CVE-2020-0544
 	RESERVED
 CVE-2020-0543 [Special Register Buffer Data Sampling]
 	RESERVED
-	{DSA-4701-1 DSA-4699-1 DSA-4698-1 DLA-2242-1 DLA-2241-1}
+	{DSA-4701-1 DSA-4699-1 DSA-4698-1 DLA-2248-1 DLA-2242-1 DLA-2241-1}
 	- intel-microcode 3.20200609.1
 	- linux 5.6.14-2
 	NOTE: https://www.vusec.net/projects/crosstalk/
@@ -39111,6 +39115,7 @@ CVE-2020-0200 (In ReadLittleEndian of raw_bit_reader.cc, there is a possible out
 CVE-2020-0199 (In TimeCheck::TimeCheckThread::threadLoop of TimeCheck.cpp, there is a ...)
 	NOT-FOR-US: Android Media Framework
 CVE-2020-0198 (In exif_data_load_data_content of exif-data.c, there is a possible UBS ...)
+	{DLA-2249-1}
 	- libexif 0.6.22-2 (bug #962345)
 	NOTE: https://android.googlesource.com/platform/external/libexif/+/1e187b62682ffab5003c702657d6d725b4278f16%5E%21/#F0
 	NOTE: https://github.com/libexif/libexif/commit/ce03ad7ef4e8aeefce79192bf5b6f69fae396f0c
@@ -39145,6 +39150,7 @@ CVE-2020-0184 (In ihevcd_ref_list() of ihevcd_ref_list.c, there is a possible in
 CVE-2020-0183 (In handleMessage of BluetoothManagerService, there is an incomplete re ...)
 	NOT-FOR-US: Android
 CVE-2020-0182 (In exif_entry_get_value of exif-entry.c, there is a possible out of bo ...)
+	{DLA-2249-1}
 	- libexif 0.6.22-1 (low)
 	[buster] - libexif <no-dsa> (Minor issue)
 	[stretch] - libexif <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5f07c701dd08eeb2487219bea1014204f7a12ab

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5f07c701dd08eeb2487219bea1014204f7a12ab
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200613/197e73f7/attachment.html>
