[Git][security-tracker-team/security-tracker][master] Updates notes for CVE-2020-15007/rbdoom3bfg
Salvatore Bonaccorso
carnil at debian.org
Thu Jun 25 22:03:58 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bdab888a by Salvatore Bonaccorso at 2020-06-25T23:02:28+02:00
Updates notes for CVE-2020-15007/rbdoom3bfg
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -603,6 +603,8 @@ CVE-2020-15008
CVE-2020-15007 (A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tec ...)
- rbdoom3bfg <unfixed>
NOTE: Possibly not built
+ NOTE: https://github.com/AXDOOMER/doom-vanille/commit/8a6d9a02fa991a91ff90ccdc73b5ceabaa6cb9ec
+ TODO: check, the included code in rbdoom3bfg seems actually to be ported
CVE-2020-15006 (Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG document ...)
NOT-FOR-US: Bludit
CVE-2020-15005 (In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bdab888a5f62c4137d31d9d8b10aed6ac19c1853
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bdab888a5f62c4137d31d9d8b10aed6ac19c1853
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200625/13859274/attachment.html>
More information about the debian-security-tracker-commits
mailing list