[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat Jun 27 09:10:21 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bd5de0a8 by security tracker role at 2020-06-27T08:10:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2020-15356
+	RESERVED
+CVE-2020-15355
+	RESERVED
+CVE-2020-15354
+	RESERVED
+CVE-2013-7489 (The Beaker library through 1.11.0 for Python is affected by deserializ ...)
+	TODO: check
 CVE-2020-15353
 	RESERVED
 CVE-2020-15352
@@ -15392,40 +15400,40 @@ CVE-2020-9634 (Adobe Framemaker versions 2019.0.5 and below have an out-of-bound
 	NOT-FOR-US: Adobe
 CVE-2020-9633 (Adobe Flash Player versions 32.0.0.371 and earlier, 32.0.0.371 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2020-9632
-	RESERVED
-CVE-2020-9631
-	RESERVED
-CVE-2020-9630
-	RESERVED
-CVE-2020-9629
-	RESERVED
-CVE-2020-9628
-	RESERVED
-CVE-2020-9627
-	RESERVED
-CVE-2020-9626
-	RESERVED
-CVE-2020-9625
-	RESERVED
-CVE-2020-9624
-	RESERVED
-CVE-2020-9623
-	RESERVED
-CVE-2020-9622
-	RESERVED
-CVE-2020-9621
-	RESERVED
-CVE-2020-9620
-	RESERVED
+CVE-2020-9632 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
+	TODO: check
+CVE-2020-9631 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
+	TODO: check
+CVE-2020-9630 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
+	TODO: check
+CVE-2020-9629 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
+	TODO: check
+CVE-2020-9628 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
+	TODO: check
+CVE-2020-9627 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
+	TODO: check
+CVE-2020-9626 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
+	TODO: check
+CVE-2020-9625 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
+	TODO: check
+CVE-2020-9624 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
+	TODO: check
+CVE-2020-9623 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
+	TODO: check
+CVE-2020-9622 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
+	TODO: check
+CVE-2020-9621 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
+	TODO: check
+CVE-2020-9620 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
+	TODO: check
 CVE-2020-9619
 	RESERVED
 CVE-2020-9618 (Adobe Audition versions 13.0.5 and earlier have an out-of-bounds read  ...)
 	NOT-FOR-US: Adobe
-CVE-2020-9617
-	RESERVED
-CVE-2020-9616
-	RESERVED
+CVE-2020-9617 (Adobe Premiere Rush versions 1.5.8 and earlier have an out-of-bounds r ...)
+	TODO: check
+CVE-2020-9616 (Adobe Premiere Pro versions 14.1 and earlier have an out-of-bounds rea ...)
+	TODO: check
 CVE-2020-9615 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
 CVE-2020-9614 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
@@ -15474,84 +15482,84 @@ CVE-2020-9593 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 201
 	NOT-FOR-US: Adobe
 CVE-2020-9592 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2020-9591
-	RESERVED
-CVE-2020-9590
-	RESERVED
-CVE-2020-9589
-	RESERVED
-CVE-2020-9588
-	RESERVED
-CVE-2020-9587
-	RESERVED
-CVE-2020-9586
-	RESERVED
-CVE-2020-9585
-	RESERVED
-CVE-2020-9584
-	RESERVED
-CVE-2020-9583
-	RESERVED
-CVE-2020-9582
-	RESERVED
-CVE-2020-9581
-	RESERVED
-CVE-2020-9580
-	RESERVED
-CVE-2020-9579
-	RESERVED
-CVE-2020-9578
-	RESERVED
-CVE-2020-9577
-	RESERVED
-CVE-2020-9576
-	RESERVED
+CVE-2020-9591 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
+	TODO: check
+CVE-2020-9590 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
+	TODO: check
+CVE-2020-9589 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
+	TODO: check
+CVE-2020-9588 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
+	TODO: check
+CVE-2020-9587 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
+	TODO: check
+CVE-2020-9586 (Adobe Character Animator versions 3.2 and earlier have a buffer overfl ...)
+	TODO: check
+CVE-2020-9585 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
+	TODO: check
+CVE-2020-9584 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
+	TODO: check
+CVE-2020-9583 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
+	TODO: check
+CVE-2020-9582 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
+	TODO: check
+CVE-2020-9581 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
+	TODO: check
+CVE-2020-9580 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
+	TODO: check
+CVE-2020-9579 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
+	TODO: check
+CVE-2020-9578 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
+	TODO: check
+CVE-2020-9577 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
+	TODO: check
+CVE-2020-9576 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
+	TODO: check
 CVE-2020-9575 (Adobe Illustrator versions 24.1.2 and earlier have a memory corruption ...)
 	NOT-FOR-US: Adobe
-CVE-2020-9574
-	RESERVED
-CVE-2020-9573
-	RESERVED
-CVE-2020-9572
-	RESERVED
-CVE-2020-9571
-	RESERVED
-CVE-2020-9570
-	RESERVED
-CVE-2020-9569
-	RESERVED
-CVE-2020-9568
-	RESERVED
-CVE-2020-9567
-	RESERVED
-CVE-2020-9566
-	RESERVED
-CVE-2020-9565
-	RESERVED
-CVE-2020-9564
-	RESERVED
-CVE-2020-9563
-	RESERVED
-CVE-2020-9562
-	RESERVED
-CVE-2020-9561
-	RESERVED
-CVE-2020-9560
-	RESERVED
-CVE-2020-9559
-	RESERVED
-CVE-2020-9558
-	RESERVED
-CVE-2020-9557
-	RESERVED
-CVE-2020-9556
-	RESERVED
-CVE-2020-9555
-	RESERVED
-CVE-2020-9554
-	RESERVED
-CVE-2020-9553
-	RESERVED
+CVE-2020-9574 (Adobe Illustrator versions 24.0.2 and earlier have a memory corruption ...)
+	TODO: check
+CVE-2020-9573 (Adobe Illustrator versions 24.0.2 and earlier have a memory corruption ...)
+	TODO: check
+CVE-2020-9572 (Adobe Illustrator versions 24.0.2 and earlier have a memory corruption ...)
+	TODO: check
+CVE-2020-9571 (Adobe Illustrator versions 24.0.2 and earlier have a memory corruption ...)
+	TODO: check
+CVE-2020-9570 (Adobe Illustrator versions 24.0.2 and earlier have a memory corruption ...)
+	TODO: check
+CVE-2020-9569 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
+	TODO: check
+CVE-2020-9568 (Adobe Bridge versions 10.0.1 and earlier version have a memory corrupt ...)
+	TODO: check
+CVE-2020-9567 (Adobe Bridge versions 10.0.1 and earlier version have an use after fre ...)
+	TODO: check
+CVE-2020-9566 (Adobe Bridge versions 10.0.1 and earlier version have an use after fre ...)
+	TODO: check
+CVE-2020-9565 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
+	TODO: check
+CVE-2020-9564 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
+	TODO: check
+CVE-2020-9563 (Adobe Bridge versions 10.0.1 and earlier version have a heap overflow  ...)
+	TODO: check
+CVE-2020-9562 (Adobe Bridge versions 10.0.1 and earlier version have a heap overflow  ...)
+	TODO: check
+CVE-2020-9561 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
+	TODO: check
+CVE-2020-9560 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
+	TODO: check
+CVE-2020-9559 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
+	TODO: check
+CVE-2020-9558 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
+	TODO: check
+CVE-2020-9557 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
+	TODO: check
+CVE-2020-9556 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
+	TODO: check
+CVE-2020-9555 (Adobe Bridge versions 10.0.1 and earlier version have a stack-based bu ...)
+	TODO: check
+CVE-2020-9554 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
+	TODO: check
+CVE-2020-9553 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
+	TODO: check
 CVE-2020-9552 (Adobe Bridge versions 10.0 have a heap-based buffer overflow vulnerabi ...)
 	NOT-FOR-US: Adobe
 CVE-2020-9551 (Adobe Bridge versions 10.0 have an out-of-bounds write vulnerability.  ...)
@@ -28725,8 +28733,8 @@ CVE-2020-4091
 	RESERVED
 CVE-2020-4090
 	RESERVED
-CVE-2020-4089
-	RESERVED
+CVE-2020-4089 (HCL Notes is vulnerable to an information leakage vulnerability throug ...)
+	TODO: check
 CVE-2020-4088
 	RESERVED
 CVE-2020-4087
@@ -30173,8 +30181,8 @@ CVE-2020-3810 (Missing input validation in the ar/tar implementations of APT bef
 	NOTE: https://github.com/Debian/apt/issues/111
 	NOTE: https://bugs.launchpad.net/bugs/1878177
 	NOTE: https://salsa.debian.org/apt-team/apt/-/commit/dceb1e49e4b8e4dadaf056be34088b415939cda6
-CVE-2020-3809
-	RESERVED
+CVE-2020-3809 (Adobe After Effects versions 17.0.1 and earlier have an out-of-bounds  ...)
+	TODO: check
 CVE-2020-3808 (Creative Cloud Desktop Application versions 5.0 and earlier have a tim ...)
 	NOT-FOR-US: Adobe
 CVE-2020-3807 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
@@ -30195,12 +30203,12 @@ CVE-2020-3800 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 201
 	NOT-FOR-US: Adobe
 CVE-2020-3799 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2020-3798
-	RESERVED
+CVE-2020-3798 (Adobe Digital Editions versions 4.5.11.187212 and below have a file en ...)
+	TODO: check
 CVE-2020-3797 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2020-3796
-	RESERVED
+CVE-2020-3796 (ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an impro ...)
+	TODO: check
 CVE-2020-3795 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
 CVE-2020-3794 (ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a file i ...)
@@ -30255,10 +30263,10 @@ CVE-2020-3770 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photosho
 	NOT-FOR-US: Adobe
 CVE-2020-3769 (Adobe Experience Manager versions 6.5 and earlier have a server-side r ...)
 	NOT-FOR-US: Adobe
-CVE-2020-3768
-	RESERVED
-CVE-2020-3767
-	RESERVED
+CVE-2020-3768 (ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a dll se ...)
+	TODO: check
+CVE-2020-3767 (ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an insuf ...)
+	TODO: check
 CVE-2020-3766 (Adobe Genuine Integrity Service versions Version 6.4 and earlier have  ...)
 	NOT-FOR-US: Adobe
 CVE-2020-3765 (Adobe After Effects versions 16.1.2 and earlier have an out-of-bounds  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd5de0a86c952a883d62f9f7d103e09eee84c46c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd5de0a86c952a883d62f9f7d103e09eee84c46c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200627/33f3d694/attachment.html>

More information about the debian-security-tracker-commits mailing list