[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Mon Mar 2 08:10:21 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
19f313e3 by security tracker role at 2020-03-02T08:10:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,151 @@
+CVE-2020-9550
+	RESERVED
+CVE-2020-9549 (In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bou ...)
+	TODO: check
+CVE-2020-9548 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
+	TODO: check
+CVE-2020-9547 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
+	TODO: check
+CVE-2020-9546 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
+	TODO: check
+CVE-2020-9545 (Pale Moon 28.8.x before 28.8.4 has a segmentation fault related to mod ...)
+	TODO: check
+CVE-2020-9544
+	RESERVED
+CVE-2020-9543
+	RESERVED
+CVE-2020-9542
+	RESERVED
+CVE-2020-9541
+	RESERVED
+CVE-2020-9540 (Sophos HitmanPro.Alert before build 861 allows local elevation of priv ...)
+	TODO: check
+CVE-2020-9539
+	RESERVED
+CVE-2020-9538
+	RESERVED
+CVE-2020-9537
+	RESERVED
+CVE-2020-9536
+	RESERVED
+CVE-2020-9535 (fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overfl ...)
+	TODO: check
+CVE-2020-9534 (fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overfl ...)
+	TODO: check
+CVE-2020-9533
+	RESERVED
+CVE-2020-9532
+	RESERVED
+CVE-2020-9531
+	RESERVED
+CVE-2020-9530
+	RESERVED
+CVE-2020-9529
+	RESERVED
+CVE-2020-9528
+	RESERVED
+CVE-2020-9527
+	RESERVED
+CVE-2020-9526
+	RESERVED
+CVE-2020-9525
+	RESERVED
+CVE-2020-9524
+	RESERVED
+CVE-2020-9523
+	RESERVED
+CVE-2020-9522
+	RESERVED
+CVE-2020-9521
+	RESERVED
+CVE-2020-9520
+	RESERVED
+CVE-2020-9519
+	RESERVED
+CVE-2020-9518
+	RESERVED
+CVE-2020-9517
+	RESERVED
+CVE-2020-9516
+	RESERVED
+CVE-2020-9515
+	RESERVED
+CVE-2020-9514
+	RESERVED
+CVE-2020-9513
+	RESERVED
+CVE-2020-9512
+	RESERVED
+CVE-2020-9511
+	RESERVED
+CVE-2020-9510
+	RESERVED
+CVE-2020-9509
+	RESERVED
+CVE-2020-9508
+	RESERVED
+CVE-2020-9507
+	RESERVED
+CVE-2020-9506
+	RESERVED
+CVE-2020-9505
+	RESERVED
+CVE-2020-9504
+	RESERVED
+CVE-2020-9503
+	RESERVED
+CVE-2020-9502
+	RESERVED
+CVE-2020-9501
+	RESERVED
+CVE-2020-9500
+	RESERVED
+CVE-2020-9499
+	RESERVED
+CVE-2020-9498
+	RESERVED
+CVE-2020-9497
+	RESERVED
+CVE-2020-9496
+	RESERVED
+CVE-2020-9495
+	RESERVED
+CVE-2020-9494
+	RESERVED
+CVE-2020-9493
+	RESERVED
+CVE-2020-9492
+	RESERVED
+CVE-2020-9491
+	RESERVED
+CVE-2020-9490
+	RESERVED
+CVE-2020-9489
+	RESERVED
+CVE-2020-9488
+	RESERVED
+CVE-2020-9487
+	RESERVED
+CVE-2020-9486
+	RESERVED
+CVE-2020-9485
+	RESERVED
+CVE-2020-9484
+	RESERVED
+CVE-2020-9483
+	RESERVED
+CVE-2020-9482
+	RESERVED
+CVE-2020-9481
+	RESERVED
+CVE-2020-9480
+	RESERVED
+CVE-2020-9479
+	RESERVED
+CVE-2019-20485
+	RESERVED
+CVE-2013-7487
+	RESERVED
 CVE-2020-9478
 	RESERVED
 CVE-2020-9477
@@ -6084,12 +6232,10 @@ CVE-2020-6804 (A reflected XSS vulnerability exists within the gateway, allowing
 	TODO: check
 CVE-2020-6803 (An open redirect is present on the gateway's login page, which could c ...)
 	TODO: check
-CVE-2020-6801
-	RESERVED
+CVE-2020-6801 (Mozilla developers reported memory safety bugs present in Firefox 72.  ...)
 	- firefox 73.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6801
-CVE-2020-6800
-	RESERVED
+CVE-2020-6800 (Mozilla developers and community members reported memory safety bugs p ...)
 	{DSA-4625-1 DSA-4620-1 DLA-2104-1 DLA-2102-1}
 	- firefox 73.0-1
 	- firefox-esr 68.5.0esr-1
@@ -6097,14 +6243,12 @@ CVE-2020-6800
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6800
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6800
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6800
-CVE-2020-6799
-	RESERVED
+CVE-2020-6799 (Command line arguments could have been injected during Firefox invocat ...)
 	- firefox <not-affected> (Only affects Windows)
 	- firefox-esr <not-affected> (Only affects Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6799
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6799
-CVE-2020-6798
-	RESERVED
+CVE-2020-6798 (If a template tag was used in a select tag, the parser could be confus ...)
 	{DSA-4625-1 DSA-4620-1 DLA-2104-1 DLA-2102-1}
 	- firefox 73.0-1
 	- firefox-esr 68.5.0esr-1
@@ -6112,38 +6256,32 @@ CVE-2020-6798
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6798
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6798
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6798
-CVE-2020-6797
-	RESERVED
+CVE-2020-6797 (By downloading a file with the .fileloc extension, a semi-privileged e ...)
 	- firefox <not-affected> (Only affects Mac OSX)
 	- firefox-esr <not-affected> (Only affects Mac OSX)
 	- thunderbird <not-affected> (Only affects Mac OSX)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6797
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6797
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6797
-CVE-2020-6796
-	RESERVED
+CVE-2020-6796 (A content process could have modified shared memory relating to crash  ...)
 	{DSA-4620-1 DLA-2102-1}
 	- firefox 73.0-1
 	- firefox-esr 68.5.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6796
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6796
-CVE-2020-6795
-	RESERVED
+CVE-2020-6795 (When processing a message that contains multiple S/MIME signatures, a  ...)
 	{DSA-4625-1 DLA-2104-1}
 	- thunderbird 1:68.5.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6795
-CVE-2020-6794
-	RESERVED
+CVE-2020-6794 (If a user saved passwords before Thunderbird 60 and then later set a m ...)
 	{DSA-4625-1 DLA-2104-1}
 	- thunderbird 1:68.5.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6794
-CVE-2020-6793
-	RESERVED
+CVE-2020-6793 (When processing an email message with an ill-formed envelope, Thunderb ...)
 	{DSA-4625-1 DLA-2104-1}
 	- thunderbird 1:68.5.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6793
-CVE-2020-6792
-	RESERVED
+CVE-2020-6792 (When deriving an identifier for an email message, uninitialized memory ...)
 	{DSA-4625-1 DLA-2104-1}
 	- thunderbird 1:68.5.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6792
@@ -8793,8 +8931,8 @@ CVE-2020-5541
 	RESERVED
 CVE-2020-5540
 	RESERVED
-CVE-2020-5539
-	RESERVED
+CVE-2020-5539 (GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and Ver.3.0 do no ...)
+	TODO: check
 CVE-2020-5538
 	RESERVED
 CVE-2020-5537
@@ -28748,8 +28886,7 @@ CVE-2019-17028
 	REJECTED
 CVE-2019-17027
 	REJECTED
-CVE-2019-17026
-	RESERVED
+CVE-2019-17026 (Incorrect alias information in IonMonkey JIT compiler for setting arra ...)
 	{DSA-4603-1 DSA-4600-1 DLA-2093-1 DLA-2071-1}
 	- firefox 72.0.1-1 (bug #948452)
 	- firefox-esr 68.4.1esr-1
@@ -72598,6 +72735,7 @@ CVE-2018-20075
 CVE-2018-20074
 	RESERVED
 CVE-2018-20073 (Use of extended attributes in downloads in Google Chrome prior to 72.0 ...)
+	{DSA-4395-1}
 	- chromium 72.0.3626.81-1 (low)
 CVE-2018-20072
 	RESERVED
@@ -249544,6 +249682,7 @@ CVE-2014-6264
 CVE-2014-6263
 	RESERVED
 CVE-2014-6262 (Multiple format string vulnerabilities in the python module in RRDtool ...)
+	{DLA-2131-1}
 	- rrdtool 1.5.4-1
 	NOTE: https://github.com/oetiker/rrdtool-1.x/pull/532
 	NOTE: https://github.com/oetiker/rrdtool-1.x/commit/64ed5314af1255ab6dded45f70b39cdeab5ae2ec (v1.5.0-rc1)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19f313e3093c8d43ff2d8e003fa409c1211dad72

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19f313e3093c8d43ff2d8e003fa409c1211dad72
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200302/4f60708e/attachment.html>

More information about the debian-security-tracker-commits mailing list