[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat May 9 09:10:25 BST 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9c562d22 by security tracker role at 2020-05-09T08:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2020-12754
+	RESERVED
+CVE-2020-12753
+	RESERVED
+CVE-2020-12752
+	RESERVED
+CVE-2020-12751
+	RESERVED
+CVE-2020-12750
+	RESERVED
+CVE-2020-12749
+	RESERVED
+CVE-2020-12748
+	RESERVED
+CVE-2020-12747
+	RESERVED
+CVE-2020-12746
+	RESERVED
+CVE-2020-12745
+	RESERVED
 CVE-2020-12744
 	RESERVED
 CVE-2020-12743
@@ -4039,12 +4059,12 @@ CVE-2020-11534 (An issue was discovered in ONLYOFFICE Document Server 5.5.0. An
 	NOT-FOR-US: ONLYOFFICE Document Server
 CVE-2020-11533 (Ivanti Workspace Control before 10.4.30.0, when SCCM integration is en ...)
 	NOT-FOR-US: Ivanti Workspace Control
-CVE-2020-11532
-	RESERVED
-CVE-2020-11531
-	RESERVED
-CVE-2020-11530
-	RESERVED
+CVE-2020-11532 (Zoho ManageEngine DataSecurity Plus prior to 6.0.1 uses default admin  ...)
+	TODO: check
+CVE-2020-11531 (The DataEngine Xnode Server application in Zoho ManageEngine DataSecur ...)
+	TODO: check
+CVE-2020-11530 (A blind SQL injection vulnerability is present in Chop Slider 3, a Wor ...)
+	TODO: check
 CVE-2020-11529 (Common/Grav.php in Grav before 1.6.23 has an Open Redirect. ...)
 	NOT-FOR-US: Grav CMS
 CVE-2020-11528 (bit2spr 1992-06-07 has a stack-based buffer overflow (129-byte write)  ...)
@@ -5265,7 +5285,7 @@ CVE-2020-10997 (Percona XtraBackup before 2.4.20 unintentionally writes the comm
 	NOTE: https://jira.percona.com/browse/PXB-2142
 	NOTE: Introduced in: https://github.com/percona/percona-xtrabackup/commit/0b38ffc0f30f1b6d3ff7ed0f9cb3ab31a2ccad13 (percona-xtrabackup-2.4.11)
 	NOTE: https://www.percona.com/blog/2020/04/16/cve-2020-10997-percona-xtrabackup-information-disclosure-of-command-line-arguments/
-CVE-2020-10996 (An issue was discovered in Percona XtraDB Cluster before 5.7.28-31.42. ...)
+CVE-2020-10996 (An issue was discovered in Percona XtraDB Cluster before 5.7.28-31.41. ...)
 	NOT-FOR-US: Percona XtraDB Cluster
 CVE-2020-10995
 	RESERVED
@@ -9048,8 +9068,8 @@ CVE-2020-9475 (The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 al
 	TODO: check
 CVE-2020-9474 (The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows  ...)
 	TODO: check
-CVE-2020-9473
-	REJECTED
+CVE-2020-9473 (The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 has a p ...)
+	TODO: check
 CVE-2020-9472 (Umbraco CMS 8.5.3 allows an authenticated file upload (and consequentl ...)
 	NOT-FOR-US: Umbraco CMS
 CVE-2020-9471 (Umbraco Cloud 8.5.3 allows an authenticated file upload (and consequen ...)
@@ -15836,8 +15856,8 @@ CVE-2020-6617 (stb stb_truetype.h through 1.22 has an assertion failure in stbtt
 	- libstb <unfixed> (low; bug #949554)
 	[buster] - libstb <no-dsa> (Minor issue)
 	NOTE: https://github.com/nothings/stb/issues/867
-CVE-2020-6616
-	RESERVED
+CVE-2020-6616 (Some Broadcom chips mishandle Bluetooth random-number generation becau ...)
+	TODO: check
 CVE-2020-6615 (GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dyna ...)
 	- libredwg <itp> (bug #595191)
 CVE-2020-6614 (GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c562d22d1442c4b7d317e78175f26c9dece0dfb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c562d22d1442c4b7d317e78175f26c9dece0dfb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200509/6f2d1608/attachment.html>


More information about the debian-security-tracker-commits mailing list