[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
314ff55b by security tracker role at 2020-05-16T08:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2020-13109 (Morita Shogi 64 through 2020-05-02 for Nintendo 64 devices allows remo ...)
+	TODO: check
+CVE-2020-13108
+	RESERVED
+CVE-2020-13107
+	RESERVED
+CVE-2020-13106
+	RESERVED
+CVE-2020-13105
+	RESERVED
+CVE-2020-13104
+	RESERVED
+CVE-2020-13103
+	RESERVED
+CVE-2020-13102
+	RESERVED
+CVE-2020-13101
+	RESERVED
+CVE-2020-13100
+	RESERVED
+CVE-2020-13099
+	RESERVED
+CVE-2020-13098
+	RESERVED
+CVE-2020-13097
+	RESERVED
+CVE-2020-13096
+	RESERVED
+CVE-2020-13095
+	RESERVED
 CVE-2020-13094
 	RESERVED
 CVE-2020-13093 (iSpyConnect.com Agent DVR before 2.7.1.0 allows directory traversal. ...)
@@ -11080,9 +11110,9 @@ CVE-2020-8985 (ZendTo prior to 5.22-2 Beta allowed reflected XSS and CSRF via th
 	NOT-FOR-US: ZendTo
 CVE-2020-8984 (lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta allowed IP address s ...)
 	NOT-FOR-US: ZendTo
-CVE-2020-8983 (In certain situations, all versions of Citrix ShareFile StorageZones ( ...)
+CVE-2020-8983 (An arbitrary file write issue exists in all versions of Citrix ShareFi ...)
 	NOT-FOR-US: Citrix
-CVE-2020-8982 (In certain situations, all versions of Citrix ShareFile StorageZones ( ...)
+CVE-2020-8982 (An unauthenticated arbitrary file read issue exists in all versions of ...)
 	NOT-FOR-US: Citrix
 CVE-2020-8981 (A cross-site scripting (XSS) vulnerability was discovered in the Sourc ...)
 	NOT-FOR-US: Source Integration plugin for MantisBT
@@ -38021,7 +38051,7 @@ CVE-2019-17573 (By default, Apache CXF creates a /services page containing a lis
 CVE-2019-17572 (In Apache RocketMQ 4.2.0 to 4.6.0, when the automatic topic creation i ...)
 	TODO: check
 CVE-2019-17571 (Included in Log4j 1.2 is a SocketServer class that is vulnerable to de ...)
-	{DLA-2065-1}
+	{DSA-4686-1 DLA-2065-1}
 	- apache-log4j1.2 1.2.17-9 (bug #947124)
 	NOTE: https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E
 	NOTE: CVE-2019-17571 correspond to CVE-2017-5645 for apache-log4j2. 1.2.x branch



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/314ff55b8e6db1f50a876de439ebd79045437d96

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/314ff55b8e6db1f50a876de439ebd79045437d96
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200516/10c7b490/attachment.html>