[Git][security-tracker-team/security-tracker][master] new dpdk issues

Moritz Muehlenhoff jmm at debian.org
Mon May 18 18:49:22 BST 2020



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e72a818e by Moritz Muehlenhoff at 2020-05-18T19:49:04+02:00
new dpdk issues
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7074,14 +7074,26 @@ CVE-2020-10727
 	RESERVED
 CVE-2020-10726
 	RESERVED
+	- dpdk 19.11.2-1
+	[buster] - dpdk <not-affected> (Vulnerable code not present)
+	[stretch] - dpdk <not-affected> (Vulnerable code not present)
 CVE-2020-10725
 	RESERVED
+	- dpdk 19.11.2-1
+	[buster] - dpdk <not-affected> (Vulnerable code not present)
+	[stretch] - dpdk <not-affected> (Vulnerable code not present)
 CVE-2020-10724
 	RESERVED
+	- dpdk 19.11.2-1
+	[stretch] - dpdk <not-affected> (Vulnerable code not present)
 CVE-2020-10723
 	RESERVED
+	- dpdk 19.11.2-1
+	[stretch] - dpdk <not-affected> (Vulnerable code not present)
 CVE-2020-10722
 	RESERVED
+	- dpdk 19.11.2-1
+	[stretch] - dpdk <not-affected> (Vulnerable code not present)
 CVE-2020-10721
 	RESERVED
 CVE-2020-10720
@@ -38125,7 +38137,7 @@ CVE-2019-17574 (An issue was discovered in the Popup Maker plugin before 1.8.13
 CVE-2019-17573 (By default, Apache CXF creates a /services page containing a listing o ...)
 	NOT-FOR-US: Apache CFX
 CVE-2019-17572 (In Apache RocketMQ 4.2.0 to 4.6.0, when the automatic topic creation i ...)
-	TODO: check
+	NOT-FOR-US: Apache RocketMQ
 CVE-2019-17571 (Included in Log4j 1.2 is a SocketServer class that is vulnerable to de ...)
 	{DSA-4686-1 DLA-2065-1}
 	- apache-log4j1.2 1.2.17-9 (bug #947124)
@@ -38171,7 +38183,7 @@ CVE-2019-17563 (When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.
 	NOTE: https://github.com/apache/tomcat/commit/e19a202ee43b6e2a538be5515ae0ab32d8ef112c (8.5.50)
 	NOTE: https://github.com/apache/tomcat/commit/ab72a106fe5d992abddda954e30849d7cf8cc583 (7.0.99)
 CVE-2019-17562 (A buffer overflow vulnerability has been found in the baremetal compon ...)
-	TODO: check
+	NOT-FOR-US: Apache CloudStack
 CVE-2019-17561 (The "Apache NetBeans" autoupdate system does not fully validate code s ...)
 	- netbeans <unfixed> (unimportant)
 	NOTE: Debian packages updated via apt



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e72a818e128677c2aafc7451c8882b614d749767

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e72a818e128677c2aafc7451c8882b614d749767
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200518/70efe679/attachment.html>


More information about the debian-security-tracker-commits mailing list