[Git][security-tracker-team/security-tracker][master] drupal7 DSA

Tue May 26 22:03:32 BST 2020


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e100de77 by Moritz Muehlenhoff at 2020-05-26T23:03:08+02:00
drupal7 DSA

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2020-XXXX [Drupal SA 2020-003]
+	- drupal7 <removed>
+	[stretch] - drupal7 7.52-2+deb9u10
+	NOTE: https://www.drupal.org/sa-core-2020-003
 CVE-2020-13592
 	RESERVED
 CVE-2020-13591
@@ -7135,14 +7139,18 @@ CVE-2020-11024 (In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulne
 CVE-2020-11023 (In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, pa ...)
 	- jquery <removed>
 	[jessie] - jquery <not-affected> (Vulnerable code note present)
+	- drupal7 <removed>
 	- node-jquery 3.5.0+dfsg-2
 	NOTE: https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6
+	NOTE: https://www.drupal.org/sa-core-2020-002
 CVE-2020-11022 (In jQuery versions greater than or equal to 1.2 and before 3.5.0, pass ...)
 	- jquery <removed>
 	[jessie] - jquery <not-affected> (Vulnerable code note present)
 	- node-jquery 3.5.0+dfsg-2
+	- drupal7 <removed>
 	NOTE: https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2
 	NOTE: https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77
+	NOTE: https://www.drupal.org/sa-core-2020-002
 CVE-2020-11021 (Actions Http-Client (NPM @actions/http-client) before version 1.0.8 ca ...)
 	NOT-FOR-US: Actions Http-Client
 CVE-2020-11020 (Faye (NPM, RubyGem) versions greater than 0.5.0 and before 1.0.4, 1.1. ...)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[26 May 2020] DSA-4693-1 drupal7 - security update
+	{CVE-2020-11022 CVE-2020-11023}
+	[stretch] - drupal7 7.52-2+deb9u10
 [24 May 2020] DSA-4692-1 netqmail - security update
 	{CVE-2005-1513 CVE-2005-1514 CVE-2005-1515 CVE-2020-3811 CVE-2020-3812}
 	[stretch] - netqmail 1.06-6.2~deb9u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e100de77288a0b4a4e010e199ffa70b75d3cd505

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e100de77288a0b4a4e010e199ffa70b75d3cd505
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200526/63b9f61a/attachment.html>
