[Git][security-tracker-team/security-tracker][master] drupal7 DSA
Moritz Muehlenhoff
jmm at debian.org
Tue May 26 22:03:32 BST 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e100de77 by Moritz Muehlenhoff at 2020-05-26T23:03:08+02:00
drupal7 DSA
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2020-XXXX [Drupal SA 2020-003]
+ - drupal7 <removed>
+ [stretch] - drupal7 7.52-2+deb9u10
+ NOTE: https://www.drupal.org/sa-core-2020-003
CVE-2020-13592
RESERVED
CVE-2020-13591
@@ -7135,14 +7139,18 @@ CVE-2020-11024 (In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulne
CVE-2020-11023 (In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, pa ...)
- jquery <removed>
[jessie] - jquery <not-affected> (Vulnerable code note present)
+ - drupal7 <removed>
- node-jquery 3.5.0+dfsg-2
NOTE: https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6
+ NOTE: https://www.drupal.org/sa-core-2020-002
CVE-2020-11022 (In jQuery versions greater than or equal to 1.2 and before 3.5.0, pass ...)
- jquery <removed>
[jessie] - jquery <not-affected> (Vulnerable code note present)
- node-jquery 3.5.0+dfsg-2
+ - drupal7 <removed>
NOTE: https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2
NOTE: https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77
+ NOTE: https://www.drupal.org/sa-core-2020-002
CVE-2020-11021 (Actions Http-Client (NPM @actions/http-client) before version 1.0.8 ca ...)
NOT-FOR-US: Actions Http-Client
CVE-2020-11020 (Faye (NPM, RubyGem) versions greater than 0.5.0 and before 1.0.4, 1.1. ...)
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[26 May 2020] DSA-4693-1 drupal7 - security update
+ {CVE-2020-11022 CVE-2020-11023}
+ [stretch] - drupal7 7.52-2+deb9u10
[24 May 2020] DSA-4692-1 netqmail - security update
{CVE-2005-1513 CVE-2005-1514 CVE-2005-1515 CVE-2020-3811 CVE-2020-3812}
[stretch] - netqmail 1.06-6.2~deb9u1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e100de77288a0b4a4e010e199ffa70b75d3cd505
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e100de77288a0b4a4e010e199ffa70b75d3cd505
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200526/63b9f61a/attachment.html>
More information about the debian-security-tracker-commits
mailing list