[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Sat May 30 21:11:17 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3f5ad176 by security tracker role at 2020-05-30T20:11:07+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2020-13702
+ RESERVED
+CVE-2020-13701
+ RESERVED
CVE-2020-13700
RESERVED
CVE-2020-13699
@@ -181443,14 +181447,14 @@ CVE-2017-5848 (The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777957
NOTE: Patch: https://bugzilla.gnome.org/show_bug.cgi?id=777957#c3
CVE-2017-5847 (The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gs ...)
- {DSA-3821-1 DLA-829-1}
+ {DSA-3821-1 DLA-2226-1 DLA-829-1}
- gst-plugins-ugly1.0 1.10.4-1 (low)
- gst-plugins-ugly0.10 <removed> (low)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777955
NOTE: https://github.com/GStreamer/gst-plugins-ugly/commit/d21017b52a585f145e8d62781bcc1c5fefc7ee37
CVE-2017-5846 (The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gs ...)
- {DSA-3821-1 DLA-829-1}
+ {DSA-3821-1 DLA-2226-1 DLA-829-1}
- gst-plugins-ugly1.0 1.10.3-1 (low)
- gst-plugins-ugly0.10 <removed> (low)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
@@ -181486,7 +181490,7 @@ CVE-2017-5841 (The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777500
CVE-2017-5840 (The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plug ...)
- {DSA-3820-1 DLA-828-1}
+ {DSA-3820-1 DLA-2225-1 DLA-828-1}
- gst-plugins-good1.0 1.10.3-1 (low)
- gst-plugins-good0.10 <removed> (low)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
@@ -181516,7 +181520,7 @@ CVE-2016-10199 (The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775451
CVE-2016-10198 (The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacpars ...)
- {DSA-3820-1 DLA-828-1}
+ {DSA-3820-1 DLA-2225-1 DLA-828-1}
- gst-plugins-good1.0 1.10.3-1 (low)
- gst-plugins-good0.10 <removed> (low)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
@@ -212956,7 +212960,7 @@ CVE-2016-4805 (Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in
NOTE: Fixed by: https://git.kernel.org/linus/1f461dcdd296eecedaffffc6bae2bfa90bd7eb89 (v4.6-rc1)
NOTE: Introduced by: https://git.kernel.org/linus/273ec51dd7ceaa76e038875d85061ec856d8905e (v2.6.30)
CVE-2016-4804 (The read_boot function in boot.c in dosfstools before 4.0 allows attac ...)
- {DLA-474-1}
+ {DLA-2224-1 DLA-474-1}
- dosfstools 4.0-1
NOTE: https://github.com/dosfstools/dosfstools/issues/25
NOTE: https://github.com/dosfstools/dosfstools/issues/26
@@ -214045,7 +214049,7 @@ CVE-2016-4423 (The attemptAuthentication function in Component/Security/Http/Fir
NOTE: https://github.com/symfony/symfony/pull/18733
NOTE: https://symfony.com/blog/cve-2016-4423-large-username-storage-in-session
CVE-2015-8872 (The set_fat function in fat.c in dosfstools before 4.0 might allow att ...)
- {DLA-474-1}
+ {DLA-2224-1 DLA-474-1}
- dosfstools 4.0-1
NOTE: https://github.com/dosfstools/dosfstools/issues/12
NOTE: https://github.com/dosfstools/dosfstools/commit/07908124838afcc99c577d1d3e84cef2dbd39cb7
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f5ad1763cdfa327e6beb3e1cba8c0c7c5fe666b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f5ad1763cdfa327e6beb3e1cba8c0c7c5fe666b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200530/0981c867/attachment.html>
More information about the debian-security-tracker-commits
mailing list