[Git][security-tracker-team/security-tracker][master] 2 commits: sabnzbdplus fixed

Moritz Muehlenhoff jmm at debian.org
Wed Nov 25 16:58:49 GMT 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c2743a46 by Moritz Muehlenhoff at 2020-11-25T17:00:50+01:00
sabnzbdplus fixed
more imagemagick triage

- - - - -
050e624b by Moritz Muehlenhoff at 2020-11-25T17:04:22+01:00
Merge branch 'master' of salsa.debian.org:security-tracker-team/security-tracker

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5778,8 +5778,7 @@ CVE-2020-27756
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/d3d96f05950275b916207bf9df03640ef3e9fd6e
 CVE-2020-27755
 	RESERVED
-	- imagemagick 8:6.9.11.24+dfsg-1
-	[buster] - imagemagick <ignored> (Minor issue)
+	- imagemagick 8:6.9.11.24+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1756
 	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/f28e9e56e1b56d4e1f09d2a56d70892ae295d6a4
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/f9191f9e388330c8e22661b42092cc78a29a5d6f
@@ -5792,8 +5791,7 @@ CVE-2020-27754
 	NOTE: IMageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/d5df600d43c8706df513a3273d09aee6f54a9233
 CVE-2020-27753
 	RESERVED
-	- imagemagick 8:6.9.11.24+dfsg-1
-	[buster] - imagemagick <ignored> (Minor issue)
+	- imagemagick 8:6.9.11.24+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1757
 	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/bb3acad195de95db86c7509d8072db01890470e0
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/6f5d3d2cd94eb8361e07546c4bf72cb60681b984
@@ -10865,6 +10863,7 @@ CVE-2020-25676
 CVE-2020-25675
 	RESERVED
 	- imagemagick 8:6.9.11.24+dfsg-1
+	[buster] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1731
 	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/64dc80b2e1907f7f20bf34d4df9483f938b0de71
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/6b169173585127299f4724f7880b575879c7f033
@@ -10914,6 +10913,7 @@ CVE-2020-25666
 CVE-2020-25665
 	RESERVED
 	- imagemagick 8:6.9.11.24+dfsg-1
+	[buster] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1714
 	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/cfd829bd3581b092e0a267b3deba46fa90b9bc88
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/ca80e93cc887fb8971ceba2eead2c74e2b927df4
@@ -23345,6 +23345,7 @@ CVE-2020-19668 (Unverified indexs into the array lead to out of bound access in
 	NOTE: https://github.com/saitoha/libsixel/issues/136
 CVE-2020-19667 (Stack-based buffer overflow and unconditional jump in ReadXPMImage in  ...)
 	- imagemagick 8:6.9.11.24+dfsg-1
+	[buster] - imagemagick <ignored> (Minor issue)
 	[stretch] - imagemagick <postponed> (Minor issue, can be fixed with later issues)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1895
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/26538669546730c5b2dc36e7d48850f1f6928f94
@@ -38798,8 +38799,8 @@ CVE-2020-13126 (An issue was discovered in the Elementor Pro plugin before 2.9.4
 CVE-2020-13125 (An issue was discovered in the "Ultimate Addons for Elementor" plugin  ...)
 	NOT-FOR-US: "Ultimate Addons for Elementor" plugin for WordPress
 CVE-2020-13124 (SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in ...)
-	- sabnzbdplus <unfixed>
-	[buster] - sabnzbdplus <no-dsa> (Minor update, can be fixed via point release, contrib not supported)
+	- sabnzbdplus 3.1.1+dfsg-1
+	[buster] - sabnzbdplus <no-dsa> (Minor issue, can be fixed via point release, contrib not supported)
 	[stretch] - sabnzbdplus <ignored> (contrib not supported)
 	NOTE: https://github.com/sabnzbd/sabnzbd/security/advisories/GHSA-9x87-96gg-33w2
 	NOTE: https://github.com/sabnzbd/sabnzbd/commit/dfcba6e2fb37f58fea06b453b1ba258c7f110429



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f6bfc4d17c06b82b977c2eb21dd11f7057c9523f...050e624bc7e41d8aa493cef869ca4a0ea033d61c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f6bfc4d17c06b82b977c2eb21dd11f7057c9523f...050e624bc7e41d8aa493cef869ca4a0ea033d61c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201125/c0b74be8/attachment.html>

More information about the debian-security-tracker-commits mailing list