[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Fri Oct 9 21:10:27 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eace3585 by security tracker role at 2020-10-09T20:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -24729,7 +24729,7 @@ CVE-2020-15171 (In XWiki before versions 11.10.5 or 12.2.1, any user with SCRIPT
 CVE-2020-15170 (apollo-adminservice before version 1.7.1 does not implement access con ...)
 	NOT-FOR-US: apollo-adminservice
 CVE-2020-15169 (In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potentia ...)
-	{DSA-4766-1}
+	{DSA-4766-1 DLA-2403-1}
 	- rails 2:6.0.3.3+dfsg-1 (bug #970040)
 	NOTE: https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2020-15169.yml
 	NOTE: https://groups.google.com/g/rubyonrails-security/c/b-C9kSGXYrc?pli=1
@@ -28099,8 +28099,8 @@ CVE-2020-13956 [incorrect handling of malformed authority component in request U
 	RESERVED
 	- httpcomponents-client <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1886587
-CVE-2020-13955
-	RESERVED
+CVE-2020-13955 (HttpUtils#getURLConnection method disables explicitly hostname verific ...)
+	TODO: check
 CVE-2020-13954
 	RESERVED
 CVE-2020-13953 (In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an att ...)
@@ -41933,8 +41933,8 @@ CVE-2020-9107
 	RESERVED
 CVE-2020-9106
 	RESERVED
-CVE-2020-9105
-	RESERVED
+CVE-2020-9105 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an ins ...)
+	TODO: check
 CVE-2020-9104 (HUAWEI P30 smartphones with Versions earlier than 10.1.0.123(C431E22R2 ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9103 (HUAWEI Mate 20 smartphones with 9.0.0.205(C00E205R2P1) have a logic er ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eace3585ffd56c7f7f8502500d58aae20b2e2826

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eace3585ffd56c7f7f8502500d58aae20b2e2826
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201009/cf277cf7/attachment.html>

More information about the debian-security-tracker-commits mailing list