[Git][security-tracker-team/security-tracker][master] python-rtslib-fb, iotjs, packagekit bugs

Wed Oct 14 21:50:01 BST 2020


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
752cf913 by Moritz Mühlenhoff at 2020-10-14T22:49:44+02:00
python-rtslib-fb, iotjs, packagekit bugs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22752,13 +22752,13 @@ CVE-2020-16123
 CVE-2020-16122
 	RESERVED
 	{DLA-2399-1}
-	- packagekit <unfixed>
+	- packagekit <unfixed> (bug #972229)
 	[buster] - packagekit <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1882098
 CVE-2020-16121
 	RESERVED
 	{DLA-2399-1}
-	- packagekit <unfixed>
+	- packagekit <unfixed> (bug #972229)
 	[buster] - packagekit <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1888887
 CVE-2020-16120
@@ -28409,7 +28409,7 @@ CVE-2020-14021 (An issue was discovered in Ozeki NG SMS Gateway through 4.17.6.
 CVE-2020-14020
 	RESERVED
 CVE-2020-14019 (Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/targ ...)
-	- python-rtslib-fb <unfixed>
+	- python-rtslib-fb <unfixed> (bug #972227)
 	[buster] - python-rtslib-fb <not-affected> (Introduced in 2.1.70)
 	[stretch] - python-rtslib-fb <not-affected> (vulnerable code introduced later, shutil.copyfile is not used)
 	[jessie] - python-rtslib-fb <not-affected> (vulnerable code introduced later, shutil.copyfile is not used)
@@ -28486,7 +28486,7 @@ CVE-2020-13993 (An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0.
 CVE-2020-13992 (An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A Sto ...)
 	NOT-FOR-US: Mods for HESK
 CVE-2020-13991 (vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow  ...)
-	- iotjs <unfixed>
+	- iotjs <unfixed> (bug #972228)
 	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3858
 	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3859
 	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3860



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/752cf91386bf2e663ba2becf5df79194c91e6212

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/752cf91386bf2e663ba2becf5df79194c91e6212
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201014/4d83c078/attachment.html>
