[Git][security-tracker-team/security-tracker][master] automatic update

Mon Sep 21 09:10:28 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cb911dd8 by security tracker role at 2020-09-21T08:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16841,6 +16841,7 @@ CVE-2020-17509
 CVE-2020-17508
 	RESERVED
 CVE-2020-17507 (An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15. ...)
+	{DLA-2377-1 DLA-2376-1}
 	- qtbase-opensource-src 5.14.2+dfsg-6 (bug #968444)
 	[buster] - qtbase-opensource-src <no-dsa> (Minor issue)
 	- qt4-x11 <removed> (bug #970308)
@@ -24810,14 +24811,14 @@ CVE-2020-14182
 	RESERVED
 CVE-2020-14181 (Affected versions of Atlassian Jira Server and Data Center allow an un ...)
 	NOT-FOR-US: Atlassian
-CVE-2020-14180
-	RESERVED
-CVE-2020-14179
-	RESERVED
+CVE-2020-14180 (Affected versions of Atlassian Jira Service Desk Server and Data Cente ...)
+	TODO: check
+CVE-2020-14179 (Affected versions of Atlassian Jira Server and Data Center allow remot ...)
+	TODO: check
 CVE-2020-14178 (Affected versions of Atlassian Jira Server and Data Center allow remot ...)
 	NOT-FOR-US: Atlassian
-CVE-2020-14177
-	RESERVED
+CVE-2020-14177 (Affected versions of Atlassian Jira Server and Data Center allow remot ...)
+	TODO: check
 CVE-2020-14176
 	RESERVED
 CVE-2020-14175 (Affected versions of Atlassian Confluence Server and Data Center allow ...)
@@ -115210,7 +115211,7 @@ CVE-2018-19875
 CVE-2018-19874
 	RESERVED
 CVE-2018-19873 (An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer  ...)
-	{DSA-4374-1 DLA-1786-1 DLA-1627-1}
+	{DSA-4374-1 DLA-2377-1 DLA-1786-1 DLA-1627-1}
 	[experimental] - qtbase-opensource-src 5.11.3+dfsg-1
 	- qtbase-opensource-src 5.11.3+dfsg-2 (low)
 	- qt4-x11 4:4.8.7+dfsg-18 (low; bug #923003)
@@ -115219,6 +115220,7 @@ CVE-2018-19873 (An issue was discovered in Qt before 5.11.3. QBmpHandler has a b
 	NOTE: https://codereview.qt-project.org/#/c/238749/
 	NOTE: https://github.com/qt/qtbase/commit/621ab8ab59901cc3f9bd98be709929c9eac997a8
 CVE-2018-19872 (An issue was discovered in Qt 5.11. A malformed PPM image causes a div ...)
+	{DLA-2377-1 DLA-2376-1}
 	- qtbase-opensource-src 5.11.2+dfsg-3 (low)
 	[stretch] - qtbase-opensource-src <no-dsa> (Minor issue)
 	[jessie] - qtbase-opensource-src <no-dsa> (Minor issue)
@@ -115228,7 +115230,7 @@ CVE-2018-19872 (An issue was discovered in Qt 5.11. A malformed PPM image causes
 	NOTE: https://bugreports.qt.io/browse/QTBUG-69449
 	NOTE: qt4-x11: POC doesn't crash on neither jessie nor stretch, it's possibly incomplete; patch applies though.
 CVE-2018-19871 (An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontr ...)
-	{DLA-1786-1}
+	{DLA-2377-1 DLA-1786-1}
 	- qtimageformats-opensource-src 5.11.3-2 (low)
 	[stretch] - qtimageformats-opensource-src <no-dsa> (Minor issue)
 	[jessie] - qtimageformats-opensource-src <postponed> (Minor issue)
@@ -115239,7 +115241,7 @@ CVE-2018-19871 (An issue was discovered in Qt before 5.11.3. There is QTgaFile U
 	NOTE: qt4-x11 affected in src/plugins/imageformats/tga/qtgafile.cpp
 	NOTE: https://github.com/qt/qtimageformats/commit/7cfe47a8fe2f987fb2a066a696fb3d9d0afe4d65
 CVE-2018-19870 (An issue was discovered in Qt before 5.11.3. A malformed GIF image cau ...)
-	{DSA-4374-1 DLA-1786-1 DLA-1627-1}
+	{DSA-4374-1 DLA-2377-1 DLA-1786-1 DLA-1627-1}
 	[experimental] - qtbase-opensource-src 5.11.3+dfsg-1
 	- qtbase-opensource-src 5.11.3+dfsg-2 (low)
 	- qt4-x11 4:4.8.7+dfsg-18 (low; bug #923003)
@@ -115250,7 +115252,7 @@ CVE-2018-19870 (An issue was discovered in Qt before 5.11.3. A malformed GIF ima
 	NOTE: src/plugins/imageformats/gif/qgifhandler.cpp depending on the version
 	NOTE: https://github.com/qt/qtbase/commit/2841e2b61e32f26900bde987d469c8b97ea31999
 CVE-2018-19869 (An issue was discovered in Qt before 5.11.3. A malformed SVG image cau ...)
-	{DLA-1786-1}
+	{DLA-2377-1 DLA-1786-1}
 	[experimental] - qtsvg-opensource-src 5.11.3-1
 	- qtsvg-opensource-src 5.11.3-2 (low)
 	[stretch] - qtsvg-opensource-src <no-dsa> (Minor issue)
@@ -130029,7 +130031,7 @@ CVE-2018-15520 (Various Lexmark devices have a Buffer Overflow (issue 2 of 2). .
 CVE-2018-15519 (Various Lexmark devices have a Buffer Overflow (issue 1 of 2). ...)
 	NOT-FOR-US: Lexmark devices
 CVE-2018-15518 (QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption dur ...)
-	{DSA-4374-1 DLA-1786-1 DLA-1627-1}
+	{DSA-4374-1 DLA-2377-1 DLA-1786-1 DLA-1627-1}
 	[experimental] - qtbase-opensource-src 5.11.3+dfsg-1
 	- qtbase-opensource-src 5.11.3+dfsg-2
 	- qt4-x11 4:4.8.7+dfsg-18 (low)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb911dd827d851ada819cb5483a50e5d0522886b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb911dd827d851ada819cb5483a50e5d0522886b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200921/f02812b4/attachment.html>
