[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Mon Sep 21 21:10:31 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1b541bb9 by security tracker role at 2020-09-21T20:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2020-25801
+	RESERVED
+CVE-2020-25800
+	RESERVED
+CVE-2020-25799
+	RESERVED
+CVE-2020-25798
+	RESERVED
+CVE-2020-25797
+	RESERVED
 CVE-2020-25790 (** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to upload  ...)
 	NOT-FOR-US: Typesetter CMS
 CVE-2020-25789 (An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-1 ...)
@@ -19654,8 +19664,8 @@ CVE-2020-16173
 	RESERVED
 CVE-2020-16172
 	RESERVED
-CVE-2020-16171
-	RESERVED
+CVE-2020-16171 (An issue was discovered in Acronis Cyber Backup before 12.5 Build 1634 ...)
+	TODO: check
 CVE-2020-16170 (Use of Hard-coded Credentials in temi Robox OS prior to 120, temi Andr ...)
 	NOT-FOR-US: Temi application fo Android
 CVE-2020-16169 (Authentication Bypass Using an Alternate Path or Channel in temi Robox ...)
@@ -20098,22 +20108,21 @@ CVE-2020-15968
 	RESERVED
 CVE-2020-15967
 	RESERVED
-CVE-2020-15966
-	RESERVED
-CVE-2020-15965
-	RESERVED
-CVE-2020-15964
-	RESERVED
-CVE-2020-15963
-	RESERVED
-CVE-2020-15962
-	RESERVED
-CVE-2020-15961
-	RESERVED
-CVE-2020-15960
-	RESERVED
-CVE-2020-15959
-	RESERVED
+CVE-2020-15966 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
+	TODO: check
+CVE-2020-15965 (Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a ...)
+	TODO: check
+CVE-2020-15964 (Insufficient data validation in media in Google Chrome prior to 85.0.4 ...)
+	TODO: check
+CVE-2020-15963 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
+	TODO: check
+CVE-2020-15962 (Insufficient policy validation in serial in Google Chrome prior to 85. ...)
+	TODO: check
+CVE-2020-15961 (Insufficient policy validation in extensions in Google Chrome prior to ...)
+	TODO: check
+CVE-2020-15960 (Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.12 ...)
+	TODO: check
+CVE-2020-15959 (Insufficient policy enforcement in networking in Google Chrome prior t ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-15958 (An issue was discovered in 1CRM System through 8.6.7. An insecure dire ...)
@@ -45474,164 +45483,126 @@ CVE-2020-6578
 	RESERVED
 CVE-2020-6577
 	RESERVED
-CVE-2020-6576
-	RESERVED
+CVE-2020-6576 (Use after free in offscreen canvas in Google Chrome prior to 85.0.4183 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6575
-	RESERVED
+CVE-2020-6575 (Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote  ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6574
-	RESERVED
+CVE-2020-6574 (Insufficient policy enforcement in installer in Google Chrome on OS X  ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6573
-	RESERVED
+CVE-2020-6573 (Use after free in video in Google Chrome on Android prior to 85.0.4183 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6572
 	RESERVED
-CVE-2020-6571
-	RESERVED
+CVE-2020-6571 (Insufficient data validation in Omnibox in Google Chrome prior to 85.0 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6570
-	RESERVED
+CVE-2020-6570 (Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 a ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6569
-	RESERVED
+CVE-2020-6569 (Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allo ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6568
-	RESERVED
+CVE-2020-6568 (Insufficient policy enforcement in intent handling in Google Chrome on ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6567
-	RESERVED
+CVE-2020-6567 (Insufficient validation of untrusted input in command line handling in ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6566
-	RESERVED
+CVE-2020-6566 (Insufficient policy enforcement in media in Google Chrome prior to 85. ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6565
-	RESERVED
+CVE-2020-6565 (Inappropriate implementation in Omnibox in Google Chrome on iOS prior  ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6564
-	RESERVED
+CVE-2020-6564 (Inappropriate implementation in permissions in Google Chrome prior to  ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6563
-	RESERVED
+CVE-2020-6563 (Insufficient policy enforcement in intent handling in Google Chrome on ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6562
-	RESERVED
+CVE-2020-6562 (Insufficient policy enforcement in Blink in Google Chrome prior to 85. ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6561
-	RESERVED
+CVE-2020-6561 (Inappropriate implementation in Content Security Policy in Google Chro ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6560
-	RESERVED
+CVE-2020-6560 (Insufficient policy enforcement in autofill in Google Chrome prior to  ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6559
-	RESERVED
+CVE-2020-6559 (Use after free in presentation API in Google Chrome prior to 85.0.4183 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6558
-	RESERVED
+CVE-2020-6558 (Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prio ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6557
 	RESERVED
-CVE-2020-6556
-	RESERVED
+CVE-2020-6556 (Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.414 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6555
-	RESERVED
+CVE-2020-6555 (Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 al ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6554
-	RESERVED
+CVE-2020-6554 (Use after free in extensions in Google Chrome prior to 84.0.4147.125 a ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6553
-	RESERVED
+CVE-2020-6553 (Use after free in offline mode in Google Chrome on iOS prior to 84.0.4 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6552
-	RESERVED
+CVE-2020-6552 (Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowe ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6551
-	RESERVED
+CVE-2020-6551 (Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowe ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6550
-	RESERVED
+CVE-2020-6550 (Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 al ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6549
-	RESERVED
+CVE-2020-6549 (Use after free in media in Google Chrome prior to 84.0.4147.125 allowe ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6548
-	RESERVED
+CVE-2020-6548 (Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 a ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6547
-	RESERVED
+CVE-2020-6547 (Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6546
-	RESERVED
+CVE-2020-6546 (Inappropriate implementation in installer in Google Chrome prior to 84 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6545
-	RESERVED
+CVE-2020-6545 (Use after free in audio in Google Chrome prior to 84.0.4147.125 allowe ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6544
-	RESERVED
+CVE-2020-6544 (Use after free in media in Google Chrome prior to 84.0.4147.125 allowe ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6543
-	RESERVED
+CVE-2020-6543 (Use after free in task scheduling in Google Chrome prior to 84.0.4147. ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6542
-	RESERVED
+CVE-2020-6542 (Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowe ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6541
-	RESERVED
+CVE-2020-6541 (Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allow ...)
 	[experimental] - chromium 84.0.4147.105-1
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6540
-	RESERVED
+CVE-2020-6540 (Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowe ...)
 	[experimental] - chromium 84.0.4147.105-1
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6539
-	RESERVED
+CVE-2020-6539 (Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed  ...)
 	[experimental] - chromium 84.0.4147.105-1
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6538
-	RESERVED
+CVE-2020-6538 (Inappropriate implementation in WebView in Google Chrome on Android pr ...)
 	[experimental] - chromium 84.0.4147.105-1
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6537
-	RESERVED
+CVE-2020-6537 (Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a ...)
 	[experimental] - chromium 84.0.4147.105-1
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -45651,8 +45622,7 @@ CVE-2020-6533 (Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allow
 	[experimental] - chromium 84.0.4147.89-1
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6532
-	RESERVED
+CVE-2020-6532 (Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed ...)
 	[experimental] - chromium 84.0.4147.105-1
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -50373,8 +50343,8 @@ CVE-2020-4733
 	RESERVED
 CVE-2020-4732
 	RESERVED
-CVE-2020-4731
-	RESERVED
+CVE-2020-4731 (IBM Aspera Web Application 1.9.14 PL1 is vulnerable to cross-site scri ...)
+	TODO: check
 CVE-2020-4730
 	RESERVED
 CVE-2020-4729
@@ -50549,8 +50519,8 @@ CVE-2020-4645 (IBM Planning Analytics Local 2.0.0 through 2.0.9.1 is vulnerable
 	NOT-FOR-US: IBM
 CVE-2020-4644 (IBM Planning Analytics Local 2.0.0 through 2.0.9.1 could allow a remot ...)
 	NOT-FOR-US: IBM
-CVE-2020-4643
-	RESERVED
+CVE-2020-4643 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable  ...)
+	TODO: check
 CVE-2020-4642
 	RESERVED
 CVE-2020-4641
@@ -50655,8 +50625,8 @@ CVE-2020-4592
 	RESERVED
 CVE-2020-4591 (IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclos ...)
 	NOT-FOR-US: IBM
-CVE-2020-4590
-	RESERVED
+CVE-2020-4590 (IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 run ...)
+	TODO: check
 CVE-2020-4589 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
 	NOT-FOR-US: IBM
 CVE-2020-4588
@@ -50673,12 +50643,12 @@ CVE-2020-4583
 	RESERVED
 CVE-2020-4582
 	RESERVED
-CVE-2020-4581
-	RESERVED
-CVE-2020-4580
-	RESERVED
-CVE-2020-4579
-	RESERVED
+CVE-2020-4581 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a rem ...)
+	TODO: check
+CVE-2020-4580 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a rem ...)
+	TODO: check
+CVE-2020-4579 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a rem ...)
+	TODO: check
 CVE-2020-4578 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable  ...)
 	NOT-FOR-US: IBM
 CVE-2020-4577
@@ -51205,8 +51175,8 @@ CVE-2020-4317 (IBM Intelligent Operations Center for Emergency Management, Intel
 	NOT-FOR-US: IBM
 CVE-2020-4316 (IBM Publishing Engine 6.0.6, 6.0.6.1, and 7.0 does not set the secure  ...)
 	NOT-FOR-US: IBM
-CVE-2020-4315
-	RESERVED
+CVE-2020-4315 (IBM Business Automation Content Analyzer on Cloud 1.0 does not set the ...)
+	TODO: check
 CVE-2020-4314
 	RESERVED
 CVE-2020-4313



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b541bb9cfed18508390b3090d329f030cc74638

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b541bb9cfed18508390b3090d329f030cc74638
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200921/37b610a9/attachment.html>

More information about the debian-security-tracker-commits mailing list