[Git][security-tracker-team/security-tracker][master] Mark remaining issues of f2fs-tools as no-dsa. Follow carnil's
Abhijith PA
abhijith at debian.org
Mon Feb 1 04:56:06 GMT 2021
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker
Commits:
30626475 by Abhijith PA at 2021-02-01T10:24:23+05:30
Mark remaining issues of f2fs-tools as no-dsa. Follow carnil's
advice.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -78527,22 +78527,27 @@ CVE-2020-6109 (An exploitable path traversal vulnerability exists in the Zoom cl
CVE-2020-6108 (An exploitable code execution vulnerability exists in the fsck_chk_orp ...)
- f2fs-tools 1.14.0-1 (bug #973380)
[buster] - f2fs-tools <no-dsa> (Minor issue)
+ [stretch] - f2fs-tools <no-dsa> (Minor issue)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1050
CVE-2020-6107 (An exploitable information disclosure vulnerability exists in the dev_ ...)
- f2fs-tools 1.14.0-1 (bug #973380)
[buster] - f2fs-tools <no-dsa> (Minor issue)
+ [stretch] - f2fs-tools <no-dsa> (Minor issue)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1049
CVE-2020-6106 (An exploitable information disclosure vulnerability exists in the init ...)
- f2fs-tools 1.14.0-1 (bug #973380)
[buster] - f2fs-tools <no-dsa> (Minor issue)
+ [stretch] - f2fs-tools <no-dsa> (Minor issue)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1048
CVE-2020-6105 (An exploitable code execution vulnerability exists in the multiple dev ...)
- f2fs-tools 1.14.0-1 (bug #973380)
[buster] - f2fs-tools <no-dsa> (Minor issue)
+ [stretch] - f2fs-tools <no-dsa> (Minor issue)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1047
CVE-2020-6104 (An exploitable information disclosure vulnerability exists in the get_ ...)
- f2fs-tools 1.14.0-1 (bug #973380)
[buster] - f2fs-tools <no-dsa> (Minor issue)
+ [stretch] - f2fs-tools <no-dsa> (Minor issue)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1046
CVE-2020-6103 (An exploitable code execution vulnerability exists in the Shader funct ...)
NOT-FOR-US: AMD Radeon DirectX 11 Driver atidxx64.dll
@@ -78665,6 +78670,7 @@ CVE-2020-6071 (An exploitable denial-of-service vulnerability exists in the reso
CVE-2020-6070 (An exploitable code execution vulnerability exists in the file system ...)
- f2fs-tools 1.14.0-1 (bug #970941)
[buster] - f2fs-tools <no-dsa> (Minor issue)
+ [stretch] - f2fs-tools <no-dsa> (Minor issue)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-0988
CVE-2020-6069 (An exploitable out-of-bounds write vulnerability exists in the igcore1 ...)
NOT-FOR-US: Accusoft ImageGear
=====================================
data/dla-needed.txt
=====================================
@@ -34,10 +34,6 @@ condor
--
dnsmasq (Utkarsh)
--
-f2fs-tools (Abhijith PA)
- NOTE: 20200815: About CVE-2020-6070. The fix got introduced between 1.12.0 and 1.13.0, but it is not trivial to
- NOTE: 20200815: to detect which of the patches correlates to the CVE. Contacting upstream might be necessary. (sunweaver)
---
firefox-esr (Emilio)
--
firmware-nonfree
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/306264756a004fae1d951dee20b4e6f6a6d765a4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/306264756a004fae1d951dee20b4e6f6a6d765a4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210201/b800c713/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list