[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Jan 1 20:10:39 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b9da72a0 by security tracker role at 2021-01-01T20:10:32+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2021-3003
+ RESERVED
+CVE-2021-3002 (Seo Panel 4.8.0 allows reflected XSS via the seo/seopanel/login.php?se ...)
+ TODO: check
CVE-2021-3001
RESERVED
CVE-2020-35951 (An issue was discovered in the Quiz and Survey Master plugin before 7. ...)
@@ -646,8 +650,8 @@ CVE-2020-35719
RESERVED
CVE-2020-35718
RESERVED
-CVE-2020-35717
- RESERVED
+CVE-2020-35717 (zonote through 0.4.0 allows XSS via a crafted note, with resultant Rem ...)
+ TODO: check
CVE-2020-35716 (Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attacker ...)
NOT-FOR-US: Belkin LINKSYS RE6500 devices
CVE-2020-35715 (Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote authenti ...)
@@ -8361,7 +8365,7 @@ CVE-2020-28935 (NLnet Labs Unbound, up to and including version 1.12.0, and NLne
NOTE: https://github.com/NLnetLabs/unbound/issues/303
NOTE: Fixed by: https://github.com/NLnetLabs/unbound/commit/ad387832979b6ce4c93f64fe706301cd7d034e87 (release-1.13.0rc1)
CVE-2019-20933 (InfluxDB before 1.7.6 has an authentication bypass vulnerability in th ...)
- {DLA-2501-1}
+ {DSA-4823-1 DLA-2501-1}
- influxdb 1.6.7~rc0-1 (bug #978087)
NOTE: https://github.com/influxdata/influxdb/commit/761b557315ff9c1642cf3b0e5797cd3d983a24c0
NOTE: https://github.com/influxdata/influxdb/issues/12927
@@ -39178,7 +39182,7 @@ CVE-2020-16043
RESERVED
CVE-2020-16042
RESERVED
- {DSA-4815-1 DSA-4813-1 DLA-2497-1 DLA-2496-1}
+ {DSA-4824-1 DSA-4815-1 DSA-4813-1 DLA-2497-1 DLA-2496-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
- firefox 84.0-1
@@ -39189,123 +39193,152 @@ CVE-2020-16042
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/#CVE-2020-16042
CVE-2020-16041
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16040
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16039
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16038
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16037
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16036
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16035
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16034
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16033
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16032
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16031
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16030
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16029
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16028
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16027
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16026
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16025
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16024
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16023
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16022
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16021
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16020
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16019
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16018
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16017
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16016
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16015
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16014
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16013
RESERVED
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16012
RESERVED
- {DSA-4796-1 DSA-4793-1 DLA-2464-1 DLA-2457-1}
+ {DSA-4824-1 DSA-4796-1 DSA-4793-1 DLA-2464-1 DLA-2457-1}
- firefox 83.0-1
- firefox-esr 78.5.0esr-1
- thunderbird 1:78.5.0-1
@@ -39315,41 +39348,52 @@ CVE-2020-16012
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/#CVE-2020-16012
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/#CVE-2020-16012
CVE-2020-16011 (Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4 ...)
+ {DSA-4824-1}
- chromium <not-affected> (Windows-specific)
CVE-2020-16010 (Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4 ...)
- chromium <not-affected> (Android-specific)
CVE-2020-16009 (Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16008 (Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.18 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16007 (Insufficient data validation in installer in Google Chrome prior to 86 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16006 (Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16005 (Insufficient policy enforcement in ANGLE in Google Chrome prior to 86. ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16004 (Use after free in user interface in Google Chrome prior to 86.0.4240.1 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16003 (Use after free in printing in Google Chrome prior to 86.0.4240.111 all ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16002 (Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allow ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16001 (Use after free in media in Google Chrome prior to 86.0.4240.111 allowe ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16000 (Inappropriate implementation in Blink in Google Chrome prior to 86.0.4 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15999 (Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.1 ...)
- {DSA-4777-1 DLA-2415-1}
+ {DSA-4824-1 DSA-4777-1 DLA-2415-1}
- freetype 2.10.2+dfsg-4 (bug #972586)
NOTE: https://www.openwall.com/lists/oss-security/2020/10/20/7
NOTE: https://savannah.nongnu.org/bugs/?59308
@@ -39368,76 +39412,99 @@ CVE-2020-15994 (Use after free in V8 in Google Chrome prior to 86.0.4240.99 allo
CVE-2020-15993 (Use after free in printing in Google Chrome prior to 86.0.4240.99 allo ...)
- chromium <not-affected> (Chrome on Android)
CVE-2020-15992 (Insufficient policy enforcement in networking in Google Chrome prior t ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15991 (Use after free in password manager in Google Chrome prior to 86.0.4240 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15990 (Use after free in autofill in Google Chrome prior to 86.0.4240.75 allo ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15989 (Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 al ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15988 (Insufficient policy enforcement in downloads in Google Chrome on Windo ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15987 (Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowe ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15986 (Integer overflow in media in Google Chrome prior to 86.0.4240.75 allow ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15985 (Inappropriate implementation in Blink in Google Chrome prior to 86.0.4 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15984 (Insufficient policy enforcement in Omnibox in Google Chrome on iOS pri ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15983 (Insufficient data validation in webUI in Google Chrome on ChromeOS pri ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15982 (Inappropriate implementation in cache in Google Chrome prior to 86.0.4 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15981 (Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 all ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15980 (Insufficient policy enforcement in Intents in Google Chrome on Android ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15979 (Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15978 (Insufficient data validation in navigation in Google Chrome on Android ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15977 (Insufficient data validation in dialogs in Google Chrome on OS X prior ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15976 (Use after free in WebXR in Google Chrome on Android prior to 86.0.4240 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15975 (Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15974 (Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allow ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15973 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15972 (Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15971 (Use after free in printing in Google Chrome prior to 86.0.4240.75 allo ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15970 (Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15969 (Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowe ...)
- {DSA-4780-1 DSA-4778-1 DLA-2416-1 DLA-2411-1}
+ {DSA-4824-1 DSA-4780-1 DSA-4778-1 DLA-2416-1 DLA-2411-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
- firefox 82.0-1
@@ -39447,33 +39514,43 @@ CVE-2020-15969 (Use after free in WebRTC in Google Chrome prior to 86.0.4240.75
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-46/#CVE-2020-15969
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-47/#CVE-2020-15969
CVE-2020-15968 (Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15967 (Use after free in payments in Google Chrome prior to 86.0.4240.75 allo ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15966 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15965 (Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15964 (Insufficient data validation in media in Google Chrome prior to 85.0.4 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15963 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15962 (Insufficient policy validation in serial in Google Chrome prior to 85. ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15961 (Insufficient policy validation in extensions in Google Chrome prior to ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15960 (Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.12 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15959 (Insufficient policy enforcement in networking in Google Chrome prior t ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15958 (An issue was discovered in 1CRM System through 8.6.7. An insecure dire ...)
@@ -54099,7 +54176,7 @@ CVE-2020-10967 (In Dovecot before 2.3.10.1, remote unauthenticated attackers can
[stretch] - dovecot <not-affected> (Vulnerable code introduced in 2.3.0)
[jessie] - dovecot <not-affected> (Vulnerable code introduced in 2.3.0)
NOTE: https://www.openwall.com/lists/oss-security/2020/05/18/1
-CVE-2020-35861 [RUSTSEC-2020-0006: bumpalo: Flaw in `realloc` allows reading unknown memory]
+CVE-2020-35861 (An issue was discovered in the bumpalo crate before 3.2.1 for Rust. Th ...)
- rust-bumpalo 3.2.1-1 (bug #955151)
NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0006.html
NOTE: https://github.com/fitzgen/bumpalo/issues/69
@@ -65362,219 +65439,280 @@ CVE-2020-6578
CVE-2020-6577
RESERVED
CVE-2020-6576 (Use after free in offscreen canvas in Google Chrome prior to 85.0.4183 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6575 (Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6574 (Insufficient policy enforcement in installer in Google Chrome on OS X ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6573 (Use after free in video in Google Chrome on Android prior to 85.0.4183 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6572
RESERVED
CVE-2020-6571 (Insufficient data validation in Omnibox in Google Chrome prior to 85.0 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6570 (Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 a ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6569 (Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allo ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6568 (Insufficient policy enforcement in intent handling in Google Chrome on ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6567 (Insufficient validation of untrusted input in command line handling in ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6566 (Insufficient policy enforcement in media in Google Chrome prior to 85. ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6565 (Inappropriate implementation in Omnibox in Google Chrome on iOS prior ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6564 (Inappropriate implementation in permissions in Google Chrome prior to ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6563 (Insufficient policy enforcement in intent handling in Google Chrome on ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6562 (Insufficient policy enforcement in Blink in Google Chrome prior to 85. ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6561 (Inappropriate implementation in Content Security Policy in Google Chro ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6560 (Insufficient policy enforcement in autofill in Google Chrome prior to ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6559 (Use after free in presentation API in Google Chrome prior to 85.0.4183 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6558 (Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prio ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6557 (Inappropriate implementation in networking in Google Chrome prior to 8 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6556 (Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.414 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6555 (Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 al ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6554 (Use after free in extensions in Google Chrome prior to 84.0.4147.125 a ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6553 (Use after free in offline mode in Google Chrome on iOS prior to 84.0.4 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6552 (Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowe ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6551 (Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowe ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6550 (Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 al ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6549 (Use after free in media in Google Chrome prior to 84.0.4147.125 allowe ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6548 (Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 a ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6547 (Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6546 (Inappropriate implementation in installer in Google Chrome prior to 84 ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6545 (Use after free in audio in Google Chrome prior to 84.0.4147.125 allowe ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6544 (Use after free in media in Google Chrome prior to 84.0.4147.125 allowe ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6543 (Use after free in task scheduling in Google Chrome prior to 84.0.4147. ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6542 (Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowe ...)
+ {DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6541 (Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allow ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.105-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6540 (Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowe ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.105-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6539 (Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.105-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6538 (Inappropriate implementation in WebView in Google Chrome on Android pr ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.105-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6537 (Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.105-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6536 (Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 a ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6535 (Insufficient data validation in WebUI in Google Chrome prior to 84.0.4 ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6534 (Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6533 (Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6532 (Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.105-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6531 (Side-channel information leakage in scroll to text in Google Chrome pr ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6530 (Out of bounds memory access in developer tools in Google Chrome prior ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6529 (Inappropriate implementation in WebRTC in Google Chrome prior to 84.0. ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6528 (Incorrect security UI in basic auth in Google Chrome on iOS prior to 8 ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6527 (Insufficient policy enforcement in CSP in Google Chrome prior to 84.0. ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6526 (Inappropriate implementation in iframe sandbox in Google Chrome prior ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6525 (Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 al ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6524 (Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.8 ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6523 (Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 all ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6522 (Inappropriate implementation in external protocol handlers in Google C ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6521 (Side-channel information leakage in autofill in Google Chrome prior to ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6520 (Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6519 (Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6518 (Use after free in developer tools in Google Chrome prior to 84.0.4147. ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6517 (Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6516 (Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6515 (Use after free in tab strip in Google Chrome prior to 84.0.4147.89 all ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6514 (Inappropriate implementation in WebRTC in Google Chrome prior to 84.0. ...)
- {DSA-4740-1 DSA-4736-1 DLA-2310-1 DLA-2297-1}
+ {DSA-4824-1 DSA-4740-1 DSA-4736-1 DLA-2310-1 DLA-2297-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -65586,18 +65724,22 @@ CVE-2020-6514 (Inappropriate implementation in WebRTC in Google Chrome prior to
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/#CVE-2020-6514
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-35/#CVE-2020-6514
CVE-2020-6513 (Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6512 (Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6511 (Information leak in content security policy in Google Chrome prior to ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6510 (Heap buffer overflow in background fetch in Google Chrome prior to 84. ...)
+ {DSA-4824-1}
[experimental] - chromium 84.0.4147.89-1
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -117212,6 +117354,7 @@ CVE-2019-8077 (Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 201
CVE-2019-8076 (Adobe application manager installer version 10.0 have an Insecure Libr ...)
NOT-FOR-US: Adobe
CVE-2019-8075 (Adobe Flash Player version 32.0.0.192 and earlier versions have a Same ...)
+ {DSA-4824-1}
NOT-FOR-US: Adobe
CVE-2019-8074 (ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 a ...)
NOT-FOR-US: Adobe
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9da72a0052ee0df1a9eac8ca29c72a942089d39
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9da72a0052ee0df1a9eac8ca29c72a942089d39
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210101/7338af4b/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list