[Git][security-tracker-team/security-tracker][master] crawl bug filed

Sun, 19 Apr 2020 14:22:14 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bdbd830b by Moritz Muehlenhoff at 2020-04-19T23:21:00+02:00
crawl bug filed
various no-dsa/postponed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -68,10 +68,14 @@ CVE-2020-11881
        RESERVED
 CVE-2020-11880 (An issue was discovered in KDE KMail before 19.12.3. By using 
the prop ...)
        - kmail <unfixed> (bug #958054)
+       [buster] - kmail <no-dsa> (Minor issue)
        - kdepim <removed>
+       [stretch] - kdepim <no-dsa> (Minor issue)
        NOTE: 
https://cgit.kde.org/kmail.git/commit/?id=2a348eccd352260f192d9b449492071bbf2b34b1
 CVE-2020-11879 (An issue was discovered in GNOME Evolution before 3.35.91. By 
using th ...)
        - evolution 3.36.0-1
+       [buster] - evolution <no-dsa> (Minor issue)
+       [stretch] - evolution <no-dsa> (Minor issue)
        NOTE: https://gitlab.gnome.org/GNOME/evolution/issues/784
        NOTE: 
https://gitlab.gnome.org/GNOME/evolution/-/commit/6489f20d6905cc797e2b2581c415e558c457caa7
 CVE-2020-11878 (The Jitsi Meet (aka docker-jitsi-meet) stack on Docker before 
stable-4 ...)
@@ -720,7 +724,9 @@ CVE-2020-11725 (** DISPUTED ** snd_ctl_elem_add in 
sound/core/control.c in the L
 CVE-2020-11723 (Cellebrite UFED 5.0 through 7.29 uses four hardcoded RSA 
private keys  ...)
        NOT-FOR-US: Cellebrite UFED
 CVE-2020-11722 (Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 
allows remote ...)
-       - crawl <unfixed>
+       - crawl <unfixed> (bug #958232)
+       [buster] - crawl <no-dsa> (Minor issue)
+       [stretch] - crawl <no-dsa> (Minor issue)
        NOTE: 
https://dpmendenhall.blogspot.com/2020/03/dungeon-crawl-stone-soup.html
        NOTE: 
https://github.com/crawl/crawl/commit/768f60da87a3fa0b5561da5ade9309577c176d04
        NOTE: 
https://github.com/crawl/crawl/commit/fc522ff6eb1bbb85e3de60c60a45762571e48c28
@@ -901,7 +907,9 @@ CVE-2020-11649
 CVE-2020-11648
        RESERVED
 CVE-2020-11647 (In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 
2.6.15, the  ...)
-       - wireshark <unfixed> (bug #958213)
+       - wireshark <unfixed> (low; bug #958213)
+       [buster] - wireshark <postponed> (Can be fixed along in next 3.0.x DSA)
+       [stretch] - wireshark <postponed> (Can be fixed along in next 
DSA/update to 3.0)
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16474
        NOTE: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6f56fc9496db158218243ea87e3660c874a0bab0
        NOTE: https://www.wireshark.org/security/wnpa-sec-2020-07.html



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bdbd830bd74a3fc1f573e0c5bc7bf165b7b31925

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bdbd830bd74a3fc1f573e0c5bc7bf165b7b31925
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to