[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Fri, 03 Jul 2020 01:11:07 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
80ee8e8a by security tracker role at 2020-07-03T08:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2020-15511
+       RESERVED
+CVE-2020-15510
+       RESERVED
 CVE-2020-15509
        RESERVED
 CVE-2020-15508
@@ -89,8 +93,7 @@ CVE-2020-15471 (In nDPI through 3.2, the packet parsing code 
is vulnerable to a
        NOTE: 
https://github.com/ntop/nDPI/commit/61066fb106efa6d3d95b67e47b662de208b2b622
 CVE-2020-15470 (ffjpeg through 2020-02-24 has a heap-based buffer overflow in 
jfif_dec ...)
        NOT-FOR-US: ffjpeg
-CVE-2020-15469
-       RESERVED
+CVE-2020-15469 (In QEMU 4.2.0, a MemoryRegionOps object may lack read/write 
callback m ...)
        - qemu <unfixed> (low)
        [buster] - qemu <postponed> (Minor issue, fix along in next DSA)
        [stretch] - qemu <postponed> (Minor issue, fix along in next DSA)
@@ -3167,10 +3170,10 @@ CVE-2020-14175
        RESERVED
 CVE-2020-14174
        RESERVED
-CVE-2020-14173
-       RESERVED
-CVE-2020-14172
-       RESERVED
+CVE-2020-14173 (The file upload feature in Atlassian Jira Server and Data 
Center in af ...)
+       TODO: check
+CVE-2020-14172 (Affected versions of Atlassian Jira Server and Data Center 
allow remot ...)
+       TODO: check
 CVE-2020-14171
        RESERVED
 CVE-2020-14170
@@ -20030,10 +20033,10 @@ CVE-2020-7921 (Improper serialization of internal 
state in the authorization sub
        [stretch] - mongodb <no-dsa> (Minor issue)
        [jessie] - mongodb <no-dsa> (Minor issue)
        NOTE: https://jira.mongodb.org/browse/SERVER-45472
-CVE-2019-20419
-       RESERVED
-CVE-2019-20418
-       RESERVED
+CVE-2019-20419 (Affected versions of Atlassian Jira Server and Data Center 
allow remot ...)
+       TODO: check
+CVE-2019-20418 (Affected versions of Atlassian Jira Server and Data Center 
allow remot ...)
+       TODO: check
 CVE-2019-20417 (Affected versions of Atlassian Jira Server and Data Center 
allow remot ...)
        NOT-FOR-US: Atlassian
 CVE-2019-20416 (Affected versions of Atlassian Jira Server and Data Center 
allow remot ...)
@@ -58799,6 +58802,7 @@ CVE-2019-13393 (The Voo branded NETGEAR CG3700b custom 
firmware V2.02.03 uses th
 CVE-2019-13392 (A reflected Cross-Site Scripting (XSS) vulnerability in 
MindPalette Na ...)
        NOT-FOR-US: MindPalette NateMail
 CVE-2019-13391 (In ImageMagick 7.0.8-50 Q16, ComplexImages in 
MagickCore/fourier.c has ...)
+       {DSA-4712-1}
        - imagemagick <unfixed> (low; bug #931633)
        [stretch] - imagemagick <ignored> (Minor issue)
        [jessie] - imagemagick <postponed> (minor, wait for upstream to clear 
patch-related questions)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80ee8e8a4655495d10c5ed2fdd19e07d85641e3d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80ee8e8a4655495d10c5ed2fdd19e07d85641e3d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to