Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f4a88e26 by security tracker role at 2020-03-22T08:10:45+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2020-10804 (In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL
injection v ...)
+ TODO: check
+CVE-2020-10803 (In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL
injection v ...)
+ TODO: check
+CVE-2020-10802 (In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL
injection v ...)
+ TODO: check
+CVE-2020-10801
+ RESERVED
CVE-2020-10800 (lix through 15.8.7 allows man-in-the-middle attackers to
execute arbit ...)
TODO: check
CVE-2020-10799 (The svglib package through 0.9.3 for Python allows XXE attacks
via an ...)
@@ -45781,6 +45789,7 @@ CVE-2019-12922 (A CSRF issue in phpMyAdmin 4.9.0.1
allows deletion of any server
NOTE: https://seclists.org/fulldisclosure/2019/Sep/23
NOTE:
https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161
(4.9.1)
CVE-2019-12921 (In GraphicsMagick before 1.3.32, the text filename component
allows re ...)
+ {DLA-2152-1}
- graphicsmagick 1.4~hg16039-1
NOTE:
https://github.com/d0ge/data-processing/blob/master/CVE-2019-12921.md
NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/f780c290b4ab
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4a88e26eef5c24828547cc58dde5d3c6362fc96
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4a88e26eef5c24828547cc58dde5d3c6362fc96
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
