Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: cc319a8d by Moritz Muehlenhoff at 2020-01-30T11:52:23-08:00 NFUs stb code copy bugs - - - - - 2 changed files: - data/CVE/list - data/embedded-code-copies Changes: ===================================== data/CVE/list ===================================== @@ -1459,7 +1459,7 @@ CVE-2020-7801 CVE-2020-7800 RESERVED CVE-2020-7799 (An issue was discovered in FusionAuth before 1.11.0. An authenticated ...) - TODO: check + NOT-FOR-US: FusionAuth CVE-2020-7798 RESERVED CVE-2020-7797 @@ -6234,7 +6234,7 @@ CVE-2020-5525 CVE-2020-5524 RESERVED CVE-2020-5523 (Android App 'MyPallete' and some of the Android banking applications b ...) - TODO: check + NOT-FOR-US: MyPallete CVE-2020-5522 (The kantan netprint App for Android 2.0.3 and earlier does not verify ...) NOT-FOR-US: kantan netprint App for Android CVE-2020-5521 (The kantan netprint App for iOS 2.0.2 and earlier does not verify X.50 ...) @@ -6933,11 +6933,11 @@ CVE-2020-5222 CVE-2020-5221 (In uftpd before 2.11, it is possible for an unauthenticated user to pe ...) NOT-FOR-US: uftpd CVE-2020-5220 (Sylius ResourceBundle accepts and uses any serialisation groups to be ...) - TODO: check + NOT-FOR-US: Sylius CVE-2020-5219 (Angular Expressions before version 1.0.1 has a remote code execution v ...) - TODO: check + NOT-FOR-US: Angular Expressions CVE-2020-5218 (Affected versions of Sylius give attackers the ability to switch chann ...) - TODO: check + NOT-FOR-US: Sylius CVE-2020-5217 (In Secure Headers (RubyGem secure_headers), a directive injection vuln ...) - ruby-secure-headers <unfixed> (bug #949999) NOTE: https://github.com/twitter/secure_headers/security/advisories/GHSA-xq52-rv6w-397c @@ -7005,7 +7005,7 @@ CVE-2019-20329 (OpenLambda 2019-09-10 allows DNS rebinding attacks against the O CVE-2019-20328 RESERVED CVE-2019-20327 (Insecure permissions in cwrapper_perl in Centreon Infrastructure Monit ...) - TODO: check + NOT-FOR-US: Centreon Infrastructure Monitoring CVE-2019-20325 REJECTED CVE-2019-20324 @@ -11516,9 +11516,9 @@ CVE-2019-19825 (On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text CVE-2019-19824 (On certain TOTOLINK Realtek SDK based routers, an authenticated attack ...) NOT-FOR-US: TOTOLINK Realtek SDK based routers CVE-2019-19823 (A certain router administration interface (that includes Realtek APMIB ...) - TODO: check + NOT-FOR-US: Realtek CVE-2019-19822 (A certain router administration interface (that includes Realtek APMIB ...) - TODO: check + NOT-FOR-US: Realtek CVE-2019-19821 RESERVED CVE-2019-19820 (An invalid pointer vulnerability in IOCTL Handling in the kyrld.sys dr ...) @@ -12589,7 +12589,7 @@ CVE-2020-3149 CVE-2020-3148 RESERVED CVE-2020-3147 (A vulnerability in the web UI of Cisco Small Business Switches could a ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3146 RESERVED CVE-2020-3145 @@ -25094,7 +25094,7 @@ CVE-2019-17352 (In JFinal cos before 2019-08-13, as used in JFinal 4.4, there is CVE-2019-17339 RESERVED CVE-2019-17338 (The user interface component of TIBCO Software Inc.'s TIBCO Patterns - ...) - TODO: check + NOT-FOR-US: TIBCO CVE-2019-17337 (The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire ...) NOT-FOR-US: TIBCO CVE-2019-17336 (The Data access layer component of TIBCO Software Inc.'s TIBCO Spotfir ...) @@ -33203,7 +33203,7 @@ CVE-2019-14631 CVE-2019-14630 RESERVED CVE-2019-14629 (Improper permissions in Intel(R) DAAL before version 2020 Gold may all ...) - TODO: check + NOT-FOR-US: Intel CVE-2019-14628 RESERVED CVE-2019-14627 @@ -33237,7 +33237,7 @@ CVE-2019-14615 (Insufficient control flow in certain data structures for some In CVE-2019-14614 RESERVED CVE-2019-14613 (Improper access control in driver for Intel(R) VTune(TM) Amplifier for ...) - TODO: check + NOT-FOR-US: Intel CVE-2019-14612 (Out of bounds write in firmware for Intel(R) NUC(R) may allow a privil ...) NOT-FOR-US: Intel CVE-2019-14611 (Integer overflow in firmware for Intel(R) NUC(R) may allow a privilege ...) @@ -33263,9 +33263,9 @@ CVE-2019-14603 (Improper permissions in the installer for the License Server sof CVE-2019-14602 (Improper permissions in the installer for the Nuvoton* CIR Driver vers ...) NOT-FOR-US: Nuvoton* CIR Driver CVE-2019-14601 (Improper permissions in the installer for Intel(R) RWC 3 for Windows b ...) - TODO: check + NOT-FOR-US: Intel CVE-2019-14600 (Uncontrolled search path element in the installer for Intel(R) SNMP Su ...) - TODO: check + NOT-FOR-US: Intel CVE-2019-14599 (Unquoted service path in Control Center-I version 2.1.0.0 and earlier ...) NOT-FOR-US: Intel CVE-2019-14598 @@ -44006,7 +44006,7 @@ CVE-2019-11290 (Cloud Foundry UAA Release, versions prior to v74.8.0, logs all q CVE-2019-11289 (Cloud Foundry Routing, all versions before 0.193.0, does not properly ...) NOT-FOR-US: Cloud Foundry Routing CVE-2019-11288 (In Pivotal tc Server, 3.x versions prior to 3.2.19 and 4.x versions pr ...) - TODO: check + NOT-FOR-US: Pivotal CVE-2019-11287 (Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3. ...) - rabbitmq-server <unfixed> (bug #945600) [buster] - rabbitmq-server <no-dsa> (Minor issue) ===================================== data/embedded-code-copies ===================================== @@ -3469,3 +3469,6 @@ libstb - libsixel <unfixed> (embed; bug #949707) - retroarch <unfixed> (embed; bug #949708) - libsfml <unfixed> (embed; bug #949709) + - sumo <unfixed> (embed; bug #950251) + - yquake2 <unfixed> (embed; bug #950252) + - dart <unfixed> (modified-embed) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc319a8d4120a13458c13a6825b73e61f1ca5a53 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc319a8d4120a13458c13a6825b73e61f1ca5a53 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits