[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Fri, 06 Mar 2020 12:11:07 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
84a1ef86 by security tracker role at 2020-03-06T20:10:25+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2020-10192
+       RESERVED
+CVE-2020-10191
+       RESERVED
+CVE-2020-10190
+       RESERVED
+CVE-2020-10189 (Zoho ManageEngine Desktop Central 10 allows remote code 
execution beca ...)
+       TODO: check
+CVE-2020-10188 (utility.c in telnetd in netkit telnet through 0.17 allows 
remote attac ...)
+       TODO: check
+CVE-2019-20503 (usrsctp before 2019-12-20 has out-of-bounds reads in 
sctp_load_address ...)
+       TODO: check
 CVE-2020-10187
        RESERVED
 CVE-2020-10186
@@ -898,8 +910,8 @@ CVE-2020-9758
        RESERVED
 CVE-2020-9757 (The Seomatic component before 3.2.46 for Craft CMS allows 
Server-Side  ...)
        NOT-FOR-US: Seomatic component for Craft CMS
-CVE-2020-9756
-       RESERVED
+CVE-2020-9756 (Patriot Viper RGB Driver 1.1 and prior exposes IOCTL and allows 
insuff ...)
+       TODO: check
 CVE-2020-9755
        RESERVED
 CVE-2020-9754
@@ -1371,10 +1383,10 @@ CVE-2020-9533
        RESERVED
 CVE-2020-9532
        RESERVED
-CVE-2020-9531
-       RESERVED
-CVE-2020-9530
-       RESERVED
+CVE-2020-9531 (An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM 
devices. In t ...)
+       TODO: check
+CVE-2020-9530 (An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM 
devices. The  ...)
+       TODO: check
 CVE-2020-9529
        RESERVED
 CVE-2020-9528
@@ -1525,16 +1537,16 @@ CVE-2020-9460
        RESERVED
 CVE-2020-9459 (Multiple Stored Cross-site scripting (XSS) vulnerabilities in 
the Webn ...)
        NOT-FOR-US: Webnus Modern Events Calendar Lite plugin for WordPress
-CVE-2020-9458
-       RESERVED
-CVE-2020-9457
-       RESERVED
-CVE-2020-9456
-       RESERVED
-CVE-2020-9455
-       RESERVED
-CVE-2020-9454
-       RESERVED
+CVE-2020-9458 (In the RegistrationMagic plugin through 4.6.0.3 for WordPress, 
the exp ...)
+       TODO: check
+CVE-2020-9457 (The RegistrationMagic plugin through 4.6.0.3 for WordPress 
allows remo ...)
+       TODO: check
+CVE-2020-9456 (In the RegistrationMagic plugin through 4.6.0.3 for WordPress, 
the use ...)
+       TODO: check
+CVE-2020-9455 (The RegistrationMagic plugin through 4.6.0.3 for WordPress 
allows remo ...)
+       TODO: check
+CVE-2020-9454 (A CSRF vulnerability in the RegistrationMagic plugin through 
4.6.0.3 f ...)
+       TODO: check
 CVE-2020-9453
        RESERVED
 CVE-2020-9452
@@ -2654,7 +2666,7 @@ CVE-2020-8993
 CVE-2020-8992 (ext4_protect_reserved_inode in fs/ext4/block_validity.c in the 
Linux k ...)
        - linux <unfixed>
        NOTE: https://patchwork.ozlabs.org/patch/1236118/
-CVE-2020-8991 (vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.02 
mismanages me ...)
+CVE-2020-8991 (** DISPUTED ** vg_lookup in daemons/lvmetad/lvmetad-core.c in 
LVM2 2.0 ...)
        - lvm2 2.03.01-2
        [stretch] - lvm2 <no-dsa> (Minor issue)
        [jessie] - lvm2 <no-dsa> (Minor issue)
@@ -4588,8 +4600,7 @@ CVE-2020-8115 (A reflected XSS vulnerability has been 
discovered in the publicly
 CVE-2020-8114 (GitLab EE 8.9 and later through 12.7.2 has Insecure Permission 
...)
        - gitlab <unfixed>
        NOTE: 
https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
-CVE-2020-8113
-       RESERVED
+CVE-2020-8113 (GitLab 10.7 and later through 12.7.2 has Incorrect Access 
Control. ...)
        - gitlab <unfixed>
        NOTE: 
https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
 CVE-2020-8112 (opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 
through ...)
@@ -4941,7 +4952,7 @@ CVE-2020-7976 (GitLab EE 12.4 and later through 12.7.2 
has Incorrect Access Cont
        - gitlab <not-affected> (Only affects Gitlab EE 12.4 and later)
        NOTE: 
https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
 CVE-2020-7975
-       RESERVED
+       REJECTED
 CVE-2020-7974 (GitLab EE 10.1 through 12.7.2 allows Information Disclosure. 
...)
        - gitlab <not-affected> (Only affects Gitlab EE 10.1 and later)
        NOTE: 
https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84a1ef86eada2111c5a7c1ab16fa5a3fa278ab8b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84a1ef86eada2111c5a7c1ab16fa5a3fa278ab8b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to