Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 32334cfa by Moritz Muehlenhoff at 2020-06-29T09:59:50+02:00 new google-compute-image-packages issues NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,9 +1,9 @@ CVE-2020-15365 (LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in ...) TODO: check CVE-2020-15364 (The Nexos theme through 1.7 for WordPress allows top-map/?search_locat ...) - TODO: check + NOT-FOR-US: Wordpress theme CVE-2020-15363 (The Nexos theme through 1.7 for WordPress allows side-map/?search_orde ...) - TODO: check + NOT-FOR-US: Wordpress theme CVE-2020-15362 RESERVED CVE-2020-15361 @@ -113,13 +113,13 @@ CVE-2020-15313 CVE-2020-15312 RESERVED CVE-2020-15311 (Stash 1.0.3 allows SQL Injection via the downloadmp3.php download para ...) - TODO: check + NOT-FOR-US: Stash CVE-2020-15310 RESERVED CVE-2020-15309 RESERVED CVE-2020-15308 (Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows post-a ...) - TODO: check + NOT-FOR-US: Support Incident Tracker CVE-2020-15307 RESERVED CVE-2020-15306 (An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount a ...) @@ -720,9 +720,9 @@ CVE-2020-15019 CVE-2020-15018 (playSMS through 1.4.3 is vulnerable to session fixation. ...) NOT-FOR-US: playSMS CVE-2020-15017 (NeDi 1.9C is vulnerable to reflected cross-site scripting. The Devices ...) - TODO: check + NOT-FOR-US: NeDi CVE-2020-15016 (NeDi 1.9C is vulnerable to reflected cross-site scripting. The Other-C ...) - TODO: check + NOT-FOR-US: NeDi CVE-2020-15015 (The FileExplorer component in GleamTech FileUltimate 6.1.5.0 allows XS ...) NOT-FOR-US: FileExplorer component in GleamTech FileUltimate CVE-2020-15014 (pramodmahato BlogCMS through 2019-12-31 has admin/changepass.php CSRF. ...) @@ -16831,7 +16831,7 @@ CVE-2020-9049 CVE-2020-9048 RESERVED CVE-2020-9047 (A vulnerability exists that could allow the execution of unauthorized ...) - TODO: check + NOT-FOR-US: exacqVision Web Service CVE-2020-9046 (A vulnerability in all versions of Kantech EntraPass Editions could po ...) NOT-FOR-US: Kantech CVE-2020-9045 (During installation or upgrade to Software House C•CURE 9000 v2. ...) @@ -17128,7 +17128,9 @@ CVE-2020-8935 CVE-2020-8934 RESERVED CVE-2020-8933 (A vulnerability in Google Cloud Platform's guest-oslogin versions betw ...) - TODO: check + - google-compute-image-packages <unfixed> + NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619 + NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29 CVE-2020-8932 RESERVED CVE-2020-8931 @@ -17182,7 +17184,9 @@ CVE-2020-8909 CVE-2020-8908 RESERVED CVE-2020-8907 (A vulnerability in Google Cloud Platform's guest-oslogin versions betw ...) - TODO: check + - google-compute-image-packages <unfixed> + NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619 + NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29 CVE-2020-8906 RESERVED CVE-2020-8905 @@ -17190,7 +17194,9 @@ CVE-2020-8905 CVE-2020-8904 RESERVED CVE-2020-8903 (A vulnerability in Google Cloud Platform's guest-oslogin versions betw ...) - TODO: check + - google-compute-image-packages <unfixed> + NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619 + NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29 CVE-2020-8902 RESERVED CVE-2020-8901 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32334cfa0cd254023b8374cec1f928fc38264b85 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32334cfa0cd254023b8374cec1f928fc38264b85 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits