Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a0e57058 by security tracker role at 2020-07-29T20:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2020-16131
+ RESERVED
+CVE-2020-16130
+ RESERVED
+CVE-2020-16129
+ RESERVED
+CVE-2020-16128
+ RESERVED
+CVE-2020-16127
+ RESERVED
+CVE-2020-16126
+ RESERVED
+CVE-2020-16125
+ RESERVED
+CVE-2020-16124
+ RESERVED
+CVE-2020-16123
+ RESERVED
+CVE-2020-16122
+ RESERVED
+CVE-2020-16121
+ RESERVED
+CVE-2020-16120
+ RESERVED
+CVE-2020-16119
+ RESERVED
+CVE-2020-16118 (In GNOME Balsa before 2.6.0, a malicious server operator or
man in the ...)
+ TODO: check
+CVE-2020-16117 (In GNOME evolution-data-server before 3.35.91, a malicious
server can ...)
+ TODO: check
CVE-2020-16116
RESERVED
CVE-2020-16115
@@ -40,8 +70,8 @@ CVE-2020-16097
RESERVED
CVE-2020-16096
RESERVED
-CVE-2020-16095
- RESERVED
+CVE-2020-16095 (The dlf (aka Kitodo.Presentation) extension before 3.1.2 for
TYPO3 all ...)
+ TODO: check
CVE-2020-16094 (In imap_scan_tree_recursive in Claws Mail through 3.17.6, a
malicious ...)
- claws-mail <unfixed>
NOTE:
https://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=4313
@@ -918,20 +948,19 @@ CVE-2020-15709
RESERVED
CVE-2020-15708
RESERVED
-CVE-2020-15707
- RESERVED
+CVE-2020-15707 (Integer overflows were discovered in the functions
grub_cmd_initrd and ...)
+ {DSA-4735-1}
- grub2 2.04-9
[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
NOTE:
https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=e7b8856f8be3292afdb38d2e8c70ad8d62a61e10
-CVE-2020-15706
- RESERVED
+CVE-2020-15706 (GRUB2 contains a race condition in
grub_script_function_create() leadi ...)
+ {DSA-4735-1}
- grub2 2.04-9
[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
NOTE:
https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=426f57383d647406ae9c628c472059c27cd6e040
-CVE-2020-15705
- RESERVED
+CVE-2020-15705 (GRUB2 fails to validate kernel signature when booted directly
without ...)
- grub2 <unfixed> (unimportant)
NOTE: Issue does not affect standard SB Debian setup.
NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
@@ -1046,6 +1075,7 @@ CVE-2020-15660
RESERVED
CVE-2020-15659
RESERVED
+ {DSA-4736-1 DLA-2297-1}
- firefox 79.0-1
- firefox-esr 68.11.0esr-1
- thunderbird <unfixed>
@@ -1090,6 +1120,7 @@ CVE-2020-15653
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/#CVE-2020-15653
CVE-2020-15652
RESERVED
+ {DSA-4736-1 DLA-2297-1}
- firefox 79.0-1
- firefox-esr 68.11.0esr-1
- thunderbird <unfixed>
@@ -1257,8 +1288,8 @@ CVE-2020-15590
RESERVED
CVE-2020-15589
RESERVED
-CVE-2020-15588
- RESERVED
+CVE-2020-15588 (An issue was discovered in the client side of Zoho
ManageEngine Deskto ...)
+ TODO: check
CVE-2020-15587
RESERVED
CVE-2020-15586 (Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in
some net ...)
@@ -1482,7 +1513,7 @@ CVE-2020-15499
RESERVED
CVE-2020-15498
RESERVED
-CVE-2020-15497 (jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2
build-20200224104759 ...)
+CVE-2020-15497 (** DISPUTED ** jcore/portal/ajaxPortal.jsp in Jalios JCMS
10.0.2 build ...)
NOT-FOR-US: Jalios JCMS
CVE-2020-15496
RESERVED
@@ -2288,8 +2319,8 @@ CVE-2020-15127
RESERVED
CVE-2020-15126 (In parser-server from version 3.5.0 and before 4.3.0, an
authenticated ...)
NOT-FOR-US: Node parser-server
-CVE-2020-15125
- RESERVED
+CVE-2020-15125 (In auth0 (npm package) versions before 2.27.1, a DenyList of
specific ...)
+ TODO: check
CVE-2020-15124 (In Goobi Viewer Core before version 4.8.3, a path traversal
vulnerabil ...)
NOT-FOR-US: Goobi Viewer Core
CVE-2020-15123 (In codecov (npm package) before version 3.7.1 the upload
method has a ...)
@@ -2355,10 +2386,10 @@ CVE-2020-15101 (In freewvs before 0.1.1, a directory
structure of more than 1000
NOT-FOR-US: freewvs
CVE-2020-15100 (In freewvs before 0.1.1, a user could create a large file that
freewvs ...)
NOT-FOR-US: freewvs
-CVE-2020-15099
- RESERVED
-CVE-2020-15098
- RESERVED
+CVE-2020-15099 (In TYPO3 CMS greater than or equal to 9.0.0 and less than
9.5.20, and ...)
+ TODO: check
+CVE-2020-15098 (In TYPO3 CMS greater than or equal to 9.0.0 and less than
9.5.20, and ...)
+ TODO: check
CVE-2020-15097
RESERVED
CVE-2020-15096 (In Electron before versions 6.1.1, 7.2.4, 8.2.4, and
9.0.0-beta21, the ...)
@@ -2384,8 +2415,8 @@ CVE-2020-15088
RESERVED
CVE-2020-15087 (In Presto before version 337, authenticated users can bypass
authoriza ...)
NOT-FOR-US: Presto query engine, different from src:presto
-CVE-2020-15086
- RESERVED
+CVE-2020-15086 (In TYPO3 installations with the "mediace" extension from
version 7.6.2 ...)
+ TODO: check
CVE-2020-15085 (In Saleor Storefront before version 2.10.3, request data used
to authe ...)
NOT-FOR-US: Saleor Storefront
CVE-2020-15084 (In express-jwt (NPM package) up and including version 5.3.3,
the algor ...)
@@ -3681,22 +3712,22 @@ CVE-2020-14495
RESERVED
CVE-2020-14494 (OpenClinic GA versions 5.09.02 and 5.89.05b contain an
authentication ...)
NOT-FOR-US: OpenClinic GA
-CVE-2020-14493
- RESERVED
-CVE-2020-14492
- RESERVED
+CVE-2020-14493 (A low-privilege user may use SQL syntax to write arbitrary
files to th ...)
+ TODO: check
+CVE-2020-14492 (OpenClinic GA 5.09.02 and 5.89.05b does not properly
neutralize user-c ...)
+ TODO: check
CVE-2020-14491 (OpenClinic GA versions 5.09.02 and 5.89.05b do not properly
check perm ...)
NOT-FOR-US: OpenClinic GA
-CVE-2020-14490
- RESERVED
-CVE-2020-14489
- RESERVED
-CVE-2020-14488
- RESERVED
-CVE-2020-14487
- RESERVED
-CVE-2020-14486
- RESERVED
+CVE-2020-14490 (OpenClinic GA 5.09.02 and 5.89.05b includes arbitrary local
files spec ...)
+ TODO: check
+CVE-2020-14489 (OpenClinic GA 5.09.02 and 5.89.05b stores passwords using
inadequate h ...)
+ TODO: check
+CVE-2020-14488 (OpenClinic GA 5.09.02 and 5.89.05b does not properly verify
uploaded f ...)
+ TODO: check
+CVE-2020-14487 (OpenClinic GA 5.09.02 contains a hidden default user account
that may ...)
+ TODO: check
+CVE-2020-14486 (An attacker may bypass permission/authorization checks in
OpenClinic G ...)
+ TODO: check
CVE-2020-14485 (OpenClinic GA versions 5.09.02 and 5.89.05b may allow an
attacker to b ...)
NOT-FOR-US: OpenClinic GA
CVE-2020-14484 (OpenClinic GA versions 5.09.02 and 5.89.05b may allow an
attacker to b ...)
@@ -4405,8 +4436,7 @@ CVE-2020-14318
CVE-2020-14317
RESERVED
- wildfly <itp> (bug #752018)
-CVE-2020-14316
- RESERVED
+CVE-2020-14316 (A flaw was found in kubevirt 0.29 and earlier. Virtual Machine
Instanc ...)
NOT-FOR-US: KubeVirt
CVE-2020-14315
RESERVED
@@ -4428,24 +4458,27 @@ CVE-2020-14312
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1851342
CVE-2020-14311
RESERVED
+ {DSA-4735-1}
- grub2 2.04-9
[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
NOTE:
https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=3f05d693d1274965ffbe4ba99080dc2c570944c6
CVE-2020-14310
RESERVED
+ {DSA-4735-1}
- grub2 2.04-9
[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
NOTE:
https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=3f05d693d1274965ffbe4ba99080dc2c570944c6
CVE-2020-14309
RESERVED
+ {DSA-4735-1}
- grub2 2.04-9
[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
NOTE:
https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=3f05d693d1274965ffbe4ba99080dc2c570944c6
-CVE-2020-14308
- RESERVED
+CVE-2020-14308 (In grub2 versions before 2.06 the grub memory allocator
doesn't check ...)
+ {DSA-4735-1}
- grub2 2.04-9
[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
@@ -6082,8 +6115,8 @@ CVE-2020-13701
RESERVED
CVE-2020-13700 (An issue was discovered in the acf-to-rest-api plugin through
3.1.0 fo ...)
NOT-FOR-US: acf-to-rest-api plugin for WordPress
-CVE-2020-13699
- RESERVED
+CVE-2020-13699 (TeamViewer Desktop for Windows before 15.8.3 does not properly
quote i ...)
+ TODO: check
CVE-2020-13698
RESERVED
CVE-2020-13697
@@ -10378,13 +10411,11 @@ CVE-2020-11935
NOTE: https://sourceforge.net/p/aufs/mailman/message/37048642/
NOTE:
https://github.com/sfjro/aufs4-linux/commit/515a586eeef31e0717d5dea21e2c11a965340b3c
NOTE:
https://github.com/sfjro/aufs4-linux/commit/f10aea57d39d6cd311312e9e7746804f7059b5c8
-CVE-2020-11934
- RESERVED
+CVE-2020-11934 (It was discovered that snapctl user-open allowed altering the
$XDG_DAT ...)
- snapd 2.45.2-1
[buster] - snapd <no-dsa> (Minor issue)
NOTE:
https://github.com/snapcore/snapd/commit/06342a31878f1cf99d56da5483e71b9af61f46ad
-CVE-2020-11933
- RESERVED
+CVE-2020-11933 (cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu
Core 18 de ...)
NOT-FOR-US: cloud-init in some Ubuntu images
CVE-2020-11932 (It was discovered that the Subiquity installer for Ubuntu
Server logge ...)
NOT-FOR-US: Subiquity installer for Ubuntu
@@ -15043,6 +15074,7 @@ CVE-2020-10714
NOT-FOR-US: WildFly Elytron
CVE-2020-10713
RESERVED
+ {DSA-4735-1}
- grub2 2.04-9
[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
NOTE: https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/
@@ -17521,14 +17553,14 @@ CVE-2020-9694
RESERVED
CVE-2020-9693
RESERVED
-CVE-2020-9692
- RESERVED
-CVE-2020-9691
- RESERVED
-CVE-2020-9690
- RESERVED
-CVE-2020-9689
- RESERVED
+CVE-2020-9692 (Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier
have a ...)
+ TODO: check
+CVE-2020-9691 (Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier
have a ...)
+ TODO: check
+CVE-2020-9690 (Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier
have a ...)
+ TODO: check
+CVE-2020-9689 (Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier
have a ...)
+ TODO: check
CVE-2020-9688 (Adobe Download Manager version 2.0.0.518 have a command
injection vuln ...)
NOT-FOR-US: Adobe
CVE-2020-9687 (Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020
have an ...)
@@ -20254,8 +20286,8 @@ CVE-2020-8555 (The Kubernetes kube-controller-manager
in versions v1.0-1.14, ver
NOTE: https://github.com/kubernetes/kubernetes/issues/91542
CVE-2020-8554
RESERVED
-CVE-2020-8553
- RESERVED
+CVE-2020-8553 (The Kubernetes ingress-nginx component prior to version 0.28.0
allows ...)
+ TODO: check
CVE-2020-8552 (The Kubernetes API server component in versions prior to
1.15.9, 1.16. ...)
- kubernetes 1.17.4-1
NOTE: https://github.com/kubernetes/kubernetes/issues/89378
@@ -22354,13 +22386,13 @@ CVE-2020-7700
RESERVED
CVE-2020-7699
RESERVED
-CVE-2020-7698
- RESERVED
-CVE-2020-7697
- RESERVED
+CVE-2020-7698 (This affects the package Gerapy from 0 and before 0.9.3. The
input bei ...)
+ TODO: check
+CVE-2020-7697 (This affects all versions of package mock2easy. a malicious
user could ...)
+ TODO: check
CVE-2020-7696 (This affects all versions of package react-native-fast-image.
When an ...)
TODO: check
-CVE-2020-7695 (This affects all versions of package uvicorn. Uvicorn's
implementation ...)
+CVE-2020-7695 (Uvicorn before 0.11.7 is vulnerable to HTTP response splitting.
CRLF s ...)
TODO: check
CVE-2020-7694 (This affects all versions of package uvicorn. The request
logger provi ...)
TODO: check
@@ -25241,6 +25273,7 @@ CVE-2020-6515 (Use after free in tab strip in Google
Chrome prior to 84.0.4147.8
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6514 (Inappropriate implementation in WebRTC in Google Chrome prior
to 84.0. ...)
+ {DSA-4736-1 DLA-2297-1}
[experimental] - chromium 84.0.4147.89-1
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -25445,7 +25478,7 @@ CVE-2020-6464 (Type confusion in Blink in Google Chrome
prior to 81.0.4044.138 a
- chromium 83.0.4103.83-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6463 (Use after free in ANGLE in Google Chrome prior to 81.0.4044.122
allowe ...)
- {DSA-4714-1}
+ {DSA-4736-1 DSA-4714-1 DLA-2297-1}
- chromium 83.0.4103.83-1
[stretch] - chromium <end-of-life> (see DSA 4562)
- firefox 79.0-1
@@ -27126,14 +27159,14 @@ CVE-2020-5765 (Nessus 8.10.0 and earlier were found
to contain a Stored XSS vuln
NOT-FOR-US: Nessus
CVE-2020-5764 (MX Player Android App versions prior to v1.24.5, are vulnerable
to a d ...)
NOT-FOR-US: MX Player Android App
-CVE-2020-5763
- RESERVED
-CVE-2020-5762
- RESERVED
-CVE-2020-5761
- RESERVED
-CVE-2020-5760
- RESERVED
+CVE-2020-5763 (Grandstream HT800 series firmware version 1.0.17.5 and below
contain a ...)
+ TODO: check
+CVE-2020-5762 (Grandstream HT800 series firmware version 1.0.17.5 and below is
vulner ...)
+ TODO: check
+CVE-2020-5761 (Grandstream HT800 series firmware version 1.0.17.5 and below is
vulner ...)
+ TODO: check
+CVE-2020-5760 (Grandstream HT800 series firmware version 1.0.17.5 and below is
vulner ...)
+ TODO: check
CVE-2020-5759 (Grandstream UCM6200 series firmware version 1.0.20.23 and below
is vul ...)
NOT-FOR-US: Grandstream
CVE-2020-5758 (Grandstream UCM6200 series firmware version 1.0.20.23 and below
is vul ...)
@@ -30050,10 +30083,10 @@ CVE-2020-4647
RESERVED
CVE-2020-4646
RESERVED
-CVE-2020-4645
- RESERVED
-CVE-2020-4644
- RESERVED
+CVE-2020-4645 (IBM Planning Analytics Local 2.0.0 through 2.0.9.1 is
vulnerable to cr ...)
+ TODO: check
+CVE-2020-4644 (IBM Planning Analytics Local 2.0.0 through 2.0.9.1 could allow
a remot ...)
+ TODO: check
CVE-2020-4643
RESERVED
CVE-2020-4642
@@ -30192,22 +30225,22 @@ CVE-2020-4576
RESERVED
CVE-2020-4575
RESERVED
-CVE-2020-4574
- RESERVED
-CVE-2020-4573
- RESERVED
-CVE-2020-4572
- RESERVED
+CVE-2020-4574 (IBM Tivoli Key Lifecycle Manager does not require that users
should ha ...)
+ TODO: check
+CVE-2020-4573 (IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could disclose
sensitiv ...)
+ TODO: check
+CVE-2020-4572 (IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could allow a
remote at ...)
+ TODO: check
CVE-2020-4571
RESERVED
CVE-2020-4570
RESERVED
-CVE-2020-4569
- RESERVED
+CVE-2020-4569 (IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 uses a
protection mecha ...)
+ TODO: check
CVE-2020-4568
RESERVED
-CVE-2020-4567
- RESERVED
+CVE-2020-4567 (IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 uses an
inadequate acco ...)
+ TODO: check
CVE-2020-4566
RESERVED
CVE-2020-4565 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an
attacke ...)
@@ -30414,8 +30447,8 @@ CVE-2020-4465 (IBM MQ, IBM MQ Appliance, and IBM MQ for
HPE NonStop 8.0, 9.1 CD,
NOT-FOR-US: IBM
CVE-2020-4464 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0
traditional co ...)
NOT-FOR-US: IBM
-CVE-2020-4463
- RESERVED
+CVE-2020-4463 (IBM Maximo Asset Management 7.6.0.1 and 7.6.0.2 is vulnerable
to an XM ...)
+ TODO: check
CVE-2020-4462 (IBM Sterling External Authentication Server 6.0.1, 6.0.0,
2.4.3.2, and ...)
NOT-FOR-US: IBM
CVE-2020-4461 (IBM Security Access Manager Appliance 9.0.7.1 could allow an
authentic ...)
@@ -31253,6 +31286,7 @@ CVE-2020-4051 (In Dijit before versions 1.11.11, and
greater than or equal to 1.
CVE-2020-4045 (SSB-DB version 20.0.0 has an information disclosure
vulnerability. The ...)
NOT-FOR-US: SSB-DB
CVE-2020-4044 (The xrdp-sesman service before version 0.9.13.1 can be crashed
by conn ...)
+ {DSA-4737-1}
- xrdp 0.9.12-1.1 (bug #964573)
NOTE:
https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-j9fv-6fwf-p3g4
NOTE: Fixed by:
https://github.com/neutrinolabs/xrdp/commit/e593f58a82bf79b556601ae08e9e25e366a662fb
@@ -31780,24 +31814,24 @@ CVE-2019-20035
RESERVED
CVE-2019-20034
RESERVED
-CVE-2019-20033
- RESERVED
-CVE-2019-20032
- RESERVED
-CVE-2019-20031
- RESERVED
-CVE-2019-20030
- RESERVED
-CVE-2019-20029
- RESERVED
-CVE-2019-20028
- RESERVED
-CVE-2019-20027
- RESERVED
-CVE-2019-20026
- RESERVED
-CVE-2019-20025
- RESERVED
+CVE-2019-20033 (On Aspire-derived NEC PBXes, including all versions of SV8100
devices, ...)
+ TODO: check
+CVE-2019-20032 (An attacker with access to an InMail voicemail box equipped
with the f ...)
+ TODO: check
+CVE-2019-20031 (NEC UM8000, UM4730 and prior non-InMail voicemail systems with
all kno ...)
+ TODO: check
+CVE-2019-20030 (An attacker with knowledge of the modem access number on a NEC
UM8000 ...)
+ TODO: check
+CVE-2019-20029 (An exploitable privilege escalation vulnerability exists in
the WebPro ...)
+ TODO: check
+CVE-2019-20028 (Aspire-derived NEC PBXes operating InMail software, including
all vers ...)
+ TODO: check
+CVE-2019-20027 (Aspire-derived NEC PBXes, including the SV8100, SV9100, SL1100
and SL2 ...)
+ TODO: check
+CVE-2019-20026 (The WebPro interface in NEC SV9100 software releases 7.0 or
higher all ...)
+ TODO: check
+CVE-2019-20025 (Certain builds of NEC SV9100 software could allow an
unauthenticated, ...)
+ TODO: check
CVE-2019-20024 (A heap-based buffer overflow was discovered in
image_buffer_resize in ...)
- libsixel 1.8.6-1 (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
@@ -37055,12 +37089,12 @@ CVE-2020-2080
RESERVED
CVE-2020-2079
RESERVED
-CVE-2020-2078
- RESERVED
-CVE-2020-2077
- RESERVED
-CVE-2020-2076
- RESERVED
+CVE-2020-2078 (Passwords are stored in plain text within the configuration of
SICK Pa ...)
+ TODO: check
+CVE-2020-2077 (SICK Package Analytics software up to and including version
V04.0.0 ar ...)
+ TODO: check
+CVE-2020-2076 (SICK Package Analytics software up to and including version
V04.0.0 ar ...)
+ TODO: check
CVE-2020-2075
RESERVED
CVE-2020-2074
@@ -79084,7 +79118,7 @@ CVE-2019-7149 (A heap-based buffer over-read was
discovered in the function read
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24102
NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00068.html
NOTE:
https://sourceware.org/git/?p=elfutils.git;a=commit;h=2562759d6fe5b364fe224852e64e8bda39eb2e35
-CVE-2019-7148 (**DISPUTED** An attempted excessive memory allocation was
discovered i ...)
+CVE-2019-7148 (An attempted excessive memory allocation was discovered in the
functio ...)
- elfutils 0.176-1 (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24085
NOTE:
https://sourceware.org/git/?p=elfutils.git;a=commit;h=e32380ecefbb23448541367283d3b94930762986
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0e57058ca4665080182f1ac0f5f27ece42ec78b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0e57058ca4665080182f1ac0f5f27ece42ec78b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
