Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7d0477b0 by security tracker role at 2020-07-30T08:10:27+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2020-16145
+ RESERVED
+CVE-2020-16144
+ RESERVED
+CVE-2020-16143 (The seafile-client client 7.0.8 for Seafile is vulnerable to
DLL hijac ...)
+ TODO: check
+CVE-2020-16142
+ RESERVED
+CVE-2020-16141
+ RESERVED
+CVE-2020-16140
+ RESERVED
+CVE-2020-16139
+ RESERVED
+CVE-2020-16138
+ RESERVED
+CVE-2020-16137
+ RESERVED
+CVE-2020-16136
+ RESERVED
+CVE-2020-16135 (libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if
ssh_buf ...)
+ TODO: check
+CVE-2020-16134
+ RESERVED
+CVE-2020-16133
+ RESERVED
+CVE-2020-16132
+ RESERVED
+CVE-2017-18923 (beroNet VoIP Gateways before 3.0.16 have a PHP script that
allows down ...)
+ TODO: check
CVE-2020-16131
RESERVED
CVE-2020-16130
@@ -18599,7 +18629,7 @@ CVE-2020-9272 (ProFTPD 1.3.7 has an out-of-bounds (OOB)
read vulnerability in mo
NOTE: Debian does not build mod_cap and does not use the embedded
libcap.
NOTE: Sourcewise fixed in 1.3.6c by updating to the lastest libcap.
CVE-2019-20479 (A flaw was found in mod_auth_openidc before version 2.4.1. An
open red ...)
- {DLA-2130-1}
+ {DLA-2298-1 DLA-2130-1}
- libapache2-mod-auth-openidc 2.4.1-1
[buster] - libapache2-mod-auth-openidc <no-dsa> (Minor issue)
NOTE:
https://github.com/zmartzone/mod_auth_openidc/commit/02431c0adfa30f478cf2eb20ed6ea51fdf446be7
@@ -55041,7 +55071,7 @@ CVE-2019-14858 (A vulnerability was found in Ansible
engine 2.x up to 2.8 and An
NOTE: https://github.com/ansible/ansible/pull/63405
NOTE: Sub-options/sub-specs/sub-parameters introduced in
https://github.com/ansible/ansible/commit/25de905c6e05bd6df91f4299628ee6d386d3da50
(2.4)
CVE-2019-14857 (A flaw was found in mod_auth_openidc before version 2.4.0.1.
An open r ...)
- {DLA-1996-1}
+ {DLA-2298-1 DLA-1996-1}
- libapache2-mod-auth-openidc 2.4.0.3-1 (bug #942165)
[buster] - libapache2-mod-auth-openidc <no-dsa> (Minor issue)
NOTE:
https://github.com/zmartzone/mod_auth_openidc/commit/5c15dfb08106c2451c2c44ce7ace6813c216ba75
@@ -70931,7 +70961,7 @@ CVE-2019-1010249 (The Linux Foundation ONOS 2.0.0 and
earlier is affected by: In
CVE-2019-1010248 (Synetics GmbH I-doit 1.12 and earlier is affected by: SQL
Injection. T ...)
NOT-FOR-US: ONOS
CVE-2019-1010247 (ZmartZone IAM mod_auth_openidc 2.3.10.1 and earlier is
affected by: Cr ...)
- {DLA-1894-1}
+ {DLA-2298-1 DLA-1894-1}
- libapache2-mod-auth-openidc 2.3.10.2-1
NOTE: Fixed by:
https://github.com/zmartzone/mod_auth_openidc/commit/132a4111bf3791e76437619a66336dce2ce4c79b
(v2.3.10.2)
NOTE:
https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2019-001_mod_auth_openidc_reflected_xss.txt
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d0477b0f601eb75a3ac3b1e260aa8c2995d4b23
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d0477b0f601eb75a3ac3b1e260aa8c2995d4b23
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
