Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 82dbd0f2 by Moritz Muehlenhoff at 2020-09-17T10:28:23+02:00 NFUs libraw no-dsa - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1775,9 +1775,11 @@ CVE-2020-24891 REJECTED CVE-2020-24890 (libraw 20.0 has a null pointer dereference vulnerability in parse_tiff ...) - libraw <unfixed> + [buster] - libraw <no-dsa> (Minor issue) NOTE: https://github.com/LibRaw/LibRaw/issues/335 CVE-2020-24889 (A buffer overflow vulnerability in LibRaw version < 20.0 LibRaw::Ge ...) - libraw <unfixed> + [buster] - libraw <no-dsa> (Minor issue) NOTE: https://github.com/LibRaw/LibRaw/issues/334 NOTE: https://github.com/LibRaw/LibRaw/commit/78d323ecbe6a9752aee6e97118a76d40704d73ee CVE-2020-24888 @@ -2858,15 +2860,15 @@ CVE-2020-24379 (WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 CVE-2020-24378 RESERVED CVE-2020-24377 (A DNS rebinding vulnerability in the Freebox OS web interface in Freeb ...) - TODO: check + NOT-FOR-US: Freebox CVE-2020-24376 (A DNS rebinding vulnerability in the UPnP IGD implementations in Freeb ...) - TODO: check + NOT-FOR-US: Freebox CVE-2020-24375 RESERVED CVE-2020-24374 (A DNS rebinding vulnerability in Freebox HD before 1.5.29. ...) - TODO: check + NOT-FOR-US: Freebox CVE-2020-24373 (A CSRF vulnerability in the UPnP MediaServer implementation in Freebox ...) - TODO: check + NOT-FOR-US: Freebox CVE-2020-24372 (LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in ...) - luajit <unfixed> (unimportant) NOTE: https://github.com/LuaJIT/LuaJIT/issues/603 @@ -10849,7 +10851,7 @@ CVE-2020-20408 CVE-2020-20407 RESERVED CVE-2020-20406 (A stored XSS vulnerability exists in the Custom Link Attributes contro ...) - TODO: check + NOT-FOR-US: Elementor Page Builder CVE-2020-20405 RESERVED CVE-2020-20404 @@ -19336,7 +19338,7 @@ CVE-2020-16235 CVE-2020-16234 RESERVED CVE-2020-16233 (An attacker could send a specially crafted packet that could have Code ...) - TODO: check + NOT-FOR-US: CodeMeter CVE-2020-16232 RESERVED CVE-2020-16231 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82dbd0f2a91de92ec35b5015ea879f2fdbd29893 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82dbd0f2a91de92ec35b5015ea879f2fdbd29893 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits