Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
21e65b51 by Salvatore Bonaccorso at 2020-11-27T05:54:47+01:00
golang-github-go-ethereum: Replace some NFUs with ITP referenced entry
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9662,11 +9662,11 @@ CVE-2020-26243 (Nanopb is a small code-size Protocol
Buffers implementation. In
NOTE:
https://github.com/nanopb/nanopb/commit/edf6dcbffee4d614ac0c2c1b258ab95185bdb6e9
(0.4.4)
NOTE: https://github.com/nanopb/nanopb/issues/615
CVE-2020-26242 (Go Ethereum, or "Geth", is the official Golang implementation
of the E ...)
- NOT-FOR-US: Go Ethereum
+ - golang-github-go-ethereum <itp> (bug #890541)
CVE-2020-26241 (Go Ethereum, or "Geth", is the official Golang implementation
of the E ...)
- NOT-FOR-US: Go Ethereum
+ - golang-github-go-ethereum <itp> (bug #890541)
CVE-2020-26240 (Go Ethereum, or "Geth", is the official Golang implementation
of the E ...)
- NOT-FOR-US: Go Ethereum
+ - golang-github-go-ethereum <itp> (bug #890541)
CVE-2020-26239 (Scratch Addons is a WebExtension that supports both Chrome and
Firefox ...)
NOT-FOR-US: Scratch Addons
CVE-2020-26238 (Cron-utils is a Java library to parse, validate, migrate crons
as well ...)
@@ -120988,7 +120988,7 @@ CVE-2018-20423 (Discuz! DiscuzX 3.4, when WeChat
login is enabled, allows remote
CVE-2018-20422 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows
remote attac ...)
NOT-FOR-US: DiscuzX
CVE-2018-20421 (Go Ethereum (aka geth) 1.8.19 allows attackers to cause a
denial of se ...)
- NOT-FOR-US: Go Ethereum
+ - golang-github-go-ethereum <itp> (bug #890541)
CVE-2018-20420 (In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect
Access C ...)
NOT-FOR-US: webERP
CVE-2018-20419 (DouCo DouPHP 1.5 has upload/admin/manager.php?rec=insert CSRF
to add a ...)
@@ -131877,7 +131877,7 @@ CVE-2018-19186 (The Amazon PAYFORT payfort-php-SDK
payment gateway SDK through 2
CVE-2018-19185 (An issue has been found in libIEC61850 v1.3. It is a
heap-based buffer ...)
NOT-FOR-US: libIEC61850
CVE-2018-19184 (cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows
attackers to ...)
- NOT-FOR-US: Go Ethereum
+ - golang-github-go-ethereum <itp> (bug #890541)
CVE-2018-19183 (ethereumjs-vm 2.4.0 allows attackers to cause a denial of
service (vm. ...)
NOT-FOR-US: ethereumjs-vm
CVE-2018-19182 (Engelsystem before commit hash 2e28336 allows CSRF. ...)
@@ -138448,7 +138448,7 @@ CVE-2018-16735
CVE-2018-16734
RESERVED
CVE-2018-16733 (In Go Ethereum (aka geth) before 1.8.14, TraceChain in
eth/api_tracer. ...)
- NOT-FOR-US: Go Ethereum
+ - golang-github-go-ethereum <itp> (bug #890541)
CVE-2018-16732 (\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF
via adm ...)
NOT-FOR-US: CScms
CVE-2018-16731 (CScms 4.1 allows arbitrary file upload by (for example) adding
the php ...)
@@ -150906,7 +150906,7 @@ CVE-2018-12019 (The signature verification routine in
Enigmail before 2.0.7 inte
NOTE: https://www.openwall.com/lists/oss-security/2018/06/13/10
NOTE: https://neopg.io/blog/enigmail-signature-spoof/
CVE-2018-12018 (The GetBlockHeadersMsg handler in the LES protocol
implementation in G ...)
- NOT-FOR-US: Go Ethereum
+ - golang-github-go-ethereum <itp> (bug #890541)
CVE-2018-12017
RESERVED
CVE-2018-12016 (libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1
allows rem ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21e65b511b0d8523617bdba4901ca61d62129b24
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21e65b511b0d8523617bdba4901ca61d62129b24
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
