Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 21e65b51 by Salvatore Bonaccorso at 2020-11-27T05:54:47+01:00 golang-github-go-ethereum: Replace some NFUs with ITP referenced entry - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -9662,11 +9662,11 @@ CVE-2020-26243 (Nanopb is a small code-size Protocol Buffers implementation. In NOTE: https://github.com/nanopb/nanopb/commit/edf6dcbffee4d614ac0c2c1b258ab95185bdb6e9 (0.4.4) NOTE: https://github.com/nanopb/nanopb/issues/615 CVE-2020-26242 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...) - NOT-FOR-US: Go Ethereum + - golang-github-go-ethereum <itp> (bug #890541) CVE-2020-26241 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...) - NOT-FOR-US: Go Ethereum + - golang-github-go-ethereum <itp> (bug #890541) CVE-2020-26240 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...) - NOT-FOR-US: Go Ethereum + - golang-github-go-ethereum <itp> (bug #890541) CVE-2020-26239 (Scratch Addons is a WebExtension that supports both Chrome and Firefox ...) NOT-FOR-US: Scratch Addons CVE-2020-26238 (Cron-utils is a Java library to parse, validate, migrate crons as well ...) @@ -120988,7 +120988,7 @@ CVE-2018-20423 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote CVE-2018-20422 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attac ...) NOT-FOR-US: DiscuzX CVE-2018-20421 (Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of se ...) - NOT-FOR-US: Go Ethereum + - golang-github-go-ethereum <itp> (bug #890541) CVE-2018-20420 (In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access C ...) NOT-FOR-US: webERP CVE-2018-20419 (DouCo DouPHP 1.5 has upload/admin/manager.php?rec=insert CSRF to add a ...) @@ -131877,7 +131877,7 @@ CVE-2018-19186 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2 CVE-2018-19185 (An issue has been found in libIEC61850 v1.3. It is a heap-based buffer ...) NOT-FOR-US: libIEC61850 CVE-2018-19184 (cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attackers to ...) - NOT-FOR-US: Go Ethereum + - golang-github-go-ethereum <itp> (bug #890541) CVE-2018-19183 (ethereumjs-vm 2.4.0 allows attackers to cause a denial of service (vm. ...) NOT-FOR-US: ethereumjs-vm CVE-2018-19182 (Engelsystem before commit hash 2e28336 allows CSRF. ...) @@ -138448,7 +138448,7 @@ CVE-2018-16735 CVE-2018-16734 RESERVED CVE-2018-16733 (In Go Ethereum (aka geth) before 1.8.14, TraceChain in eth/api_tracer. ...) - NOT-FOR-US: Go Ethereum + - golang-github-go-ethereum <itp> (bug #890541) CVE-2018-16732 (\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via adm ...) NOT-FOR-US: CScms CVE-2018-16731 (CScms 4.1 allows arbitrary file upload by (for example) adding the php ...) @@ -150906,7 +150906,7 @@ CVE-2018-12019 (The signature verification routine in Enigmail before 2.0.7 inte NOTE: https://www.openwall.com/lists/oss-security/2018/06/13/10 NOTE: https://neopg.io/blog/enigmail-signature-spoof/ CVE-2018-12018 (The GetBlockHeadersMsg handler in the LES protocol implementation in G ...) - NOT-FOR-US: Go Ethereum + - golang-github-go-ethereum <itp> (bug #890541) CVE-2018-12017 RESERVED CVE-2018-12016 (libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows rem ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21e65b511b0d8523617bdba4901ca61d62129b24 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21e65b511b0d8523617bdba4901ca61d62129b24 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits