Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: fb50483e by Moritz Muehlenhoff at 2020-03-19T16:10:29+01:00 twisted no-dsa NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -274,9 +274,9 @@ CVE-2020-10567 (An issue was discovered in Responsive Filemanager through 9.14.0 CVE-2018-21036 RESERVED CVE-2020-10566 (grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-1 ...) - TODO: check + NOT-FOR-US: FreeBSD CVE-2020-10565 (grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-1 ...) - TODO: check + NOT-FOR-US: FreeBSD CVE-2020-10564 (An issue was discovered in the File Upload plugin before 4.13.0 for Wo ...) NOT-FOR-US: File Upload plugin for WordPress CVE-2020-10563 (An issue was discovered in DEVOME GRR before 3.4.1c. frmcontactlist.ph ...) @@ -338,7 +338,7 @@ CVE-2020-10537 CVE-2020-10536 RESERVED CVE-2020-10534 (In the GlobalBlocking extension before 2020-03-10 for MediaWiki throug ...) - TODO: check + NOT-FOR-US: MediaWiki extension CVE-2020-10535 (GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote at ...) - gitlab <not-affected> (Only affects Gitlab 12.8.x) NOTE: https://about.gitlab.com/releases/2020/03/11/critical-security-release-gitlab-12-dot-8-dot-6-released/ @@ -1261,11 +1261,15 @@ CVE-2020-10110 (** DISPUTED ** Citrix Gateway 11.1, 12.0, and 12.1 allows Inform CVE-2020-10109 (In Twisted Web through 19.10.0, there was an HTTP request splitting vu ...) {DLA-2145-1} - twisted <unfixed> (bug #953950) + [buster] - twisted <no-dsa> (Minor issue) + [stretch] - twisted <no-dsa> (Minor issue) NOTE: https://know.bishopfox.com/advisories/twisted-version-19.10.0#INOR NOTE: https://github.com/twisted/twisted/commit/4a7d22e490bb8ff836892cc99a1f54b85ccb0281 CVE-2020-10108 (In Twisted Web through 19.10.0, there was an HTTP request splitting vu ...) {DLA-2145-1} - twisted <unfixed> (bug #953950) + [buster] - twisted <no-dsa> (Minor issue) + [stretch] - twisted <no-dsa> (Minor issue) NOTE: https://know.bishopfox.com/advisories/twisted-version-19.10.0#INOR NOTE: https://github.com/twisted/twisted/commit/4a7d22e490bb8ff836892cc99a1f54b85ccb0281 CVE-2020-10107 (PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XS ...) @@ -2799,7 +2803,7 @@ CVE-2020-9410 CVE-2020-9409 RESERVED CVE-2020-9408 (The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire ...) - TODO: check + NOT-FOR-US: TIBCO CVE-2020-9407 (IBL Online Weather before 4.3.5a allows attackers to obtain sensitive ...) NOT-FOR-US: IBL Online Weather CVE-2020-9406 (IBL Online Weather before 4.3.5a allows unauthenticated eval injection ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb50483e6f9c6bddfa0335eb6e51024edd5f4d37 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb50483e6f9c6bddfa0335eb6e51024edd5f4d37 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits