diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2021-03-03 21:29:55 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-03-03 21:29:55 +0100 |
| commit | ea305294ad74a9e77eed017aaa29b3ffd79e6e7f (patch) | |
| tree | dabb4cd3717fb8499b06f55148a1b1ac7ef37789 | |
| parent | 23e05ed44f6ea42a79951ed5e735d251924aa0b1 (diff) | |
CVE-2020-28498/node-elliptic fixed in unstable
| -rw-r--r-- | data/CVE/2020.list | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 9fff9c90ac..39df7d1a57 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -5452,7 +5452,7 @@ CVE-2020-28500 (All versions of package lodash; all versions of package org.fuji CVE-2020-28499 (All versions of package merge are vulnerable to Prototype Pollution vi ...) NOTE: Only bogus references listed, unclear what this is about CVE-2020-28498 (The package elliptic before 6.5.4 are vulnerable to Cryptographic Issu ...) - - node-elliptic <unfixed> + - node-elliptic 6.5.4~dfsg-1 NOTE: https://github.com/indutny/elliptic/commit/441b7428b0e8f6636c42118ad2aaa186d3c34c3f NOTE: https://github.com/christianlundkvist/blog/blob/master/2020_05_26_secp256k1_twist_attacks/secp256k1_twist_attacks.md CVE-2020-28497 |