diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2020-07-24 18:13:56 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2020-07-24 18:13:56 +0200 |
commit | db2995fef5db9d33ea33fe366e2cdabfd5d959eb (patch) | |
tree | 353071e3a451e82bbce6cbe629822de792922f58 /data/CVE | |
parent | 6f20c1919b45fcda00d97bd5ccc232a75f69c168 (diff) |
buster triage
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/2013.list | 3 | ||||
-rw-r--r-- | data/CVE/2020.list | 9 |
2 files changed, 6 insertions, 6 deletions
diff --git a/data/CVE/2013.list b/data/CVE/2013.list index 66b78e7e82..c49a0a6ff5 100644 --- a/data/CVE/2013.list +++ b/data/CVE/2013.list @@ -1,5 +1,6 @@ CVE-2013-7489 (The Beaker library through 1.11.0 for Python is affected by deserializ ...) - - beaker <unfixed> + - beaker <unfixed> (bug #966197) + [buster] - beaker <no-dsa> (Minor issue) NOTE: https://github.com/bbangert/beaker/issues/191 NOTE: https://www.openwall.com/lists/oss-security/2020/05/14/11 CVE-2013-7488 (perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 ...) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 6de37597a4..e4a43327db 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -24644,15 +24644,13 @@ CVE-2020-5400 (Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, CVE-2020-5399 (Cloud Foundry CredHub, versions prior to 2.5.10, connects to a MySQL d ...) NOT-FOR-US: Cloud Foundry CredHub CVE-2020-5398 (In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x pri ...) - - libspring-java <unfixed> - [jessie] - libspring-java <not-affected> (Vulnerable code not present) + - libspring-java <not-affected> (Vulnerable code not present) NOTE: https://pivotal.io/security/cve-2020-5398 NOTE: https://github.com/spring-projects/spring-framework/issues/24220 NOTE: https://github.com/spring-projects/spring-framework/commit/41f40c6c229d3b4f768718f1ec229d8f0ad76d76 NOTE: https://github.com/spring-projects/spring-framework/commit/956ffe68587c8d5f21135b5ce4650af0c2dea933 CVE-2020-5397 (Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF ...) - - libspring-java <unfixed> - [jessie] - libspring-java <not-affected> (Vulnerable code not present) + - libspring-java <not-affected> (Only affects 5.2.x) NOTE: https://pivotal.io/security/cve-2020-5397 NOTE: https://github.com/spring-projects/spring-framework/issues/24327 NOTE: https://github.com/spring-projects/spring-framework/commit/bc7d01048579430b4b2df668178809b63d3f1929 @@ -32735,7 +32733,8 @@ CVE-2020-1724 (A flaw was found in Keycloak in versions before 9.0.2. This flaw CVE-2020-1723 RESERVED CVE-2020-1722 (A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending ...) - - freeipa <unfixed> + - freeipa <unfixed> (bug #966200) + [buster] - freeipa <no-dsa> (Minor issue) NOTE: https://pagure.io/freeipa/issue/8268 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793071 CVE-2020-1721 |