[Git][security-tracker-team/security-tracker][master] CVE-2020-1745: Reference upstream pull request
Florian Weimer
fw at debian.org
Sat Apr 11 12:11:31 BST 2020
Florian Weimer pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2781883e by Florian Weimer at 2020-04-11T13:10:25+02:00
CVE-2020-1745: Reference upstream pull request
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25251,6 +25251,9 @@ CVE-2020-1745 [AJP File Read/Inclusion Vulnerability]
RESERVED
- undertow <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1807305
+ NOTE: Variant of the Ghostcat Tomcat vulnerability, CVE-2020-1938.
+ NOTE: According to https://lists.jboss.org/pipermail/undertow-dev/2020-March/002422.html
+ NOTE: the fix is: https://github.com/undertow-io/undertow/pull/859
CVE-2020-1744 (A flaw was found in keycloak before version 9.0.1. When configuring an ...)
NOT-FOR-US: Keycloak
CVE-2020-1743
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2781883e75332b7889e319e41f3de7fc9935376d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2781883e75332b7889e319e41f3de7fc9935376d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200411/b6bab8df/attachment.html>
More information about the debian-security-tracker-commits
mailing list